site.crefaz.com.br Open in urlscan Pro
200.95.188.69 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://site.crefaz.com.br/
Submission: On October 12 via manual (October 12th 2022, 5:21:46 pm UTC) from CA — Scanned from CA

Summary HTTP 299 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 84 IPs in 12 countries across 104 domains to perform 299 HTTP transactions. The main IP is 200.95.188.69, located in Rio de Janeiro, Brazil and belongs to EQUINIX BRASIL, BR. The main domain is site.crefaz.com.br.
TLS certificate: Issued by R3 on September 12th 2022. Valid for: 3 months.

This is the only time site.crefaz.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
47	200.95.188.69 200.95.188.69	26592 (EQUINIX B...) (EQUINIX BRASIL)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2008	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:507	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
17	2607:f8b0:400... 2607:f8b0:4006:820::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
4	54.232.190.40 54.232.190.40	16509 (AMAZON-02) (AMAZON-02)
3	51.89.24.70 51.89.24.70	16276 (OVH) (OVH)
21	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c09::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80a::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	18.164.124.103 18.164.124.103	16509 (AMAZON-02) (AMAZON-02)
3	3.136.124.95 3.136.124.95	16509 (AMAZON-02) (AMAZON-02)
1	99.84.119.117 99.84.119.117	16509 (AMAZON-02) (AMAZON-02)
4	23.192.50.25 23.192.50.25	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:4bab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.19.39 104.18.19.39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	108.138.128.28 108.138.128.28	16509 (AMAZON-02) (AMAZON-02)
1	45.55.120.93 45.55.120.93	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2606:4700:e0:... 2606:4700:e0::ac40:6a19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 6	141.94.171.215 141.94.171.215	16276 (OVH) (OVH)
4 4	52.0.156.250 52.0.156.250	14618 (AMAZON-AES) (AMAZON-AES)
5 18	107.20.181.84 107.20.181.84	14618 (AMAZON-AES) (AMAZON-AES)
4 9	173.223.57.84 173.223.57.84	16625 (AKAMAI-AS) (AKAMAI-AS)
14 14	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	108.139.29.7 108.139.29.7	16509 (AMAZON-02) (AMAZON-02)
3 8	63.251.114.182 63.251.114.182	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
4	3.134.32.50 3.134.32.50	16509 (AMAZON-02) (AMAZON-02)
4 10	50.16.174.192 50.16.174.192	14618 (AMAZON-AES) (AMAZON-AES)
1 3	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 5	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
1	104.97.114.133 104.97.114.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	108.139.29.24 108.139.29.24	16509 (AMAZON-02) (AMAZON-02)
5 5	3.212.123.192 3.212.123.192	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:ed:... 2600:1f18:ed:550a:18eb:75ae:dc51:d648	14618 (AMAZON-AES) (AMAZON-AES)
2 2	104.18.99.194 104.18.99.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	23.92.190.69 23.92.190.69	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
4 5	34.150.170.96 34.150.170.96	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	3.81.223.235 3.81.223.235	14618 (AMAZON-AES) (AMAZON-AES)
7 8	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
3 3	67.202.105.24 67.202.105.24	32748 (STEADFAST) (STEADFAST)
1	104.18.35.34 104.18.35.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 6	15.235.42.104 15.235.42.104	16276 (OVH) (OVH)
2 3	34.232.121.75 34.232.121.75	14618 (AMAZON-AES) (AMAZON-AES)
6 7	68.67.179.164 68.67.179.164	29990 (ASN-APPNEX) (ASN-APPNEX)
7 8	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1 1	3.218.193.24 3.218.193.24	14618 (AMAZON-AES) (AMAZON-AES)
2	52.3.27.31 52.3.27.31	14618 (AMAZON-AES) (AMAZON-AES)
11 14	142.250.80.2 142.250.80.2	15169 (GOOGLE) (GOOGLE)
2 4	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	68.67.160.76 68.67.160.76	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.247.240.231 34.247.240.231	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:112:f002... 2620:112:f002:bbbb::23	6336 (TURN-US-ASN) (TURN-US-ASN)
2 2	2606:4700:10:... 2606:4700:10::ac43:8f4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2620:116:800b... 2620:116:800b:21:4cb8:1820:80ca:50f7	14618 (AMAZON-AES) (AMAZON-AES)
1 1	213.19.162.90 213.19.162.90	3356 (LEVEL3) (LEVEL3)
1 1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	3.82.239.128 3.82.239.128	14618 (AMAZON-AES) (AMAZON-AES)
4 4	207.198.113.86 207.198.113.86	13768 (COGECO-PEER1) (COGECO-PEER1)
4 4	216.200.232.253 216.200.232.253	30419 (MEDIAMATH...) (MEDIAMATH-INC)
7 7	199.127.204.171 199.127.204.171	26120 (RHYTHMONE) (RHYTHMONE)
7 7	18.214.164.27 18.214.164.27	14618 (AMAZON-AES) (AMAZON-AES)
3 4	23.192.61.21 23.192.61.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	199.38.167.130 199.38.167.130	54312 (ROCKETFUEL) (ROCKETFUEL)
3 3	35.207.24.140 35.207.24.140	15169 (GOOGLE) (GOOGLE)
2 2	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3 6	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1 1	3.211.100.251 3.211.100.251	14618 (AMAZON-AES) (AMAZON-AES)
1	23.195.100.26 23.195.100.26	16625 (AKAMAI-AS) (AKAMAI-AS)
3	23.52.165.180 23.52.165.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1 6	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2607:f8b0:400... 2607:f8b0:4006:823::2001	15169 (GOOGLE) (GOOGLE)
2 2	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
4 4	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
2	2600:1f18:4e9... 2600:1f18:4e9:5a01:9d9d:28ed:7091:e8f1	14618 (AMAZON-AES) (AMAZON-AES)
2	104.36.115.113 104.36.115.113	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	3.217.159.252 3.217.159.252	14618 (AMAZON-AES) (AMAZON-AES)
1	108.138.106.126 108.138.106.126	16509 (AMAZON-02) (AMAZON-02)
2 2	54.227.239.48 54.227.239.48	14618 (AMAZON-AES) (AMAZON-AES)
1	104.16.112.154 104.16.112.154	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	40.71.11.141 40.71.11.141	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	64.58.232.176 64.58.232.176	13649 (ASN-VINS) (ASN-VINS)
1	69.169.86.39 69.169.86.39	29838 (AMC) (AMC)
1 1	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2	52.85.61.80 52.85.61.80	16509 (AMAZON-02) (AMAZON-02)
3 4	185.167.164.37 185.167.164.37	198622 (ADFORM) (ADFORM)
2 29	104.36.115.109 104.36.115.109	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	193.122.128.135 193.122.128.135	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 1	199.187.193.193 199.187.193.193	47043 (SMARTADSE...) (SMARTADSERVER)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
2 2	173.231.178.83 173.231.178.83	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2 2	18.157.92.103 18.157.92.103	16509 (AMAZON-02) (AMAZON-02)
1 1	69.90.254.78 69.90.254.78	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	34.102.163.6 34.102.163.6	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2606:4700:440... 2606:4700:4400::ac40:98f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.87.99.102 54.87.99.102	14618 (AMAZON-AES) (AMAZON-AES)
2 2	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1 1	34.98.67.3 34.98.67.3	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	104.36.115.114 104.36.115.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	54.175.87.114 54.175.87.114	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2606:ae80:145... 2606:ae80:1451:19::1400	26762 (CNVR-US-EAST) (CNVR-US-EAST)
1	52.203.100.41 52.203.100.41	14618 (AMAZON-AES) (AMAZON-AES)
1 2	4.78.226.233 4.78.226.233	3356 (LEVEL3) (LEVEL3)
1	2606:4700::68... 2606:4700::6813:ac6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	5.161.47.120 5.161.47.120	213230 (HETZNER-C...) (HETZNER-CLOUD2-AS)
1 1	139.162.78.222 139.162.78.222	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
1	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
1 1	104.45.178.220 104.45.178.220	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	74.222.140.158 74.222.140.158	35908 (VPLSNET) (VPLSNET)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	162.248.18.10 162.248.18.10	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	50.57.31.206 50.57.31.206	19994 (RACKSPACE) (RACKSPACE)
1 1	34.102.253.54 34.102.253.54	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	178.62.202.251 178.62.202.251	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	3.226.175.232 3.226.175.232	14618 (AMAZON-AES) (AMAZON-AES)
299	84

47 200.95.188.69 (Rio de Janeiro, Brazil)

ASN26592 (EQUINIX BRASIL, BR)

site.crefaz.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:81f::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:507 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:820::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.232.190.40 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-232-190-40.sa-east-1.compute.amazonaws.com

cdn.bitrix24.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
crefaz.bitrix24.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.24.70 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip70.ip-51-89-24.eu

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2607:f8b0:4006:820::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80b::200e (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::200e (Rockville, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.164.124.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-103.jfk50.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.136.124.95 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-136-124-95.us-east-2.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.119.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-119-117.ewr52.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.192.50.25 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-50-25.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.39 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.128.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-28.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.55.120.93 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e0::ac40:6a19 (United States)

ASN13335 (CLOUDFLARENET, US)

a.dtssrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 141.94.171.215 (France) 6 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.0.156.250 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 107.20.181.84 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-181-84.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 173.223.57.84 (Secaucus, United States) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-57-84.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.223.40.198 (United States) 14 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.29.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-7.jfk50.r.cloudfront.net

data-beacons.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 63.251.114.182 (United States) 3 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.134.32.50 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-134-32-50.us-east-2.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 50.16.174.192 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-174-192.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.234.236 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.60.146 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.97.114.133 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-97-114-133.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.29.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-24.jfk50.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.212.123.192 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-123-192.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550a:18eb:75ae:dc51:d648 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.99.194 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 23.92.190.69 (Katy, United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.150.170.96 (Washington, United States) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.81.223.235 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-81-223-235.compute-1.amazonaws.com

mid.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.211.178.172 (North Charleston, United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.202.105.24 (United States) 3 redirects

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net

dp2.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dp1.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.34 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

cdn-tc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 15.235.42.104 (Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: haproxy-ca-003.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wt.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.232.121.75 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-121-75.compute-1.amazonaws.com

map.go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 68.67.179.164 (Secaucus, United States) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 107.178.246.49 (Kansas City, United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.218.193.24 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-193-24.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.3.27.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-27-31.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.80.2 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:db6 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.76 (Newark, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.240.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-240-231.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:112:f002:bbbb::23 (United States) 3 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:8f4 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

api.retargetly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:4cb8:1820:80ca:50f7 (United States) 2 redirects

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.90 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.82.239.128 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-239-128.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 207.198.113.86 (Herndon, United States) 4 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.200.232.253 (Frederick, United States) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 199.127.204.171 (United States) 7 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.214.164.27 (Ashburn, United States) 7 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-164-27.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.192.61.21 (New York, United States) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-61-21.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.207.24.140 (North Charleston, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.139 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.46.130.91 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.211.100.251 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-100-251.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.195.100.26 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-100-26.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.52.165.180 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-165-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:112:f002:bbbb::21 (United States) 2 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.130.49 (United States) 4 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:4e9:5a01:9d9d:28ed:7091:e8f1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.217.159.252 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-159-252.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-126.jfk50.r.cloudfront.net

audex.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.227.239.48 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-239-48.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.112.154 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.71.11.141 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.cintnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.232.176 (United States) 1 redirects

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.86.39 (Cranford, United States)

ASN29838 (AMC, US)

ib.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.147 (Lockport, United States) 1 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.61.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-80.ewr53.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.167.164.37 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 104.36.115.109 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.122.128.135 (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.193 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.231.178.83 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.92.103 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-92-103.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.90.254.78 (Herndon, United States) 1 redirects

ASN13768 (COGECO-PEER1, CA)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.163.6 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com

ad.mrtnsvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:98f5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.87.99.102 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-99-102.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.254.65 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com

tags.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.175.87.114 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1451:19::1400 (United States) 2 redirects

ASN26762 (CNVR-US-EAST, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.100.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-100-41.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 4.78.226.233 (Fort Worth, United States) 1 redirects

ASN3356 (LEVEL3, US)

pmp.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:ac6c (United States)

ASN13335 (CLOUDFLARENET, US)

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.161.47.120 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.120.47.161.5.clients.your-server.de

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.78.222 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1558-222.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (United States) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.45.178.220 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.222.140.158 (United States) 1 redirects

ASN35908 (VPLSNET, US)
PTR: 74.222.140.158.CUSTOMER.VPLS.NET

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.248.18.10 (United States)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.57.31.206 (United States) 1 redirects

ASN19994 (RACKSPACE, US)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.62.202.251 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.226.175.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-175-232.compute-1.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	crefaz.com.br site.crefaz.com.br	6 MB
39	pubmatic.com 2 redirects ads.pubmatic.com — Cisco Umbrella Rank: 728 image6.pubmatic.com — Cisco Umbrella Rank: 915 simage2.pubmatic.com — Cisco Umbrella Rank: 1016 image2.pubmatic.com — Cisco Umbrella Rank: 1513 image4.pubmatic.com — Cisco Umbrella Rank: 1520 simage4.pubmatic.com — Cisco Umbrella Rank: 1658 aud.pubmatic.com — Cisco Umbrella Rank: 8703	44 KB
32	lijit.com 3 redirects ap.lijit.com — Cisco Umbrella Rank: 869 ce.lijit.com — Cisco Umbrella Rank: 1406	79 KB
22	crwdcntrl.net 5 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1563 sync.crwdcntrl.net — Cisco Umbrella Rank: 1102 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1096	58 KB
21	gstatic.com www.gstatic.com	2 MB
20	google.com www.google.com — Cisco Umbrella Rank: 19 analytics.google.com — Cisco Umbrella Rank: 629 adservice.google.com — Cisco Umbrella Rank: 136	122 KB
18	doubleclick.net 11 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 stats.g.doubleclick.net — Cisco Umbrella Rank: 171 cm.g.doubleclick.net — Cisco Umbrella Rank: 304	7 KB
14	adsrvr.org 14 redirects match.adsrvr.org — Cisco Umbrella Rank: 463 data.adsrvr.org — Cisco Umbrella Rank: 6819	7 KB
11	adnxs.com 10 redirects secure.adnxs.com — Cisco Umbrella Rank: 707 ib.adnxs.com — Cisco Umbrella Rank: 334	10 KB
11	sharethis.com pd.sharethis.com — Cisco Umbrella Rank: 16055 t.sharethis.com — Cisco Umbrella Rank: 8274 sync.sharethis.com — Cisco Umbrella Rank: 4604	17 KB
10	eyeota.net 4 redirects ps.eyeota.net — Cisco Umbrella Rank: 1457	5 KB
9	bluekai.com 4 redirects tags.bluekai.com — Cisco Umbrella Rank: 786 stags.bluekai.com — Cisco Umbrella Rank: 798	3 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 170	217 KB
8	tapad.com 7 redirects pixel.tapad.com — Cisco Umbrella Rank: 732	810 B
8	bidswitch.net 7 redirects x.bidswitch.net — Cisco Umbrella Rank: 430	4 KB
7	bidr.io 7 redirects match.prod.bidr.io — Cisco Umbrella Rank: 833	3 KB
6	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 708	1 KB
6	amazon-adsystem.com 3 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 427	4 KB
6	rqtrk.eu 2 redirects ws.rqtrk.eu — Cisco Umbrella Rank: 3000 wt.rqtrk.eu — Cisco Umbrella Rank: 4085	1 KB
6	liadm.com 5 redirects i.liadm.com — Cisco Umbrella Rank: 936 i6.liadm.com — Cisco Umbrella Rank: 3102	3 KB
6	onaudience.com 6 redirects pixel.onaudience.com — Cisco Umbrella Rank: 4592	3 KB
5	1rx.io 5 redirects sync.1rx.io — Cisco Umbrella Rank: 796	4 KB
5	turn.com 5 redirects d.turn.com — Cisco Umbrella Rank: 1691 ad.turn.com — Cisco Umbrella Rank: 1257	2 KB
5	simpli.fi 4 redirects um.simpli.fi — Cisco Umbrella Rank: 1440	2 KB
5	rlcdn.com 3 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 596	626 B
5	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 4952 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5922 data-beacons.s-onetag.com — Cisco Umbrella Rank: 10826	14 KB
4	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 989	2 KB
4	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 735 cms.analytics.yahoo.com — Cisco Umbrella Rank: 1651 ups.analytics.yahoo.com — Cisco Umbrella Rank: 432	2 KB
4	everesttech.net 4 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 930	889 B
4	owneriq.net 3 redirects px.owneriq.net — Cisco Umbrella Rank: 1959	2 KB
4	mathtag.com 4 redirects sync.mathtag.com — Cisco Umbrella Rank: 723	2 KB
4	sitescout.com 4 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 941	3 KB
4	zeotap.com 2 redirects spl.zeotap.com — Cisco Umbrella Rank: 2775 mwzeom.zeotap.com — Cisco Umbrella Rank: 2419	1 KB
4	33across.com 3 redirects dp2.33across.com — Cisco Umbrella Rank: 15393 cdn-tc.33across.com — Cisco Umbrella Rank: 25759 dp1.33across.com — Cisco Umbrella Rank: 10443	2 KB
4	exelator.com 4 redirects loada.exelator.com — Cisco Umbrella Rank: 26311 loadus.exelator.com — Cisco Umbrella Rank: 1830	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
4	bitrix24.com.br cdn.bitrix24.com.br crefaz.bitrix24.com.br	132 KB
3	mfadsrvr.com 3 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1388	1009 B
3	stackadapt.com 3 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 1076	1 KB
3	rubiconproject.com 2 redirects pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2876 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1264 token.rubiconproject.com — Cisco Umbrella Rank: 1067	2 KB
3	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1933 beacon.krxd.net — Cisco Umbrella Rank: 757	836 B
3	affec.tv 2 redirects map.go.affec.tv — Cisco Umbrella Rank: 9650	2 KB
3	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 2681	531 B
3	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 10537 ic.tynt.com — Cisco Umbrella Rank: 4960 de.tynt.com — Cisco Umbrella Rank: 2358	11 KB
3	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 9225	10 KB
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1769	1 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com — Cisco Umbrella Rank: 7722	623 B
2	taboola.com 1 redirects trc.taboola.com — Cisco Umbrella Rank: 873 match.taboola.com — Cisco Umbrella Rank: 4365	657 B
2	mxptint.net 1 redirects pmp.mxptint.net — Cisco Umbrella Rank: 9343	965 B
2	dotomi.com 2 redirects pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5125	743 B
2	pippio.com 2 redirects pippio.com — Cisco Umbrella Rank: 1142	718 B
2	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 2686	835 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1476 s.tribalfusion.com — Cisco Umbrella Rank: 3850	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1306	1 KB
2	adgrx.com 2 redirects cm.adgrx.com — Cisco Umbrella Rank: 2380	1 KB
2	agkn.com aa.agkn.com — Cisco Umbrella Rank: 791	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 293	2 KB
2	ipredictive.com 2 redirects sync.ipredictive.com — Cisco Umbrella Rank: 1574	1 KB
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 813	734 B
2	contextweb.com 2 redirects bh.contextweb.com — Cisco Umbrella Rank: 832	1 KB
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1879	1 KB
2	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 1504	1003 B
2	retargetly.com 2 redirects api.retargetly.com — Cisco Umbrella Rank: 7499	658 B
2	adsymptotic.com 2 redirects p.adsymptotic.com — Cisco Umbrella Rank: 926	515 B
2	dtssrv.com a.dtssrv.com — Cisco Umbrella Rank: 16866	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 115	222 B
2	google.ca www.google.ca — Cisco Umbrella Rank: 7572 adservice.google.ca — Cisco Umbrella Rank: 14059	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 203	111 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	117 KB
1	gumgum.com rtb.gumgum.com — Cisco Umbrella Rank: 1621	209 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 4235	534 B
1	playground.xyz 1 redirects ads.playground.xyz — Cisco Umbrella Rank: 5307	463 B
1	bnmla.com 1 redirects match.bnmla.com — Cisco Umbrella Rank: 4351	900 B
1	inmobi.com 1 redirects mweb.ck.inmobi.com — Cisco Umbrella Rank: 6284	348 B
1	iprom.net core.iprom.net — Cisco Umbrella Rank: 7779	279 B
1	appier.net 1 redirects gocm.c.appier.net — Cisco Umbrella Rank: 3834	395 B
1	truffle.bid matching.truffle.bid — Cisco Umbrella Rank: 9621
1	loopme.me csync.loopme.me — Cisco Umbrella Rank: 1351
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 2344	35 B
1	linksynergy.com 1 redirects tags.rd.linksynergy.com — Cisco Umbrella Rank: 6042	390 B
1	mrtnsvr.com 1 redirects ad.mrtnsvr.com — Cisco Umbrella Rank: 4481	290 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 2482	674 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 935	363 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 1452	221 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 852	762 B
1	technoratimedia.com 1 redirects sync.technoratimedia.com — Cisco Umbrella Rank: 1772	782 B
1	mookie1.com ib.mookie1.com — Cisco Umbrella Rank: 5205	991 B
1	ib-ibi.com 1 redirects global.ib-ibi.com — Cisco Umbrella Rank: 3524	513 B
1	cintnetworks.com c.cintnetworks.com — Cisco Umbrella Rank: 9741	543 B
1	truoptik.com dmp.truoptik.com — Cisco Umbrella Rank: 2651	470 B
1	userreport.com audex.userreport.com — Cisco Umbrella Rank: 5021	433 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 841	637 B
1	clickagy.com 1 redirects aorta.clickagy.com — Cisco Umbrella Rank: 2758	427 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 1227	724 B
1	mediawallahscript.com partner.mediawallahscript.com — Cisco Umbrella Rank: 2941	232 B
1	rkdms.com 1 redirects mid.rkdms.com — Cisco Umbrella Rank: 1502	429 B
1	intentiq.com api.intentiq.com — Cisco Umbrella Rank: 2432
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 4647	16 KB
1	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 10363	407 B
1	amung.us whos.amung.us — Cisco Umbrella Rank: 9363	183 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1003	701 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 358	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 977	81 KB
1	waust.at waust.at — Cisco Umbrella Rank: 27432	4 KB
299	104

	Domain	Requested by
47	site.crefaz.com.br	site.crefaz.com.br code.jquery.com
24	ce.lijit.com	site.crefaz.com.br ap.lijit.com us-u.openx.net ads.pubmatic.com
21	www.gstatic.com	www.google.com
20	simage2.pubmatic.com	2 redirects ads.pubmatic.com
17	www.google.com	site.crefaz.com.br www.gstatic.com www.google.com tpc.googlesyndication.com
14	cm.g.doubleclick.net	11 redirects ap.lijit.com us-u.openx.net bcp.crwdcntrl.net
13	match.adsrvr.org	13 redirects
13	sync.crwdcntrl.net	3 redirects bcp.crwdcntrl.net
10	ps.eyeota.net	4 redirects site.crefaz.com.br data-beacons.s-onetag.com
9	image2.pubmatic.com	ads.pubmatic.com
8	pixel.tapad.com	7 redirects site.crefaz.com.br
8	x.bidswitch.net	7 redirects site.crefaz.com.br
8	ap.lijit.com	3 redirects site.crefaz.com.br data-beacons.s-onetag.com ap.lijit.com
8	tags.bluekai.com	3 redirects site.crefaz.com.br de.tynt.com tags.bkrtx.com bcp.crwdcntrl.net
7	match.prod.bidr.io	7 redirects
7	secure.adnxs.com	6 redirects site.crefaz.com.br
6	us-u.openx.net	1 redirects ap.lijit.com us-u.openx.net
6	s.amazon-adsystem.com	3 redirects ap.lijit.com bcp.crwdcntrl.net ads.pubmatic.com
6	pixel.onaudience.com	6 redirects
6	pagead2.googlesyndication.com	site.crefaz.com.br pagead2.googlesyndication.com tpc.googlesyndication.com
5	sync.1rx.io	5 redirects
5	bcp.crwdcntrl.net	2 redirects tags.crwdcntrl.net
5	ws.rqtrk.eu	2 redirects site.crefaz.com.br
5	um.simpli.fi	4 redirects ads.pubmatic.com
5	i.liadm.com	5 redirects
5	idsync.rlcdn.com	3 redirects site.crefaz.com.br ads.pubmatic.com
4	c1.adform.net	3 redirects ads.pubmatic.com
4	sync-tm.everesttech.net	4 redirects
4	px.owneriq.net	3 redirects ap.lijit.com
4	sync.mathtag.com	4 redirects
4	pixel-sync.sitescout.com	4 redirects
4	ib.adnxs.com	4 redirects
4	sync.sharethis.com	site.crefaz.com.br
4	tags.crwdcntrl.net	t.dtscout.com cdn-tc.33across.com tags.crwdcntrl.net
4	t.sharethis.com	pd.sharethis.com t.sharethis.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com site.crefaz.com.br
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	ads.pubmatic.com	ap.lijit.com ads.pubmatic.com
3	rtb.mfadsrvr.com	3 redirects
3	sync.srv.stackadapt.com	3 redirects
3	d.turn.com	3 redirects
3	map.go.affec.tv	2 redirects site.crefaz.com.br
3	ml314.com	1 redirects site.crefaz.com.br bcp.crwdcntrl.net
3	pd.sharethis.com	t.dtscout.com site.crefaz.com.br t.sharethis.com
3	get.s-onetag.com	t.dtscout.com get.s-onetag.com
3	t.dtscout.com	waust.at t.dtscout.com
2	uipglob.semasio.net	1 redirects
2	visitor.fiftyt.com	2 redirects
2	simage4.pubmatic.com	ads.pubmatic.com
2	pmp.mxptint.net	1 redirects ads.pubmatic.com
2	pubmatic-match.dotomi.com	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	pippio.com	2 redirects
2	beacon.lynx.cognitivlabs.com	1 redirects ads.pubmatic.com
2	pm.w55c.net	2 redirects
2	cm.adgrx.com	2 redirects
2	aa.agkn.com	bcp.crwdcntrl.net
2	dpm.demdex.net	2 redirects
2	sync.ipredictive.com	2 redirects
2	image6.pubmatic.com	ads.pubmatic.com
2	pr-bh.ybp.yahoo.com	us-u.openx.net ads.pubmatic.com
2	ad.turn.com	2 redirects
2	creativecdn.com	2 redirects
2	bh.contextweb.com	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	cms.quantserve.com	2 redirects
2	api.retargetly.com	2 redirects
2	mwzeom.zeotap.com	site.crefaz.com.br
2	spl.zeotap.com	2 redirects
2	beacon.krxd.net	site.crefaz.com.br bcp.crwdcntrl.net
2	dp2.33across.com	2 redirects
2	p.adsymptotic.com	2 redirects
2	loadus.exelator.com	2 redirects
2	crefaz.bitrix24.com.br	cdn.bitrix24.com.br
2	loada.exelator.com	2 redirects
2	a.dtssrv.com	t.dtscout.com
2	www.facebook.com	site.crefaz.com.br
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	analytics.google.com	www.googletagmanager.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	cdn.bitrix24.com.br	site.crefaz.com.br cdn.bitrix24.com.br
2	connect.facebook.net	site.crefaz.com.br connect.facebook.net
2	www.googletagmanager.com	site.crefaz.com.br www.googletagmanager.com
1	rtb.gumgum.com
1	match.adsby.bidtheatre.com	1 redirects
1	ads.playground.xyz	1 redirects
1	aud.pubmatic.com
1	match.bnmla.com	1 redirects
1	mweb.ck.inmobi.com	1 redirects
1	core.iprom.net	ads.pubmatic.com
1	match.taboola.com	ads.pubmatic.com
1	trc.taboola.com	1 redirects
1	gocm.c.appier.net	1 redirects
1	matching.truffle.bid	ads.pubmatic.com
1	csync.loopme.me	ads.pubmatic.com
1	rtb.adentifi.com	ads.pubmatic.com
1	ups.analytics.yahoo.com	1 redirects
1	tags.rd.linksynergy.com	1 redirects
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	ad.mrtnsvr.com	1 redirects
1	ums.acuityplatform.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	match.deepintent.com	ads.pubmatic.com
1	rtb-csync.smartadserver.com	1 redirects
1	sync.technoratimedia.com	1 redirects
1	token.rubiconproject.com	bcp.crwdcntrl.net
1	cms.analytics.yahoo.com	1 redirects
1	ib.mookie1.com	bcp.crwdcntrl.net
1	global.ib-ibi.com	1 redirects
1	c.cintnetworks.com	bcp.crwdcntrl.net
1	dmp.truoptik.com	bcp.crwdcntrl.net
1	audex.userreport.com	bcp.crwdcntrl.net
1	wt.rqtrk.eu	bcp.crwdcntrl.net
1	data.adsrvr.org	1 redirects
1	contextual.media.net	ap.lijit.com
1	aorta.clickagy.com	1 redirects bcp.crwdcntrl.net
1	p.rfihub.com	1 redirects
1	pixel-us-east.rubiconproject.com	1 redirects
1	pixel-eu.rubiconproject.com	1 redirects
1	stags.bluekai.com	1 redirects
1	partner.mediawallahscript.com	site.crefaz.com.br
1	dp1.33across.com	1 redirects
1	usermatch.krxd.net	1 redirects
1	cdn-tc.33across.com	de.tynt.com
1	mid.rkdms.com	1 redirects
1	i6.liadm.com	site.crefaz.com.br
1	api.intentiq.com	data-beacons.s-onetag.com
1	tags.bkrtx.com	pd.sharethis.com
1	de.tynt.com	cdn.tynt.com
1	ic.tynt.com	site.crefaz.com.br
1	data-beacons.s-onetag.com	get.s-onetag.com
1	t.dtscdn.com	t.dtscout.com
1	cdn.tynt.com	waust.at
1	whos.amung.us	waust.at
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.ca	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.ca	site.crefaz.com.br
1	cdnjs.cloudflare.com	site.crefaz.com.br
1	code.jquery.com	site.crefaz.com.br
1	waust.at	site.crefaz.com.br
299	143

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
artesanalinvestimentos.datapact.com.br
www.facebook.com
www.instagram.com
twitter.com
www.linkedin.com
www-crefaz-com-br-1.rds.land
dointeriorascapitais.com.br
www.somoscefaz.com.br
play.google.com
apps.apple.com

Subject Issuer	Validity	Valid
site.crefaz.com.br R3	`2022-09-12` - `2022-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-04` - `2023-07-04`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-22` - `2022-10-20`	3 months	crt.sh
*.bitrix24.com.br Go Daddy Secure Certificate Authority - G2	`2022-05-20` - `2023-06-21`	a year	crt.sh
*.dtscout.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.s-onetag.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
sharethis.com Amazon	`2022-06-21` - `2023-07-20`	a year	crt.sh
cert1.a1.atm.aqfer.net R3	`2022-10-11` - `2023-01-09`	3 months	crt.sh
*.amung.us Sectigo RSA Domain Validation Secure Server CA	`2022-05-18` - `2023-06-17`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.dtscdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-04` - `2022-12-04`	a year	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2022-02-07` - `2023-02-06`	a year	crt.sh
*.intentiq.com Amazon	`2022-03-20` - `2023-04-17`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
*.rqtrk.eu RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-06-10` - `2023-06-10`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh
*.userreport.com Amazon	`2022-01-19` - `2023-02-17`	a year	crt.sh
*.truoptik.com Entrust Certification Authority - L1K	`2021-10-22` - `2022-10-22`	a year	crt.sh
*.cintnetworks.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-04` - `2022-11-04`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
ml314.com GTS CA 1D4	`2022-08-20` - `2022-11-18`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-21`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
beacon.lynx.cognitivlabs.com Amazon	`2022-04-13` - `2023-05-12`	a year	crt.sh
adentifi.com Amazon	`2022-08-05` - `2023-09-03`	a year	crt.sh
truffle.bid R3	`2022-10-03` - `2023-01-01`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.iprom.net R3	`2022-09-13` - `2022-12-12`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.gumgum.com Amazon	`2022-09-14` - `2023-10-11`	a year	crt.sh

This page contains 59 frames:

Primary Page: https://site.crefaz.com.br/
Frame ID: 2C78C3E06E05AAE127774050ECFBF734
Requests: 122 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221010/r20190131/zrt_lookup.html
Frame ID: 357ED2C21D8E5BF156BC78EC9FF152D0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593761836866080&output=html&adk=1812271804&adf=3025194257&lmt=1665595296&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsite.crefaz.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665595296025&bpp=6&bdt=714&idt=309&shv=r20221010&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6515394352200&frm=20&pv=2&ga_vid=976293219.1665595296&ga_sid=1665595296&ga_hid=59723141&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531706%2C31069178%2C31070291%2C44773746%2C31067826&oid=2&pvsid=1541219906748436&tmod=1682398817&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=379
Frame ID: ECF047BAC41FB4540D4D6EBEE4789B6F
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A0166559529668EDBB65A4077AE425
Frame ID: AA710561B406B965BD54F863346A0F1E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v&co=aHR0cHM6Ly9zaXRlLmNyZWZhei5jb20uYnI6NDQz&hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=normal&cb=baw4nc8u08qz
Frame ID: FC662FD3B228B157FBC4C6689558E04F
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v&co=aHR0cHM6Ly9zaXRlLmNyZWZhei5jb20uYnI6NDQz&hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=normal&cb=rp5jd86zd9p7
Frame ID: 95B3617CCFC5AAC73D5F3410DA9BBF18
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v&co=aHR0cHM6Ly9zaXRlLmNyZWZhei5jb20uYnI6NDQz&hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=normal&cb=4z2tucjw3j90
Frame ID: 392ECC60A5A23026A2F80B631B0ADCBD
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v&co=aHR0cHM6Ly9zaXRlLmNyZWZhei5jb20uYnI6NDQz&hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=normal&cb=966yjya59z7k
Frame ID: D951953101C55CE99A8D328CAAD7A0E6
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v&co=aHR0cHM6Ly9zaXRlLmNyZWZhei5jb20uYnI6NDQz&hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=normal&cb=mbklwjuovdvh
Frame ID: 0AFF03F2ED85373F3048FD8C4EBCD422
Requests: 4 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1065.23347&cid=c010&cls=C
Frame ID: 78051DD5F04CB39D1A99388AA716D467
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 136C08D2EB6D28C1DFBF89822FB526CE
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1065.23347/a/CA/t_.js?cid=c010&cls=C
Frame ID: 9251151FA5308A6F84BBB07B4268B389
Requests: 7 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: E08006C1DBD701030866386C9A0A61BF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v
Frame ID: 9CD12479A500CAF2D3F6E9E6EA308DD1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v
Frame ID: 310BA192BF1E115743DBD84F6235DEBF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v
Frame ID: D06989782792372C7B773945C34D9342
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v
Frame ID: 8D7DE5FA8DF471FD3F4D4F6B3B9D48BA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v
Frame ID: 54C9BEF99B28A7E8B2270578DA2557AF
Requests: 3 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=65801
Frame ID: 796E311C092509069F913C796E3E3EA1
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: B5C0FC457F1B7A67C58EF69FED18A113
Requests: 2 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/27519?id=212002981022435&ret=html&random=1665595299
Frame ID: E9303C82BA44D3101CD3CBFBA25593B5
Requests: 1 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: B46352EB45B818A2D9A1424F18BD0302
Requests: 3 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/5386?id=3e5930d9-9ed8-4653-aa55-d261af64125b&gdpr=0&gdpr_consent=
Frame ID: 15406ABA23CA199025F41195AF3E7C69
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Frame ID: F140BA0C7364DF2BC204BDE1BC007D6F
Requests: 24 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Frame ID: E0D9B8E91623CE551317B5CDFB99B591
Requests: 21 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=7320511249085752497&gdpr=0&gdpr_consent=
Frame ID: 2A6E49626FD34EDC644AA892046ED07D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 3BB9B9EB910CE0A6C282736DF528F1CB
Requests: 10 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 4C9CCD4E985C0BC559A6D22D9DD83FD2
Requests: 8 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: B11074A30842D8E62591C1FD367BB67F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BE5AA6ACB6FA5036D64F7A7CE6A82A5D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A897110940BF35C3761D63033EFA509E
Requests: 2 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Frame ID: F9F26B1FA3EB30E9AEBAD0DA04F2C24C
Requests: 24 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=59D92590-354E-4F4D-8B00-51C9447E4FBA
Frame ID: 15022CDA2BB29530DE81013A12AA3BFE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0b3pAABUd3hXABU&gdpr=0&gdpr_consent=
Frame ID: B65E9B80B8907C3E5EEEAC57E42B2345
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=59D92590-354E-4F4D-8B00-51C9447E4FBA&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 6227FFF5FB8952C8C36FEA022576D2D8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADFvU7Gje8AAB2zsYrbcQ
Frame ID: 8C12142D41142521BC7E6824F4150467
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5e3e6346-f7a3-4400-98de-74a4ca85ba85&gdpr=0&gdpr_consent=
Frame ID: 496EF0D23D904A4F9EE81530EC720C4D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8RhoqKEcPa3qTmqopR5x_aRPOq3qTWmm80p7Fo9r
Frame ID: AF0BAA88077C0060FF3D88247F2B9DD3
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 0F82D03D71A964147BD165A93016F69D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=55b2bb9c-4a52-11ed-9767-329a2587c191
Frame ID: F077690F52029E3090F54FF5B9A6BF69
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 955693012782AC61280E7AA143BB0479
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-KtNLnI_S1xAM7aW8EK62ZU4mbg
Frame ID: D2BCA80D64DF199570E3B97C792EF922
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FPx7tNZu1OIFqk5&gdpr=0&gdpr_consent=
Frame ID: 6306905E12D970732BAF1259D27C9099
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=698850414500
Frame ID: 72F1726FFD1A22EF6F6FA6B4D1D938D6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=LlCdgc-tp
Frame ID: 7BD1E6AD70E9711D326B10562ADAF219
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a8c2ae2f-b4e4-407a-9ba2-d1b750d89238-005
Frame ID: 6D6A77BB39B7976B44F10EF4A03256CA
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 6C5FB833E29C8448CF46AD6FDCFDD8FE
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=59D92590-354E-4F4D-8B00-51C9447E4FBA
Frame ID: D88AB9AF48E39DDB1018DFE68122385D
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=59D92590-354E-4F4D-8B00-51C9447E4FBA
Frame ID: E8C332FA9E4BFD821164E2293BE47C35
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: 39A4FF118AC4327830AC62A8D7219702
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7188817001893117966
Frame ID: 8BFC0BBDCB55944048481ABC0832C13A
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: CEAF8940BC24673068215017EFCC9930
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=emPgJ_a4CGGZxk3qp_dGYw
Frame ID: 28F7B4DF2ED39A47A3DDBDAD6865056E
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8cf33822-38bd-4642-8c75-b22c4163d57b-tucta407d27&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: DCABD9D528571DF6BD1FF38BE36B0B2E
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: BF118517A20831564D5B4F9A08D7C9C7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=1b8ef0cc-622c-4dd9-9b4a-b80a9d45b654
Frame ID: 878FC1734A82048DD41D214925AC6927
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:1C00CAD18F904BA79B8E5F327C0866BF
Frame ID: B134E7593557601C99973AD6BC6B0A96
Requests: 1 HTTP requests in this frame

Frame: https://um.simpli.fi/epx
Frame ID: 18150CCA715219822C75632803BD05B6
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=59D92590-354E-4F4D-8B00-51C9447E4FBA
Frame ID: 262FCB2523258CD69B286F6F0407428D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Crefaz - Financiamentos e Investimentos

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

299
Requests

72 %
HTTPS

23 %
IPv6

104
Domains

143
Subdomains

84
IPs

12
Countries

9437 kB
Transfer

14416 kB
Size

226
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send?phone=554430139749
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://artesanalinvestimentos.datapact.com.br/Entrar
Title: Negocie sua dívida

Search URL Search Domain Scan URL

URL: https://www.facebook.com/crefazoficial/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/crefazoficial/

Search URL Search Domain Scan URL

URL: https://twitter.com/crefazoficial

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/crefazoficial/

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=5508000525051

Search URL Search Domain Scan URL

URL: http://www-crefaz-com-br-1.rds.land/e-gol-da-crefaz

Search URL Search Domain Scan URL

URL: https://dointeriorascapitais.com.br/

Search URL Search Domain Scan URL

URL: https://www.somoscefaz.com.br/
Title: Seja um consultor CEFAZ!

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=br.com.rbmweb.crefaz

Search URL Search Domain Scan URL

URL: https://apps.apple.com/br/app/crefaz-on/id1453436337

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=5508000525052
Title: WhatsApp

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100

https://pixel.onaudience.com/?partner=137085098&mapped=51A0166559529668EDBB65A4077AE425 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=0692f68dd70f498f7f92631d848253f2&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=63888515040b29ab/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=63888515040b29ab/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=53649b85c5a1c379f223fbf3ac206818&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=a209b2d67f8673d7 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
https://tags.bluekai.com/site/5386?id=3e5930d9-9ed8-4653-aa55-d261af64125b&gdpr=0&gdpr_consent=

Request Chain 112

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 115

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=3e5930d9-9ed8-4653-aa55-d261af64125b&gdpr=0&gdpr_consent=

Request Chain 116

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
https://sync.sharethis.com/nlsn?uid=f4161dc54b8ae364269f4a38120c5681

Request Chain 117

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=2Pn1ZfEddsLCyonAJfw9t09ni6BuoxZ26vOFGQ_k1d2U&gdpr=0&gdpr_consent=

Request Chain 118

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHwAA2NG96AAAAAJHTKaAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3630704673834926100 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzMDcwNDY3MzgzNDkyNjEwMBAAGg0Iou-bmgYSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=6fd0e4bb6616a9e74de5d0345a6c9cc76c66e53f9838affc99e78e7a4ab698aaf4cb09cee1a4f8eb&person_id=3630704673834926100&eid=50082

Request Chain 119

https://tags.bluekai.com/site/59574?id=ZHwAA2NG96AAAAAJHTKaAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Request Chain 140

https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=FeDxfSZH8tW68m2ZSEGrvTGq&rnd=94426 HTTP 303
https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=FeDxfSZH8tW68m2ZSEGrvTGq&rnd=94426&_li_chk=true&previous_uuid=4c5501ce7815404eb6d4cc9a9fe162f8 HTTP 303
https://i6.liadm.com/s/59074?bidder_id=204553&rnd=94426&bidder_uuid=FeDxfSZH8tW68m2ZSEGrvTGq

Request Chain 141

https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=FeDxfSZH8tW68m2ZSEGrvTGq&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=50839 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=FeDxfSZH8tW68m2ZSEGrvTGq&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=50839&_expected_cookie=bdb73cb7fa1d2d997631c0cad4683fc3 HTTP 302
https://ce.lijit.com/merge?pid=5014&3pid=bdb73cb7fa1d2d997631c0cad4683fc3

Request Chain 142

https://um.simpli.fi/lj_match?r=58164 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=1C00CAD18F904BA79B8E5F327C0866BF

Request Chain 143

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=FeDxfSZH8tW68m2ZSEGrvTGq&rnd=71802 HTTP 303
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=FeDxfSZH8tW68m2ZSEGrvTGq&rnd=71802&_li_chk=true&previous_uuid=dabe74e5b0d24c54a6015f83ffd097f6 HTTP 303
https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=4c5501ce-7815-404e-b6d4-cc9a9fe162f8&liid=&_ct=im HTTP 302
https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=2623deb45a5f3350d84876bf90306ec0 HTTP 303
https://x.bidswitch.net/sync?dsp_id=42&user_id= HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=

Request Chain 145

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1665595298458.5&r=true HTTP 302
https://tags.bluekai.com/site/27519?id=212002981022435&ret=html&random=1665595299

Request Chain 147

https://ws.rqtrk.eu/push?dmp=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&pid=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&g=1&tr=1&uid=CoIKR2NG96JTs74uB2g7Ag%3D%3D&cb=1665595298458.1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=e09figb&ttd_tpi=1 HTTP 302
https://ws.rqtrk.eu/push?pid=6109d77d-65b6-4ad2-ab8c-7cb7994fb314&dmp=ttdw&uid=3e5930d9-9ed8-4653-aa55-d261af64125b

Request Chain 148

https://map.go.affec.tv/map/3a/?pid=CoIKR2NG96JTs74uB2g7Ag%3D%3D&us_privacy=&ts=1665595298458.2 HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D6346f7a3c2d1f500013392fd%26chc%3Dtt%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D6346f7a3c2d1f500013392fd%2526chc%253Dtt%2526gdpr%253D%2526gdpr_consent%253D%2526redirect_url%253D HTTP 302
https://map.go.affec.tv/map/an/8274292330252133132?ch=6346f7a3c2d1f500013392fd&chc=tt&gdpr=&gdpr_consent=&redirect_url= HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&ch=6346f7a3c2d1f500013392fd&chc=tt%7Can&gdpr=&gdpr_consent=&redirect_url= HTTP 302
https://map.go.affec.tv/map/ttd/3e5930d9-9ed8-4653-aa55-d261af64125b?ttd_puid=&gdpr=0&gdpr_consent=

Request Chain 149

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKR2NG96JTs74uB2g7Ag%3D%3D&us_privacy=&random=1665595298458.3&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKR2NG96JTs74uB2g7Ag%3D%3D&us_privacy=&random=1665595298458.3&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4bd454ba-cdd9-4072-ace3-b44ebbe421b7%252Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3e5930d9-9ed8-4653-aa55-d261af64125b&ttd_puid=4bd454ba-cdd9-4072-ace3-b44ebbe421b7%2Chttps%3A%2F%2Fusermatch.krxd.net%2Fum%2Fv2%3Fpartner%3Dtapad HTTP 302
https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad

Request Chain 150

https://dp2.33across.com/ps/?pid=1205&rand=1665595298458.4&r=true HTTP 302
https://idsync.rlcdn.com/405716.gif?partner_uid=2370916972571

Request Chain 151

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKR2NG96JTs74uB2g7Ag%3D%3D&us_privacy=&33random=1665595298458.6&cat=33across HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mi1IdmhlMXBPS2V6M1dQNWs4dUxGWF9NTnFOTkJTVmgzdDl1Z3dpZ1cydEU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671 HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEBLKNGI65ujJPGVHFxIrm0A&google_cver=1

Request Chain 152

https://spl.zeotap.com/z.png?zdid=239&ctry=CA&env=mWeb&eventType=pageview&zpb=w%21w1io2s93fs&zpbcat=Financial+Services&zcluid=CoIKR2NG96JTs74uB2g7Ag%3D%3D&us_privacy=&ziid=1665595298458.7 HTTP 302
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=7b4ca9a4-a4c5-4d95-48e6-29685e7f6180&reqId=ce350ea3-1550-4bd9-5b62-fb8a97faeaaa&us_privacy=&zcluid=CoIKR2NG96JTs74uB2g7Ag%3D%3D&zdid=239&ziid=1665595298458.7&zpb=w%21w1io2s93fs&zpbcat=Financial+Services HTTP 302
https://mwzeom.zeotap.com/mw?adnxs_uid=8274292330252133132&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=7b4ca9a4-a4c5-4d95-48e6-29685e7f6180&reqId=ce350ea3-1550-4bd9-5b62-fb8a97faeaaa&us_privacy=&zcluid=CoIKR2NG96JTs74uB2g7Ag==&zdid=239&ziid=1665595298458.7&zpb=w!w1io2s93fs&zpbcat=Financial%20Services

Request Chain 153

https://dp1.33across.com/ps/?pid=669&uid=CoIKR2NG96JTs74uB2g7Ag%3D%3D&us_privacy=&random=1665595298458.9&r=true HTTP 302
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212002981022435&seg_code=33x&random=1665595299

Request Chain 154

https://ws.rqtrk.eu/push?dmp=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&pid=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&g=1&tr=1&uid=CoIKR2NG96JTs74uB2g7Ag%3D%3D&cb=1665595298458.10&gdpr_consent= HTTP 302
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2098&uid=7bd40d8a-afa7-4fd5-bf8b-b1861337a448&custom=&tag_format=img&tag_action=sync&cb=1665595794&rurl=https://ws.rqtrk.eu/push?dmp%3De873dca0-85f0-4b95-bfab-a8d855ece660%26uid%3D00000000-0000-0000-0000-000000000000

Request Chain 155

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKR2NG96JTs74uB2g7Ag%3D%3D&us_privacy=&33random=1665595298458.11&cat=33across HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?uid=3e5930d9-9ed8-4653-aa55-d261af64125b&bid=1e2n4ou

Request Chain 160

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHwAA2NG96AAAAAJHTKaAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1065.23347%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1065.23347%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=34349830 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
https://tags.bluekai.com/site/5386?id=3e5930d9-9ed8-4653-aa55-d261af64125b&gdpr=0&gdpr_consent=

Request Chain 162

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=FeDxfSZH8tW68m2ZSEGrvTGq/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=53649b85c5a1c379f223fbf3ac206818

Request Chain 165

https://tags.bluekai.com/site/29539?limit=1&id=2HcjvQJhnnWKexmKE56tauoX66ITenwzENzan_dBAxCU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=am83L0orb1E5OTlzZFdqTQ%3D%3D HTTP 302
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEOjsnSnqvXPR4k_y_GHlVJ8&google_cver=1

Request Chain 166

https://pixel.tapad.com/idsync/ex/receive?partner_id=3081&partner_device_id=2SK8-ant5U8HIkuY_BGhKpdWpfP-nFDylCs7q4IgmBwI HTTP 302
https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D4bd454ba-cdd9-4072-ace3-b44ebbe421b7%252C HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8274292330252133132&pt=4bd454ba-cdd9-4072-ace3-b44ebbe421b7%2C

Request Chain 167

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=51md42u HTTP 302
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7320511249085752497&newuser=1&referrer_pid=51md42u

Request Chain 168

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u HTTP 302
https://ps.eyeota.net/match?uid=8274292330252133132&bid=2cr76e1&referrer_pid=51md42u

Request Chain 169

https://api.retargetly.com/getuid?p=1625&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6bqoi0v%26referrer_pid%3D51md42u%26uid%3D%25rlid%25 HTTP 302
https://api.retargetly.com/getuid?p=1625&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6bqoi0v%26referrer_pid%3D51md42u%26uid%3D%25rlid%25&_rlid=3020259f-573e-468a-9f7b-4b03cb384703 HTTP 302
https://ps.eyeota.net/match?bid=6bqoi0v&referrer_pid=51md42u&uid=3020259f-573e-468a-9f7b-4b03cb384703

Request Chain 173

https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=f32z-y955v5kK7H7K3uqrioq4f5kKLL1fS9RGYsV

Request Chain 175

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RmVEeGZTWkg4dFc2OG0yWlNFR3J2VEdx&gdpr=0 HTTP 302
https://ap.lijit.com/dsp/google/reporting?gdpr=0

Request Chain 176

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=83&3pid=L95WFQUN-E-I48T&gdpr=0

Request Chain 177

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=L95WFQNF-B-GZGF&gdpr=0

Request Chain 178

https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=fmx HTTP 302
https://x.bidswitch.net/sync?dsp_id=188&user_id=-KtNLnI_S1xAM7aW8EK62ZU4mbg&user_group=1&ssp=fmx&gdpr=0 HTTP 302
https://ce.lijit.com/merge?pid=26&3pid=82ae6f57-cf67-4347-a1b7-35b22eb6a653&gdpr=0&gdpr_consent=

Request Chain 179

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Da97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253Da97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=a97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Da97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ce.lijit.com/merge?pid=16&3pid=a97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341&gdpr=0&gdpr_consent=

Request Chain 180

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=FeDxfSZH8tW68m2ZSEGrvTGq&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=3&3pid=5e3e6346-f7a3-4400-98de-74a4ca85ba85&gdpr=0&gdpr_consent=

Request Chain 181

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RmVEeGZTWkg4dFc2OG0yWlNFR3J2VEdx&gdpr=0

Request Chain 182

https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1665595299986 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7689957251 HTTP 302
https://sync.1rx.io/usersync/tradedesk/3e5930d9-9ed8-4653-aa55-d261af64125b HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-a8c2ae2f-b4e4-407a-9ba2-d1b750d89238-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-a8c2ae2f-b4e4-407a-9ba2-d1b750d89238-005 HTTP 302
https://ce.lijit.com/merge?pid=56&3pid=RX-a8c2ae2f-b4e4-407a-9ba2-d1b750d89238-005

Request Chain 183

https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://ce.lijit.com/merge?pid=85&3pid=AADFvU7Gje8AAB2zsYrbcQ&gdpr=0

Request Chain 184

https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent= HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q7188817001893117966&ref=%2Feucm%2Fp%2Fsv HTTP 302
https://px.owneriq.net/fr/epx.gif

Request Chain 185

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=10&3pid=2810035082281571204

Request Chain 186

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=87&3pid=2750a7d0-905b-47c2-acf6-c0b4544a7891

Request Chain 187

https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=92&3pid=8274292330252133132&gdpr=0&gdpr_consent=

Request Chain 188

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=49&3pid=GLMRszG2FzR4&ev=1&pid=558511&gdpr_consent=&gdpr=0

Request Chain 189

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
https://ce.lijit.com/merge?pid=86&3pid=P57OHTP1ok86ZT0DlIAm&pi=sovrn&gdpr=0&gdpr_consent=&tc=1

Request Chain 190

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=FeDxfSZH8tW68m2ZSEGrvTGq/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=53649b85c5a1c379f223fbf3ac206818&gdpr=0&gdpr_consent=

Request Chain 191

https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t

Request Chain 192

https://aorta.clickagy.com/pixel.gif?ch=185&cm=FeDxfSZH8tW68m2ZSEGrvTGq&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=84&3pid=c:3aa7923fefdd3a12652425a78e4d5e19

Request Chain 194

https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=27&3pid=3e5930d9-9ed8-4653-aa55-d261af64125b&gdpr=0&gdpr_consent=

Request Chain 195

https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=12&3pid=8274292330252133132&gdpr=0&gdpr_consent=

Request Chain 198

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=1&3pid=7320511249085752497&gdpr=0&gdpr_consent=

Request Chain 200

https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=

Request Chain 205

https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7320511249085752497&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 206

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Y0b3pAABUd3hXABU HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y0b3pAABUd3hXABU&_test=Y0b3pAABUd3hXABU

Request Chain 208

https://match.adsrvr.org/track/cmf/openx?oxid=4f5f8729-c231-32e3-5a27-21d6933b46bb&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=3e5930d9-9ed8-4653-aa55-d261af64125b&ttd_puid=4f5f8729-c231-32e3-5a27-21d6933b46bb&gdpr=0&gdpr_consent=

Request Chain 210

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEoJHOa_2twDkSid7El-5zg&google_cver=1

Request Chain 215

https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16101%26tp%3DADEL%26tpid%3D%24{ADELPHIC_CUID}%26gdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=16101&tp=ADEL&tpid=1b82f197-ac37-455b-a8d0-b5c42b455378&gdpr=0

Request Chain 216

https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=53649b85c5a1c379f223fbf3ac206818 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=53649b85c5a1c379f223fbf3ac206818&dcc=t

Request Chain 218

https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=3e5930d9-9ed8-4653-aa55-d261af64125b/gdpr=0/gdpr_consent=

Request Chain 220

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=53649b85c5a1c379f223fbf3ac206818&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=540&dpuuid=4bd454ba-cdd9-4072-ace3-b44ebbe421b7&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D4bd454ba-cdd9-4072-ace3-b44ebbe421b7%252Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D4bd454ba-cdd9-4072-ace3-b44ebbe421b7 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=4bd454ba-cdd9-4072-ace3-b44ebbe421b7&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D4bd454ba-cdd9-4072-ace3-b44ebbe421b7%252Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D4bd454ba-cdd9-4072-ace3-b44ebbe421b7 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=40291979834938687024243178591311341333&pt=4bd454ba-cdd9-4072-ace3-b44ebbe421b7%2Chttps%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D4bd454ba-cdd9-4072-ace3-b44ebbe421b7 HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=4bd454ba-cdd9-4072-ace3-b44ebbe421b7

Request Chain 224

https://aorta.clickagy.com/pixel.gif?ch=120&cm=53649b85c5a1c379f223fbf3ac206818 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:3aa7923fefdd3a12652425a78e4d5e19&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D HTTP 302
https://d.agkn.com/pixel/10751/?che=1665595300560&ip=149.56.153.184&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D213150604302010044177 HTTP 302
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=213150604302010044177 HTTP 302
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:3aa7923fefdd3a12652425a78e4d5e19&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D HTTP 302
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=40291979834938687024243178591311341333 HTTP 302
https://idsync.rlcdn.com/420246.gif?partner_uid=c:3aa7923fefdd3a12652425a78e4d5e19 HTTP 307
https://aorta.clickagy.com/pixel.gif?ch=114&cm=53ddeb39db9561e8b25dc3b8fa95ce40718a00d11075dbbc00f7f2250f7f57fb25abae5358c0e7bc HTTP 302
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:3aa7923fefdd3a12652425a78e4d5e19&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D HTTP 302
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=40291979834938687024243178591311341333 HTTP 302
https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:3aa7923fefdd3a12652425a78e4d5e19/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D HTTP 302
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=120&cm=53649b85c5a1c379f223fbf3ac206818 HTTP 302
https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D HTTP 302
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=a97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:3aa7923fefdd3a12652425a78e4d5e19&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D HTTP 302
https://d.agkn.com/pixel/10751/?che=1665595301115&ip=149.56.153.184&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D213150604302010044177 HTTP 302
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=213150604302010044177 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzozYWE3OTIzZmVmZGQzYTEyNjUyNDI1YTc4ZTRkNWUxOQ HTTP 302
https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEOAfg4kjEjh1L1G-T4laPio&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D HTTP 302
https://aorta.clickagy.com/pixel.gif?ch=4&cm=50d1b3cc-904b-0ead-2cb2-ba977709488a&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D

Request Chain 225

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=53649b85c5a1c379f223fbf3ac206818 HTTP 302
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=53649b85c5a1c379f223fbf3ac206818

Request Chain 227

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap/c=6569/tp=STKA/tpid=0-f8ab4d2e-723f-4b5c-4033-b696f042bad9$ip$149.56.153.184&gdpr=0/gdpr_consent=

Request Chain 228

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-ijs_YVZE2pzJX7Q42hfvfFhfEhuV4aR3V.s-~A&gdpr=0

Request Chain 229

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26src=lot%26gdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=5e3e6346-f7a3-4400-98de-74a4ca85ba85&src=lot&gdpr=0

Request Chain 230

https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=a97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341/gdpr=0

Request Chain 232

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Y0b3pAABUd3hXABU/gdpr=0

Request Chain 236

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/53649b85c5a1c379f223fbf3ac206818/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7320511249085752497/gdpr=0

Request Chain 237

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=14210161 HTTP 302
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8274292330252133132/gdpr=0/rand=14210161

Request Chain 238

https://c1.adform.net/serving/cookie/match?party=14&cid=59D92590-354E-4F4D-8B00-51C9447E4FBA HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=59D92590-354E-4F4D-8B00-51C9447E4FBA

Request Chain 239

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0b3pAABUd3hXABU&gdpr=0&gdpr_consent=

Request Chain 240

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=59D92590-354E-4F4D-8B00-51C9447E4FBA&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=59D92590-354E-4F4D-8B00-51C9447E4FBA&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 241

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFERnZVN0dqZThBQUIyenNZcmJjUQ&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADFvU7Gje8AAB2zsYrbcQ&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 307
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADFvU7Gje8AAB2zsYrbcQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4277797524658549007 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADFvU7Gje8AAB2zsYrbcQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D4277797524658549007%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 302
https://match.prod.bidr.io/cookie-sync?userid=4277797524658549007&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AADFvU7Gje8AAB2zsYrbcQ&pid=558502&do=add HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADFvU7Gje8AAB2zsYrbcQ

Request Chain 242

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5e3e6346-f7a3-4400-98de-74a4ca85ba85&gdpr=0&gdpr_consent=

Request Chain 243

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8RhoqKEcPa3qTmqopR5x_aRPOq3qTWmm80p7Fo9r

Request Chain 245

https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=55b2bb9c-4a52-11ed-9767-329a2587c191

Request Chain 247

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-KtNLnI_S1xAM7aW8EK62ZU4mbg

Request Chain 248

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FPx7tNZu1OIFqk5&gdpr=0&gdpr_consent=

Request Chain 249

https://ums.acuityplatform.com/tum?umid=6 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=698850414500

Request Chain 250

https://ad.mrtnsvr.com/sync/pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=LlCdgc-tp

Request Chain 251

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-a8c2ae2f-b4e4-407a-9ba2-d1b750d89238-005&rndcb=1718320118 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=82ae6f57-cf67-4347-a1b7-35b22eb6a653&google_hm=ODJhZTZmNTctY2Y2Ny00MzQ3LWExYjctMzViMjJlYjZhNjUz HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEB7WHvPN2Uy__kvEpgmF1Ss&google_cver=1&ssp=adconductor&bsw_param=82ae6f57-cf67-4347-a1b7-35b22eb6a653 HTTP 302
https://sync.1rx.io/usersync/bidswitch/82ae6f57-cf67-4347-a1b7-35b22eb6a653?gdpr=&gdpr_consent= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-a8c2ae2f-b4e4-407a-9ba2-d1b750d89238-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-a8c2ae2f-b4e4-407a-9ba2-d1b750d89238-005 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a8c2ae2f-b4e4-407a-9ba2-d1b750d89238-005

Request Chain 252

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 253

https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=3349f5a2-0e0f-4c1d-8ec2-3cd1cb44b6c5&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=59D92590-354E-4F4D-8B00-51C9447E4FBA

Request Chain 255

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WdklkDVOT02LAFHJRH5Pug%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 256

https://idsync.rlcdn.com/420486.gif?partner_uid=59D92590-354E-4F4D-8B00-51C9447E4FBA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=3c8dc4ec53069d264f43eff12a4e38203a7b41b925fac95b1a25b853495ab1a5791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAzYzhkYzRlYzUzMDY5ZDI2NGY0M2VmZjEyYTRlMzgyMDNhN2I0MWI5MjVmYWM5NWIxYTI1Yjg1MzQ5NWFiMWE1NzkxNDI2YjU0MTdkY2UyMRAAGgwIpO-bmgYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAzYzhkYzRlYzUzMDY5ZDI2NGY0M2VmZjEyYTRlMzgyMDNhN2I0MWI5MjVmYWM5NWIxYTI1Yjg1MzQ5NWFiMWE1NzkxNDI2YjU0MTdkY2UyMRAAGgwIpO-bmgYSBAgCEABCAEoA&google_gid=CAESEJmMj-CZna4TQm0F_B91ATk&google_cver=1 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
https://idsync.rlcdn.com/458249.gif?partner_uid=de40ec62-3dd9-489e-9aaa-76c6a665829f

Request Chain 257

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5e3e6346-f7a3-4400-98de-74a4ca85ba85

Request Chain 258

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTlEOTI1OTAtMzU0RS00RjRELThCMDAtNTFDOTQ0N0U0RkJB&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 259

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFNa8IeY_sqNceGBOeP__3M&google_cver=1

Request Chain 260

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1C00CAD18F904BA79B8E5F327C0866BF

Request Chain 261

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7320511249085752497&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 262

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3e5930d9-9ed8-4653-aa55-d261af64125b

Request Chain 264

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=59D92590-354E-4F4D-8B00-51C9447E4FBA&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bPK3rnpE2uWUB37366lOQa2lKd6veRI-~A&gdpr=0&gdpr_consent=

Request Chain 265

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=98161c5f-8fb6-4302-9ae2-c07a3711b4d8&gdpr=0&gdpr_consent=

Request Chain 266

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8274292330252133132&gdpr=0&gdpr_consent=

Request Chain 267

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=59D92590-354E-4F4D-8B00-51C9447E4FBA&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=18689ff23c1c142a&is_secure=true&networkId=17100&version=1&nuid=59D92590-354E-4F4D-8B00-51C9447E4FBA&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHLBD86Kd0wQMCMtlLAAAAAAA&expiration=1665681700&nuid=59D92590-354E-4F4D-8B00-51C9447E4FBA&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 269

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341&gdpr=0&gdpr_consent=

Request Chain 270

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B341_F7A5F1C6_7905B4F6&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
https://pmp.mxptint.net/sn.ashx?ak=1

Request Chain 271

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=82ae6f57-cf67-4347-a1b7-35b22eb6a653 HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=2750a7d0-905b-47c2-acf6-c0b4544a7891&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=82ae6f57-cf67-4347-a1b7-35b22eb6a653&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 272

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3128883889331652583

Request Chain 281

https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7188817001893117966

Request Chain 283

https://gocm.c.appier.net/pubmatic HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=emPgJ_a4CGGZxk3qp_dGYw

Request Chain 284

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8cf33822-38bd-4642-8c75-b22c4163d57b-tucta407d27&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 286

https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=1b8ef0cc-622c-4dd9-9b4a-b80a9d45b654

Request Chain 287

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:1C00CAD18F904BA79B8E5F327C0866BF

Request Chain 288

https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
https://um.simpli.fi/epx

Request Chain 290

https://pixel.onaudience.com/?partner=214&mapped=59D92590-354E-4F4D-8B00-51C9447E4FBA HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=3e5930d9-9ed8-4653-aa55-d261af64125b&icm&gdpr=0&gdpr_consent=&cver HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=63888515040b29ab HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7b4ca9a4-a4c5-4d95-48e6-29685e7f6180&reqId=f95661ef-2d90-47d0-7e66-fbc9a1bdab0d&zcluid=63888515040b29ab&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEJbDHLMwHkf6srFfUit1THc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7b4ca9a4-a4c5-4d95-48e6-29685e7f6180&reqId=f95661ef-2d90-47d0-7e66-fbc9a1bdab0d&zcluid=63888515040b29ab&zdid=1332

Request Chain 291

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=59D92590-354E-4F4D-8B00-51C9447E4FBA&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=59D92590-354E-4F4D-8B00-51C9447E4FBA&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=59D92590-354E-4F4D-8B00-51C9447E4FBA&addseg=12,35,41

Request Chain 292

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=59D92590-354E-4F4D-8B00-51C9447E4FBA&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=59D92590-354E-4F4D-8B00-51C9447E4FBA&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 294

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8274292330252133132

Request Chain 295

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:99b799e9-2ca6-412d-a054-0ec2c24a90c2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

299 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
site.crefaz.com.br/ 73 KB
13 KB 705ms
138ms Document
text/html 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 664867dd66ad3ab253d04b78295013a661256585d911b6ce0027cd0e9e0bdb85

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 12444
Content-Type: text/html; charset=UTF-8
Date: Wed, 12 Oct 2022 17:21:35 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK bootstrap.css
site.crefaz.com.br/public/site/css/ 188 KB
25 KB 251ms
133ms Stylesheet
text/css 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/site/css/bootstrap.css
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 35fbb6dc3891aacaf1ffa07abec2344fdbc454aab533a2a03bcf93577eb7837b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jul 2020 15:00:07 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 25436

GET
H/1.1 200
OK all.css
site.crefaz.com.br/public/_plugins/fontawesome/css/ 68 KB
13 KB 382ms
130ms Stylesheet
text/css 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/_plugins/fontawesome/css/all.css
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 3c5e8c6ad66d889f3f73d3bd1d0f2e4945ebfbe47d28162ee206cd1b9e75d561

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jul 2020 15:17:46 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 12745

GET
H/1.1 200
OK owl.carousel.min.css
site.crefaz.com.br/public/_plugins/owlcarousel/assets/ 3 KB
1 KB 380ms
126ms Stylesheet
text/css 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/_plugins/owlcarousel/assets/owl.carousel.min.css
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jul 2020 15:10:07 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1072

GET
H/1.1 200
OK owl.theme.default.min.css
site.crefaz.com.br/public/_plugins/owlcarousel/assets/ 1018 B
787 B 381ms
127ms Stylesheet
text/css 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/_plugins/owlcarousel/assets/owl.theme.default.min.css
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 505fff817f37d43899275853aa6d6f4f3644b6abe2c420ad9cd6caab1ef147cb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jul 2020 15:10:06 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 483

GET
H/1.1 200
OK aos.css
site.crefaz.com.br/public/_plugins/aos-master/ 25 KB
2 KB 387ms
128ms Stylesheet
text/css 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/_plugins/aos-master/aos.css
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jul 2020 15:04:06 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2236

GET
H/1.1 200
OK animate.css
site.crefaz.com.br/public/_plugins/animate/ 25 KB
3 KB 389ms
129ms Stylesheet
text/css 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/_plugins/animate/animate.css
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: cb09ab0572c6a6549a782e2843218c00285cb737ae50fe29a5061ca96aff0234

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jul 2020 15:04:06 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2964

GET
H/1.1 200
OK ekko-lightbox.css
site.crefaz.com.br/public/_plugins/ekko-lightbox/ 7 KB
3 KB 388ms
128ms Stylesheet
text/css 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/_plugins/ekko-lightbox/ekko-lightbox.css
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 1c06835b9a36f8b7a5c9b5217ee934661d95764f18d96d9478a99b69785a95f0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jul 2020 15:04:07 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2660

GET
H/1.1 200
OK style.css
site.crefaz.com.br/public/site/css/ 25 KB
4 KB 509ms
127ms Stylesheet
text/css 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/site/css/style.css?v=f7be40964512936bb1cbf2146d51539d
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: dec6ed059e17c28d42fb8a1ed8331a8bf33ef2e4f5da5e685bcd9499570fa558

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Oct 2022 15:09:33 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3741

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 113ms
53ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-176320567-1

Requested by

Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab3b48a51fa0095c9e114541d037ed9b9fafe81273146dc654d7038281e5ce79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43478
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 12 Oct 2022 17:21:35 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
54 KB 109ms
47ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593761836866080

Requested by

Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4828ec758c63effea6e9715577aa6f42a28978d622c5da8ecb7fdd464a95714

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://site.crefaz.com.br/
Origin: https://site.crefaz.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54932
x-xss-protection: 0
server: cafe
etag: 17127518195075550082
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 17:21:35 GMT

GET
H/1.1 200
OK logo.png
site.crefaz.com.br/public/site/images/ 27 KB
27 KB 496ms
127ms Image
image/png 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site.crefaz.com.br/public/site/images/logo.png
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: c2554a95aa2ea2a3cb5e458b06a85efbe323e340cfaf5b09f7786594a80cef10

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:36 GMT
Last-Modified: Sat, 08 Oct 2022 20:32:52 GMT
Server: Apache/2.4.25 (Debian)
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 27802

GET
H/1.1 200
OK 0f6102cd69cf8ade9e65402c41eca697.png
site.crefaz.com.br/public/_upload/banners/ 2 MB
2 MB 135ms
134ms Image
image/png 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site.crefaz.com.br/public/_upload/banners/0f6102cd69cf8ade9e65402c41eca697.png
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: db239e8fa9839ac396a7d0c95eade99a91c935fe96ef1d079808c49e23b449ed

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:36 GMT
Last-Modified: Mon, 03 Oct 2022 21:10:49 GMT
Server: Apache/2.4.25 (Debian)
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 2301514

GET
H/1.1 200
OK 7c0323fc2719bd6b217480fb170c6c74.png
site.crefaz.com.br/public/_upload/banners/ 2 MB
2 MB 134ms
133ms Image
image/png 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site.crefaz.com.br/public/_upload/banners/7c0323fc2719bd6b217480fb170c6c74.png
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: dbe72f09a91d311ca2a7a553b9758a1339ad65a31ca84bd303a42dcda826d47d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:36 GMT
Last-Modified: Wed, 05 Oct 2022 13:47:35 GMT
Server: Apache/2.4.25 (Debian)
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2124631

GET
H/1.1 200
OK b7240f04d494017e008fd66badb17c4e.jpg
site.crefaz.com.br/public/_upload/banners/ 188 KB
189 KB 130ms
129ms Image
image/jpeg 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site.crefaz.com.br/public/_upload/banners/b7240f04d494017e008fd66badb17c4e.jpg
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: ad11145991e8936d18d8908d4666b783b5a03446148a0b594c14c6d4f33345bc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:36 GMT
Last-Modified: Mon, 10 Oct 2022 13:50:27 GMT
Server: Apache/2.4.25 (Debian)
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 192874
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK 3d0ed36de70c982f49aa91e31365fccd.png
site.crefaz.com.br/imagem/product/ 8 KB
9 KB 134ms
133ms Image
image/png 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site.crefaz.com.br/imagem/product/3d0ed36de70c982f49aa91e31365fccd.png
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 1c5f791c0e52380d5a9eb3373f416ebdc3d612a341e04474527325b73acb5f59

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-UA-Compatible: IE=Edge,chrome=1
Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:36 GMT
Server: Apache/2.4.25 (Debian)
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK acd13054617dac7677cf8fdd0283c364.png
site.crefaz.com.br/imagem/product/ 3 KB
3 KB 137ms
137ms Image
image/png 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site.crefaz.com.br/imagem/product/acd13054617dac7677cf8fdd0283c364.png
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 869f11c63d760ad4d6e2c701c3e091e869753489ac8c81e629ee8b3b87d013c5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-UA-Compatible: IE=Edge,chrome=1
Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:36 GMT
Server: Apache/2.4.25 (Debian)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 3080
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK 844469cd202b76975573aae6b3414670.png
site.crefaz.com.br/imagem/product/ 14 KB
15 KB 195ms
138ms Image
image/png 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site.crefaz.com.br/imagem/product/844469cd202b76975573aae6b3414670.png
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 6481774286cd0e449c74982b84b762ab357ffac99839b8ce915453216eaeb73f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-UA-Compatible: IE=Edge,chrome=1
Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:36 GMT
Server: Apache/2.4.25 (Debian)
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK consignado_bn_sm.png
site.crefaz.com.br/public/site/images/ 698 KB
698 KB 702ms
129ms Image
image/png 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site.crefaz.com.br/public/site/images/consignado_bn_sm.png
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 9968833c18eb01f63a79d31005d04b5135929c900cceafe2ddc3a768ce4e53e0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:36 GMT
Last-Modified: Mon, 31 Aug 2020 20:17:02 GMT
Server: Apache/2.4.25 (Debian)
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 714703

GET
H/1.1 200
OK 3c103651778b78d978f20eb4ed23e470.png
site.crefaz.com.br/imagem/post_home/ 27 KB
27 KB 605ms
160ms Image
image/png 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site.crefaz.com.br/imagem/post_home/3c103651778b78d978f20eb4ed23e470.png
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 6cde34c52a4f984caf80c2bbc4083e7bf94a795421870030570f3665c296a6eb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-UA-Compatible: IE=Edge,chrome=1
Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:36 GMT
Server: Apache/2.4.25 (Debian)
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK 3e66696b94222afe642cdc6ca1597907.png
site.crefaz.com.br/imagem/post_home/ 92 KB
92 KB 760ms
187ms Image
image/png 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site.crefaz.com.br/imagem/post_home/3e66696b94222afe642cdc6ca1597907.png
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: f359c23ee53e4d5e0d2a6714f18c26aa6001375eb5022db491c8025e6cf331d3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-UA-Compatible: IE=Edge,chrome=1
Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:36 GMT
Server: Apache/2.4.25 (Debian)
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK e52b30282a4b4830bf186f9f35d1bfde.jpg
site.crefaz.com.br/imagem/post_home/ 30 KB
30 KB 654ms
208ms Image
image/jpeg 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site.crefaz.com.br/imagem/post_home/e52b30282a4b4830bf186f9f35d1bfde.jpg
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 144250ab3d941df7a0674f8bec925b98c52cab8cbed693ae8a42b09d98b34a05

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-UA-Compatible: IE=Edge,chrome=1
Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:36 GMT
Server: Apache/2.4.25 (Debian)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK w2-min.png
site.crefaz.com.br/public/site/images/widget/ 46 KB
46 KB 571ms
130ms Image
image/png 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site.crefaz.com.br/public/site/images/widget/w2-min.png
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: c11ac6e82a7872d2d8fc94ccc52b128a64d4ce03911b0382fd4f7053aba4b834

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:36 GMT
Last-Modified: Tue, 21 Jul 2020 15:00:20 GMT
Server: Apache/2.4.25 (Debian)
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 47168

GET
H/1.1 200
OK w1-min.png
site.crefaz.com.br/public/site/images/widget/ 119 KB
120 KB 453ms
127ms Image
image/png 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site.crefaz.com.br/public/site/images/widget/w1-min.png
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 80249a2f6817dc753bbe9f7608345175b8258c28732d424dc39e32c8b481ee9c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:36 GMT
Last-Modified: Tue, 21 Jul 2020 15:00:19 GMT
Server: Apache/2.4.25 (Debian)
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 122220

GET
H/1.1 200
OK texto-empresa.png
site.crefaz.com.br/public/site/images/ 5 KB
5 KB 132ms
132ms Image
image/png 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site.crefaz.com.br/public/site/images/texto-empresa.png
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: bc20c3741d80467d0868bf4ab3a6bd38e08f833945d45872b4a0357226a0fbc7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:36 GMT
Last-Modified: Tue, 21 Jul 2020 15:00:18 GMT
Server: Apache/2.4.25 (Debian)
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 4646

GET
H/1.1 200
OK consultor-feliz-min.png
site.crefaz.com.br/public/site/images/ 35 KB
35 KB 127ms
127ms Image
image/png 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site.crefaz.com.br/public/site/images/consultor-feliz-min.png
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 3514e5a930e7bfe3750cf284c81c92a3e9ae8c6734d203576f791baec8adaef5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:37 GMT
Last-Modified: Tue, 21 Jul 2020 15:00:20 GMT
Server: Apache/2.4.25 (Debian)
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 35464

GET
H/1.1 200
OK crefaz-cc.png
site.crefaz.com.br/public/site/images/ 35 KB
35 KB 130ms
128ms Image
image/png 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site.crefaz.com.br/public/site/images/crefaz-cc.png
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 89491f6c4eb5fc95c1deb950756db1956fa3b815bf914ae841ab08937d063b48

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:37 GMT
Last-Modified: Tue, 21 Jul 2020 15:00:26 GMT
Server: Apache/2.4.25 (Debian)
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 35461

GET
H/1.1 200
OK banco-central.png
site.crefaz.com.br/public/site/images/ 2 KB
2 KB 131ms
131ms Image
image/png 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site.crefaz.com.br/public/site/images/banco-central.png
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: d013a6de9e987ab26608691e58c0e9a9f879aef05bc72b9fb92b03e28e05004e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:37 GMT
Last-Modified: Tue, 21 Jul 2020 15:00:27 GMT
Server: Apache/2.4.25 (Debian)
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 1635

GET
H/1.1 200
OK site-seguro.png
site.crefaz.com.br/public/site/images/ 8 KB
8 KB 133ms
132ms Image
image/png 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site.crefaz.com.br/public/site/images/site-seguro.png
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: e103e0b2ee95473cac5b4665d9994e04f17ea14e9492d40e31d190b9c4c7ed4c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:37 GMT
Last-Modified: Tue, 21 Jul 2020 15:00:26 GMT
Server: Apache/2.4.25 (Debian)
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 8129

GET
H/1.1 200
OK google-play-min.png
site.crefaz.com.br/public/site/images/ 14 KB
15 KB 134ms
128ms Image
image/png 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site.crefaz.com.br/public/site/images/google-play-min.png
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 0ce29307e2c6f727da0958e18f69890fae42e551944d552f1940bd5fa89233b8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:37 GMT
Last-Modified: Tue, 21 Jul 2020 15:00:23 GMT
Server: Apache/2.4.25 (Debian)
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 14822

GET
H/1.1 200
OK play-store-min.png
site.crefaz.com.br/public/site/images/ 22 KB
22 KB 128ms
127ms Image
image/png 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site.crefaz.com.br/public/site/images/play-store-min.png
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: f69f152ea4d7cc6732614a2d022898ff0226b38a1e42396eb86c946d59c46457

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:37 GMT
Last-Modified: Tue, 21 Jul 2020 15:00:16 GMT
Server: Apache/2.4.25 (Debian)
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 22433

GET
H2 200 s.js Show response
waust.at/ 8 KB
4 KB 77ms
31ms Script
application/x-javascript 2606:4700:20::681a:507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/s.js
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eee6ef188662ab76c29c720cab899af19bad8153a9c86d548d90b3fa46886fc9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 29 Aug 2022 18:12:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 437
etag: W/"630d0191-2142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5O5316ir53u5bd2Z%2BzBaICoulSLx2T%2BHJa6oYaMzjGFC%2FHRe4B7I80tibYFei3VUo7vwVO94QTE7dgCNrPNoIU4oRt3536%2FrSyTGTKffs4NgOg3EypDnSAvZXv%2BXEJUmypGxTsT9"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 759183477deeecfa-YUL
expires: Thu, 13 Oct 2022 17:14:18 GMT

GET
H2 200 jquery-3.4.1.js Show response
code.jquery.com/ 274 KB
81 KB 105ms
34ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.js
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:35 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-4472c"
vary: Accept-Encoding
x-hw: 1665595295.dop050.dc2.t,1665595295.cds080.dc2.hn,1665595295.cds093.dc2.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 82889

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
993 B 99ms
40ms Script
text/javascript 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

90a819d1bcd53371315ffe59df7224a76e07f597c721fbf84876c07965c82a9b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 580
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 17:21:35 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 57ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4228859
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6646
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27f6mRz0nzvWjk32zVdowvjZzOklA2ky1DOzIB9hBhqNLVYP8y3R8zaQe69KFa0VRh1W%2BbX8w1ev07uMviNKwxW15BrN0LNxXfa2x7H%2BOLbBu3PH3Ma3Bj%2Fua33x0bviUhJqz8B3ACs6O4%2BxqZz06ymF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7591834729467157-YUL
expires: Mon, 02 Oct 2023 17:21:35 GMT

GET
H/1.1 200
OK sweetalert.min.js Show response
site.crefaz.com.br/public/_plugins/sweetalert/ 40 KB
12 KB 131ms
129ms Script
application/javascript 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/_plugins/sweetalert/sweetalert.min.js
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: c0f91855a9bf8845ff8bb9d54ca750789fcb5ecf954cfd76ef0296b74f5d4d11

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jul 2020 15:10:09 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 11864

GET
H/1.1 200
OK bootstrap.min.js Show response
site.crefaz.com.br/public/site/js/ 57 KB
15 KB 141ms
134ms Script
application/javascript 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/site/js/bootstrap.min.js
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jul 2020 15:04:04 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 15437

GET
H/1.1 200
OK owl.carousel.js Show response
site.crefaz.com.br/public/_plugins/owlcarousel/ 91 KB
20 KB 144ms
137ms Script
application/javascript 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/_plugins/owlcarousel/owl.carousel.js
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 93ab8ae2581efb90c20445709b7402e82bf74100b1446860305bb5d118917775

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jul 2020 15:10:08 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 20223

GET
H/1.1 200
OK jquery-angled-border.min.js Show response
site.crefaz.com.br/public/_plugins/angled-border/ 890 B
814 B 140ms
133ms Script
application/javascript 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/_plugins/angled-border/jquery-angled-border.min.js
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 3b3a15a8665a14baf283938a12b3286e43bd7e83d73d0ce3b5ab8a65d0baa2da

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jul 2020 15:10:16 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 497

GET
H/1.1 200
OK aos.js Show response
site.crefaz.com.br/public/_plugins/aos-master/ 14 KB
5 KB 139ms
132ms Script
application/javascript 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/_plugins/aos-master/aos.js
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jul 2020 15:04:06 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4503

GET
H/1.1 200
OK ekko-lightbox.js Show response
site.crefaz.com.br/public/_plugins/ekko-lightbox/ 25 KB
7 KB 134ms
127ms Script
application/javascript 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/_plugins/ekko-lightbox/ekko-lightbox.js
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 3a08c09f7004688e621be6b48769b2a4d3eb84256805d88ebda95ac33e6f1068

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jul 2020 15:04:07 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6740

GET
H/1.1 200
OK jquery.mask.min.js Show response
site.crefaz.com.br/public/_plugins/jquery_mask/ 5 KB
2 KB 496ms
130ms Script
application/javascript 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/_plugins/jquery_mask/jquery.mask.min.js
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: f830833b6661d5fb63e23d3d245e91edc7c52aa547ca19eca7c91c7570483975

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jul 2020 15:10:16 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2158

GET
H/1.1 200
OK custom.js Show response
site.crefaz.com.br/public/site/js/ 11 KB
2 KB 132ms
132ms Script
application/javascript 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/site/js/custom.js
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 3618f6d58cb26b817eac329bed1320ff09d669ebfcbc0152e052d7596de1255e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:36 GMT
Content-Encoding: gzip
Last-Modified: Sat, 06 Nov 2021 18:18:55 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1988

GET
H/1.1 200
OK cookieconsent.min.css
site.crefaz.com.br/public/site/css/ 4 KB
1 KB 136ms
135ms Stylesheet
text/css 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/site/css/cookieconsent.min.css
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Aug 2020 13:11:19 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1182

GET
H/1.1 200
OK cookieconsent.min.js Show response
site.crefaz.com.br/public/site/js/ 19 KB
7 KB 130ms
130ms Script
application/javascript 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/site/js/cookieconsent.min.js
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 6f60a9fccc28f3949fb5c1c4ecad4fe0cfe3971840c8300d29e9cfa20b0964cf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Aug 2020 13:15:11 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 6515

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 75ms
17ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 12 Oct 2022 17:21:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26852
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: mqDEJpQhFXRG8uYz6uPwTCFePEz274deHoE/QDfiuUeV2lzn/+m4DLSrXeJW5/rXGgi9CvD/lrQJ4uHSdjvXhg==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
site.crefaz.com.br/public/_plugins/fontawesome/webfonts/ 74 KB
74 KB 249ms
128ms Font
application/octet-stream 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/_plugins/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/public/_plugins/fontawesome/css/all.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer: https://site.crefaz.com.br/public/_plugins/fontawesome/css/all.css
Origin: https://site.crefaz.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:36 GMT
Last-Modified: Tue, 21 Jul 2020 15:17:51 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 75440
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK Anteb-Regular.ttf
site.crefaz.com.br/public/site/fonts/ 150 KB
150 KB 263ms
126ms Font
application/font-sfnt 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/site/fonts/Anteb-Regular.ttf
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/public/site/css/style.css?v=f7be40964512936bb1cbf2146d51539d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 62e9d700a9082a651ffa0c9a5e8dc43b7877049d2b66573be2195497ac1fa477

Request headers

Referer: https://site.crefaz.com.br/public/site/css/style.css?v=f7be40964512936bb1cbf2146d51539d
Origin: https://site.crefaz.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:36 GMT
Last-Modified: Tue, 21 Jul 2020 15:00:10 GMT
Server: Apache/2.4.25 (Debian)
Content-Type: application/font-sfnt
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 153304

GET
H2 200 loader_36.js Show response
cdn.bitrix24.com.br/b13998917/crm/form/ 4 KB
2 KB 560ms
261ms Script
application/javascript 54.232.190.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bitrix24.com.br/b13998917/crm/form/loader_36.js?9253307
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.232.190.40 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-232-190-40.sa-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8ae72c845b5c6499279e87cd189cba9263e397b753a6bb5fe21b7b058f7bcaff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:36 GMT
content-encoding: gzip
last-modified: Mon, 03 Oct 2022 13:44:33 GMT
server: nginx
etag: W/"b3221ba937b47574ccba4860cf1f1c84"
content-type: application/javascript
cache-control: max-age=2592000
x-bitrix-lb: lb-sa
server-timing: t1;dur=0.129, t2;dur=0.129, t3;dur=0.000, tc1;dur=131000, tc2;dur=12000, tc3;dur=8
expires: Fri, 11 Nov 2022 17:21:36 GMT

GET
H/1.1 200
OK Anteb-Light.ttf
site.crefaz.com.br/public/site/fonts/ 143 KB
143 KB 232ms
130ms Font
application/font-sfnt 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/site/fonts/Anteb-Light.ttf
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/public/site/css/style.css?v=f7be40964512936bb1cbf2146d51539d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: efca06dea03245a162c8c18772260ce4a497562aa3dd18c0013b99ae865cde8b

Request headers

Referer: https://site.crefaz.com.br/public/site/css/style.css?v=f7be40964512936bb1cbf2146d51539d
Origin: https://site.crefaz.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:36 GMT
Last-Modified: Tue, 21 Jul 2020 15:00:11 GMT
Server: Apache/2.4.25 (Debian)
Content-Type: application/font-sfnt
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 146588

GET
H/1.1 200
OK fa-brands-400.woff2
site.crefaz.com.br/public/_plugins/fontawesome/webfonts/ 73 KB
73 KB 233ms
131ms Font
application/octet-stream 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/_plugins/fontawesome/webfonts/fa-brands-400.woff2
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/public/_plugins/fontawesome/css/all.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473

Request headers

Referer: https://site.crefaz.com.br/public/_plugins/fontawesome/css/all.css
Origin: https://site.crefaz.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:36 GMT
Last-Modified: Tue, 21 Jul 2020 15:17:50 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 74508
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK Anteb-Black.otf
site.crefaz.com.br/public/site/fonts/ 57 KB
57 KB 348ms
128ms Font
application/font-sfnt 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/site/fonts/Anteb-Black.otf
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/public/site/css/style.css?v=f7be40964512936bb1cbf2146d51539d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: dc6eccd8948d95d96d58b20b3bc73b6ae6eb3f5b72291bc89d7e832d5756bc91

Request headers

Referer: https://site.crefaz.com.br/public/site/css/style.css?v=f7be40964512936bb1cbf2146d51539d
Origin: https://site.crefaz.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:36 GMT
Last-Modified: Tue, 21 Jul 2020 15:00:15 GMT
Server: Apache/2.4.25 (Debian)
Content-Type: application/font-sfnt
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 58028

GET
H/1.1 200
OK Anteb-ExtraBlack.otf
site.crefaz.com.br/public/site/fonts/ 57 KB
57 KB 350ms
129ms Font
application/font-sfnt 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/public/site/fonts/Anteb-ExtraBlack.otf
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/public/site/css/style.css?v=f7be40964512936bb1cbf2146d51539d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 7077a374fc09bd4d82f0c7c6ec9df535ec55adb2620b6033b4ae5e0da218cee7

Request headers

Referer: https://site.crefaz.com.br/public/site/css/style.css?v=f7be40964512936bb1cbf2146d51539d
Origin: https://site.crefaz.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:36 GMT
Last-Modified: Tue, 21 Jul 2020 15:00:12 GMT
Server: Apache/2.4.25 (Debian)
Content-Type: application/font-sfnt
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 57908

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ 8 KB
9 KB 322ms
103ms Script
application/javascript 51.89.24.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fsite.crefaz.com.br%2F&j=
Requested by: Host: waust.at
URL: https://waust.at/s.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.70 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip70.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ac4825575e4b725108ed6e82ef04ea3a60ff7ee97280f4a09e61192810d832df

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:36 GMT
X-T: 0.641
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: ger1
Expires: Wed, 12 Oct 2022 17:21:35 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ 392 KB
157 KB 71ms
21ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

396c964c85a9b2e9a380bb18b1f6d51960f2bc7f7d4fd2bcf4754fc0ac443cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://site.crefaz.com.br/
Origin: https://site.crefaz.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 05:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159789
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 05:59:46 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/ 353 KB
125 KB 113ms
68ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_fy2021.js?bust=31070291

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593761836866080

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ade7199cfea494eec26ab3a8a57a55165c853af99da82ac1b864e63a7ee0a473

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127503
x-xss-protection: 0
server: cafe
etag: 7206401475504257190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 17:21:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221010/r20190131/ Frame 357E 10 KB
5 KB 80ms
18ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221010/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593761836866080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://site.crefaz.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 71392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 21:31:44 GMT
etag: 9671129459699598864
expires: Tue, 25 Oct 2022 21:31:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
74 KB 50ms
49ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MZJPDFCDG4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-176320567-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8bec5771ad67efd82ca2d22b0543ffe210aa2533cc2c792f015d53729372cc28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75482
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 12 Oct 2022 17:21:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 98ms
18ms Script
text/javascript 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-176320567-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Oct 2022 17:02:20 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1156
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 12 Oct 2022 19:02:20 GMT

GET
H3 200 141549590735079 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 90ms
62ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/141549590735079?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

055e578a53d9f5a28f795669cc5debafbd18b9299bf76c763f4effa12c3a0c16

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 12 Oct 2022 17:21:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: qFbV+8+kbM53zXUfT3o7TfCx85YRFtihqGxVFUuNSMpiTPx7cQ+nPZwRUxKZVPLH8f3l+oAvyw4VGOVKTeSxiw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
349 B 93ms
33ms Ping
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-MZJPDFCDG4&gtm=2oeaa0&_p=59723141&_gaz=1&cid=976293219.1665595296&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665595296&sct=1&seg=0&dl=https%3A%2F%2Fsite.crefaz.com.br%2F&dt=Crefaz%20-%20Financiamentos%20e%20Investimentos&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MZJPDFCDG4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:817::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://site.crefaz.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
349 B 107ms
31ms Ping
text/plain 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MZJPDFCDG4&cid=976293219.1665595296&gtm=2oeaa0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MZJPDFCDG4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://site.crefaz.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 110ms
37ms Image
image/gif 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MZJPDFCDG4&cid=976293219.1665595296&gtm=2oeaa0&aip=1&z=431592768

Requested by

Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 76ms
34ms XHR
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=59723141&t=pageview&_s=1&dl=https%3A%2F%2Fsite.crefaz.com.br%2F&ul=en-us&de=UTF-8&dt=Crefaz%20-%20Financiamentos%20e%20Investimentos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1536588822&gjid=1943371043&cid=976293219.1665595296&tid=UA-176320567-1&_gid=813280549.1665595296&_r=1&gtm=2ouaa0&z=375464024

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://site.crefaz.com.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://site.crefaz.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
701 B 92ms
41ms Script
text/javascript 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=site.crefaz.com.br&callback=_gfp_s_&client=ca-pub-6593761836866080&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_fy2021.js?bust=31070291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1d2dba5edbc20671a6779e8565388793fe281768e04dc36d59a907127b4cba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 120ms
40ms Script
application/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=site.crefaz.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_fy2021.js?bust=31070291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 106ms
40ms Script
application/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=site.crefaz.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_fy2021.js?bust=31070291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ECF0 603 B
67 B 101ms
50ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593761836866080&output=html&adk=1812271804&adf=3025194257&lmt=1665595296&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsite.crefaz.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665595296025&bpp=6&bdt=714&idt=309&shv=r20221010&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6515394352200&frm=20&pv=2&ga_vid=976293219.1665595296&ga_sid=1665595296&ga_hid=59723141&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531706%2C31069178%2C31070291%2C44773746%2C31067826&oid=2&pvsid=1541219906748436&tmod=1682398817&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=379

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_fy2021.js?bust=31070291

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://site.crefaz.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 17:21:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 84ms
33ms XHR
text/plain 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-176320567-1&cid=976293219.1665595296&jid=1536588822&gjid=1943371043&_gid=813280549.1665595296&_u=YADAAUAAAAAAACAAI~&z=91612762

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://site.crefaz.com.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 12 Oct 2022 17:21:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://site.crefaz.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 70ms
18ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=141549590735079&ev=PageView&dl=https%3A%2F%2Fsite.crefaz.com.br%2F&rl=&if=false&ts=1665595296445&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.2.1665595296443.1258706247&it=1665595296100&coo=false&rqm=GET

Requested by

Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 12 Oct 2022 17:21:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK / Show response
t.dtscout.com/idg/ Frame AA71 1 KB
750 B 302ms
102ms Document
text/html 51.89.24.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=51A0166559529668EDBB65A4077AE425
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fsite.crefaz.com.br%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.70 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip70.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b4a06c28ba3e48956f7f427cd4cafc7e34e6c2b97f918dc5ed1b1f4878c91ed2

Request headers

Referer: https://site.crefaz.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 12 Oct 2022 17:21:36 GMT
Expires: Wed, 12 Oct 2022 17:21:35 GMT
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 30 KB
10 KB 75ms
20ms Script
text/javascript 18.164.124.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fsite.crefaz.com.br%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-103.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caf00dccdfb24b237c2e763929bbdbf10d64d66606688390a39c6456fbddb409

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: ePoTNcv0DaSHt0vz0AKUJEI0tBAExaJ3
content-encoding: gzip
via: 1.1 a1128ada13f2f3694bc79e73c9d5598e.cloudfront.net (CloudFront)
date: Wed, 12 Oct 2022 12:01:01 GMT
last-modified: Thu, 25 Aug 2022 14:07:06 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 19236
etag: W/"c722c8e06c3a9be75b009576c49f7792"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: YTENaYHzVciOROSV_bCRJoownLvH_l7I900yYpmQoGZohC-dRAOx8Q==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ 2 KB
3 KB 188ms
47ms Script
application/javascript 3.136.124.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fsite.crefaz.com.br%2F&j=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.136.124.95 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-136-124-95.us-east-2.compute.amazonaws.com

Software

Resource Hash

161ecd6fd57fcb3b90b9d6dd278f9ee0ec8b54e826ff303a897003e9b735ffd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:36 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2273
Content-Type: application/javascript

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 51 B
319 B 308ms
101ms Script
application/javascript 51.89.24.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=site.crefaz.com.br&_ss=34tyz6aoju&_pv=1&_ls=0&_u1=1&_u3=1&_cc=ca&_pl=d&_cbid=4522&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fsite.crefaz.com.br%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.70 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip70.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b4f35e74abd99327074cd14cd3d8b762077b214d1149d8f08128117593ba1e81

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:36 GMT
X-T: 0.164
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Wed, 12 Oct 2022 17:21:35 GMT

GET
H2 200 app.js Show response
cdn.bitrix24.com.br/b13998917/crm/form/ 59 KB
19 KB 390ms
390ms Script
application/javascript 54.232.190.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bitrix24.com.br/b13998917/crm/form/app.js?19277
Requested by: Host: cdn.bitrix24.com.br
URL: https://cdn.bitrix24.com.br/b13998917/crm/form/loader_36.js?9253307
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.232.190.40 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-232-190-40.sa-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ab94a17042d33ca880f6ab7c69c351c3a61fc7cdd7a69a8119a18b9e5d630696

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:36 GMT
content-encoding: gzip
last-modified: Tue, 04 Oct 2022 21:04:18 GMT
server: nginx
etag: W/"dd44e29844df1520f9d8e7be8e933fc1"
content-type: application/javascript
cache-control: max-age=2592000
x-bitrix-lb: lb-sa
server-timing: t1;dur=0.125, t2;dur=0.126, t3;dur=0.000, tc1;dur=131000, tc2;dur=3000, tc3;dur=9
expires: Fri, 11 Nov 2022 17:21:36 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 535 B
942 B 151ms
48ms Fetch
application/json 99.84.119.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.119.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-119-117.ewr52.r.cloudfront.net
Software: /
Resource Hash: 338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:36 GMT
via: 1.1 ffa4b37ccdc94a8c62bf6b6414725210.cloudfront.net (CloudFront), 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C3, EWR52-C3
x-amzn-requestid: 41d69bc0-4af2-4469-ab56-877c072c4264
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Z5uhJH_DCYcFZ2A=
content-length: 535
x-amz-cf-id: l-D-2BoiWVpbjKC62U9yIVhBF_qf1GHppCOqME1YIiD4Zn7Z3tViUQ==

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 122ms
21ms Script
application/javascript 23.192.50.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.7915138337296346&stid=ZHwAA2NG96AAAAAJHTKaAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.192.50.25 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-50-25.deploy.static.akamaitechnologies.com

Software

Resource Hash

9d885c0f8004af3a49f5dabd6ec055095b6bfff710d5dabc88d21b8816f13384

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1362
Expires: Wed, 12 Oct 2022 18:21:36 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 42 B
265 B 37ms
37ms Image
image/gif 3.136.124.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fsite.crefaz.com.br%2F&event_source=dtscout&rnd=0.7915138337296346&exptid=ZHwAA2NG96AAAAAJHTKaAw%3D%3D&fcmp=false

Requested by

Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.136.124.95 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-136-124-95.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:36 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
whos.amung.us/pingjs/ 29 B
183 B 109ms
56ms Script
text/javascript 2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=w1io2s93fs&t=Crefaz%20-%20Financiamentos%20e%20Investimentos&c=s&x=https%3A%2F%2Fsite.crefaz.com.br%2F&y=&a=0&d=2.122&v=27&r=2019
Requested by: Host: waust.at
URL: https://waust.at/s.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f7ee71569e4a1e4bc39d3516786f0f662a89bc3732260405f608fcb44cce011

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:36 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7591834ce9a4713c-YUL
content-type: text/javascript;charset=UTF-8

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame FC66 43 KB
23 KB 148ms
88ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v&co=aHR0cHM6Ly9zaXRlLmNyZWZhei5jb20uYnI6NDQz&hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=normal&cb=baw4nc8u08qz

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4bee93474553372fbffcb8f0540484dc3128ce35916149a262662d4b6695562c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nn5e3ze9g5a2lkWN35rRCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://site.crefaz.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23119
content-security-policy: script-src 'report-sample' 'nonce-nn5e3ze9g5a2lkWN35rRCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 17:21:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 95B3 43 KB
23 KB 150ms
97ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3441a7abe717dfbaabf6d203bf0008304c79cbf4cd522a759f079e8bbcbf4409

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k3mgZ_GKWdaZGvR1690SOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://site.crefaz.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23197
content-security-policy: script-src 'report-sample' 'nonce-k3mgZ_GKWdaZGvR1690SOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 17:21:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 392E 43 KB
22 KB 117ms
68ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

144033a122bb4e6718fdfe3bdf0681bae01eecb10adee97b60f82b07782fbb37

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-C13vk75uYIWWLfI61UgCuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://site.crefaz.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22960
content-security-policy: script-src 'report-sample' 'nonce-C13vk75uYIWWLfI61UgCuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 17:21:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame D951 43 KB
23 KB 96ms
52ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

efee2450affa4241e2011810ad188ff037a977fe212e8698980a914ecd0d0e81

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5mNm_qfoFN_K76Fn3ShHpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://site.crefaz.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23116
content-security-policy: script-src 'report-sample' 'nonce-5mNm_qfoFN_K76Fn3ShHpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 17:21:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0AFF 43 KB
23 KB 93ms
56ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1fdfeb12aa655587de00e291c7d150cddae83f70b70bcaf4b09f1934ee1ce101

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SAHA_WNLF8AuqBlFdnzBUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://site.crefaz.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23091
content-security-policy: script-src 'report-sample' 'nonce-SAHA_WNLF8AuqBlFdnzBUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 17:21:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK uf Show response
site.crefaz.com.br/regiao/ 1 KB
2 KB 185ms
130ms XHR
application/json 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/regiao/uf
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 9a3ea25af9b6e70d61287ebbd186c5f43ddc41206fdfc25bfca2a96771673265

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://site.crefaz.com.br/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-UA-Compatible: IE=Edge,chrome=1
Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:36 GMT
Server: Apache/2.4.25 (Debian)
Content-Type: application/json
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 1462
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame D951 52 KB
24 KB 79ms
22ms Stylesheet
text/css 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v&co=aHR0cHM6Ly9zaXRlLmNyZWZhei5jb20uYnI6NDQz&hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=normal&cb=966yjya59z7k

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 05:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 05:58:59 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame D951 392 KB
156 KB 109ms
52ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

396c964c85a9b2e9a380bb18b1f6d51960f2bc7f7d4fd2bcf4754fc0ac443cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 05:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159789
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 05:59:46 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 0AFF 52 KB
24 KB 60ms
28ms Stylesheet
text/css 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 05:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 05:58:59 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 0AFF 392 KB
156 KB 50ms
21ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

396c964c85a9b2e9a380bb18b1f6d51960f2bc7f7d4fd2bcf4754fc0ac443cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 05:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159789
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 05:59:46 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 392E 52 KB
24 KB 38ms
36ms Stylesheet
text/css 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 05:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 05:58:59 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 392E 392 KB
156 KB 58ms
57ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

396c964c85a9b2e9a380bb18b1f6d51960f2bc7f7d4fd2bcf4754fc0ac443cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 05:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159789
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 05:59:46 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 7805 2 KB
1 KB 22ms
19ms Document
text/html 23.192.50.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1065.23347&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.7915138337296346&stid=ZHwAA2NG96AAAAAJHTKaAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.192.50.25 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-50-25.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://site.crefaz.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Wed, 12 Oct 2022 17:21:36 GMT
Expires: Wed, 19 Oct 2022 17:21:36 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame FC66 52 KB
24 KB 22ms
21ms Stylesheet
text/css 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 05:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 05:58:59 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame FC66 392 KB
156 KB 37ms
36ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

396c964c85a9b2e9a380bb18b1f6d51960f2bc7f7d4fd2bcf4754fc0ac443cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 05:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159789
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 05:59:46 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 95B3 52 KB
24 KB 24ms
22ms Stylesheet
text/css 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 05:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 05:58:59 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 95B3 392 KB
156 KB 35ms
32ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

396c964c85a9b2e9a380bb18b1f6d51960f2bc7f7d4fd2bcf4754fc0ac443cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 05:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159789
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 05:59:46 GMT

GET
H2 200 tc.js Show response
cdn.tynt.com/ 17 KB
7 KB 147ms
43ms Script
application/javascript 104.18.19.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: https://waust.at/s.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.39 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 937458495c30f567aeafe715f0164bfe061ab17aee4a34aabbf191f69a6d32ae

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 21 Jul 2022 14:57:29 GMT
server: cloudflare
age: 181416
etag: W/"62d96959-4599"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7591834f482fa216-YYZ
expires: Sat, 15 Oct 2022 17:21:37 GMT

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 51 KB
16 KB 451ms
47ms Script
text/javascript 108.138.128.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fsite.crefaz.com.br%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-28.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fca354380eb0e64845aeafe51483741f9613dc02e12c9d320f8d767ef4a66708

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 02:40:17 GMT
content-encoding: gzip
via: 1.1 8ee187646f657ced7afa83005e9249cc.cloudfront.net (CloudFront)
last-modified: Mon, 03 Oct 2022 19:27:53 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 52881
x-amz-server-side-encryption: AES256
etag: W/"8aa090b6c862733b7202647b1489d27d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: vuF7PG6n3bccEVbaQlV9urApUBP_6psT0QqrZBHzThcg8GE11-Z5vw==

GET
H/1.1 200
OK / Show response
t.dtscdn.com/widget/ 0
407 B 112ms
26ms Script
application/javascript 45.55.120.93
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0166559529668EDBB65A4077AE425&nid=0&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fsite.crefaz.com.br%2F&r=
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fsite.crefaz.com.br%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.120.93 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: application/javascript; charset=UTF-8
Date: Wed, 12 Oct 2022 17:29:11 GMT
X-T: 0.99
Cache-Control: no-cache
x-server: web13.ny1.dtscdn.com
Transfer-Encoding: chunked
Expires: Wed, 12 Oct 2022 17:29:10 GMT

GET
H2 200 e Show response
a.dtssrv.com/ 21 B
591 B 385ms
45ms XHR
application/json 2606:4700:e0::ac40:6a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/e?i=51A0166559529668EDBB65A4077AE425
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fsite.crefaz.com.br%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80a314118acf197b6c359ed5dfed4ebe0727d7b9ff3b2a8c3559fe6e3ddfb702

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: cache
date: Wed, 12 Oct 2022 17:21:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IsxL1jngolkpcqcHidrwCAsQw4oPHby%2FdMn0YCPd4bc3utY7e8xtA76NVrwfTKsrJolpEjuWN%2BCPNt%2B4iVN%2FEMv%2B6QNiuG9eIu5lpk5kvnW5T3KO9Tiv7MX73N134mBgbVFIzzDlaHrmEQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://site.crefaz.com.br
cache-control: s-maxage=0
access-control-allow-credentials: true
cf-ray: 7591835129ca1768-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 12 Oct 2022 19:21:37 GMT

GET
H2

200

5386
tags.bluekai.com/site/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=51A0166559529668EDBB65A4077AE425
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=0692f68dd70f498f7f92631d848253f2&gdpr=0
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=63888515040b29ab/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=63888515040b29ab/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=53649b85c5a1c379f223fbf3ac206818&gdpr=0
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=a209b2d67f8673d7
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
https://tags.bluekai.com/site/5386?id=3e5930d9-9ed8-4653-aa55-d261af64125b&gdpr=0&gdpr_consent=

62 B
356 B

107ms
107ms

Image
image/gif

173.223.57.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5386?id=3e5930d9-9ed8-4653-aa55-d261af64125b&gdpr=0&gdpr_consent=
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: H2
Server: 173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-84.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 12 Oct 2022 17:21:39 GMT
content-length: 62
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:39 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://tags.bluekai.com/site/5386?id=3e5930d9-9ed8-4653-aa55-d261af64125b&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 221

GET
H/1.1 200
OK / Show response
site.crefaz.com.br/regiao/cidade/ 0
481 B 134ms
131ms XHR
text/html 200.95.188.69
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://site.crefaz.com.br/regiao/cidade/
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.95.188.69 Rio de Janeiro, Brazil, ASN26592 (EQUINIX BRASIL, BR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://site.crefaz.com.br/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-UA-Compatible: IE=Edge,chrome=1
Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:37 GMT
Server: Apache/2.4.25 (Debian)
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=92
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 136C 0
18 B 46ms
18ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://site.crefaz.com.br
Referer: https://site.crefaz.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://site.crefaz.com.br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 17:21:37 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ 6 KB
2 KB 116ms
22ms Script
text/javascript 108.139.29.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-7.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78009d649db9f062dc6e568dd4f35e634440b36534d063f788f465af1f3397d9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: qV9NCsYZSqBrcH4UHbD8Pmp65zU2fPAA
content-encoding: gzip
via: 1.1 baec235d174153a8f2e92ea724643824.cloudfront.net (CloudFront)
date: Wed, 12 Oct 2022 16:40:08 GMT
last-modified: Thu, 25 Aug 2022 05:23:07 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2490
etag: W/"c0cf56fa6d8f9665d6e8f16542e3ba9e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: goQIIIW3AcSsr0SX39uchZ4mwiGkxDOZV02SfHItDw_3lL-7SXw0Jg==

GET
H2 200 app.bundle.min.css
crefaz.bitrix24.com.br/bitrix/js/crm/site/form/dist/ 70 KB
16 KB 320ms
307ms Stylesheet
text/css 54.232.190.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://crefaz.bitrix24.com.br/bitrix/js/crm/site/form/dist/app.bundle.min.css?19277

Requested by

Host: cdn.bitrix24.com.br
URL: https://cdn.bitrix24.com.br/b13998917/crm/form/app.js?19277

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.232.190.40 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-232-190-40.sa-east-1.compute.amazonaws.com

Software

nginx /

Resource Hash

608a5bab291239d703eb2d84f60e40565aef3ee7219b48ab0f668a0821e5a62a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:37 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
last-modified: Wed, 03 Aug 2022 14:45:36 GMT
server: nginx
content-encoding: gzip
etag: W/"62ea8a10-1177e"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-bitrix-lb: lb-sa
server-timing: t1;dur=0.000, t2;dur=, t3;dur=, tc1;dur=131125, tc2;dur=1250, tc3;dur=5
x-bitrix-ri: c51ec74bbf61e3284a9747da8c1d77f4
expires: Fri, 11 Nov 2022 14:28:55 GMT

GET
H2 200 app.bundle.min.js Show response
crefaz.bitrix24.com.br/bitrix/js/crm/site/form/dist/ 288 KB
96 KB 406ms
395ms Script
application/x-javascript 54.232.190.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://crefaz.bitrix24.com.br/bitrix/js/crm/site/form/dist/app.bundle.min.js?19277

Requested by

Host: cdn.bitrix24.com.br
URL: https://cdn.bitrix24.com.br/b13998917/crm/form/app.js?19277

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.232.190.40 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-232-190-40.sa-east-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cfc0f5dc4176226e318f7096353fbd790d9046c3c78c6de1aa2890079c88d97f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:37 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
last-modified: Fri, 02 Sep 2022 09:17:21 GMT
server: nginx
content-encoding: gzip
etag: W/"6311ca21-48089"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=2592000
x-bitrix-lb: lb-sa
server-timing: t1;dur=0.000, t2;dur=, t3;dur=, tc1;dur=131125, tc2;dur=1250, tc3;dur=5
x-bitrix-ri: 02b4c161dfd46e4db76017369c2ead95
expires: Fri, 11 Nov 2022 14:28:38 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1065.23347/a/CA/ Frame 9251 20 KB
9 KB 31ms
30ms Script
text/javascript 23.192.50.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1065.23347/a/CA/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1065.23347&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.192.50.25 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-50-25.deploy.static.akamaitechnologies.com

Software

Resource Hash

57f461d70ea6aa694687fb33c4ee5987c2f4f45122ad378406920842dfad3d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1065.23347&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:37 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8748
Expires: Wed, 19 Oct 2022 17:21:37 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame D951 102 B
134 B 40ms
39ms Other
text/javascript 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3e86250780a5aa52bcbceec8988230c96440f6f61d0681a0cdd72446bcc0d96e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v&co=aHR0cHM6Ly9zaXRlLmNyZWZhei5jb20uYnI6NDQz&hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=normal&cb=966yjya59z7k
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 17:21:37 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0AFF 102 B
134 B 42ms
41ms Other
text/javascript 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3e86250780a5aa52bcbceec8988230c96440f6f61d0681a0cdd72446bcc0d96e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v&co=aHR0cHM6Ly9zaXRlLmNyZWZhei5jb20uYnI6NDQz&hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=normal&cb=mbklwjuovdvh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 17:21:37 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 392E 102 B
134 B 39ms
38ms Other
text/javascript 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3e86250780a5aa52bcbceec8988230c96440f6f61d0681a0cdd72446bcc0d96e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v&co=aHR0cHM6Ly9zaXRlLmNyZWZhei5jb20uYnI6NDQz&hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=normal&cb=4z2tucjw3j90
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 17:21:37 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame FC66 102 B
134 B 39ms
38ms Other
text/javascript 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3e86250780a5aa52bcbceec8988230c96440f6f61d0681a0cdd72446bcc0d96e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v&co=aHR0cHM6Ly9zaXRlLmNyZWZhei5jb20uYnI6NDQz&hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=normal&cb=baw4nc8u08qz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 17:21:37 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 95B3 102 B
134 B 53ms
52ms Other
text/javascript 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3e86250780a5aa52bcbceec8988230c96440f6f61d0681a0cdd72446bcc0d96e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v&co=aHR0cHM6Ly9zaXRlLmNyZWZhei5jb20uYnI6NDQz&hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=normal&cb=rp5jd86zd9p7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 17:21:37 GMT

GET
H/1.1

200
OK

v2 Show response
ap.lijit.com/readerinfo/
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
466 B

77ms
25ms

Fetch
application/json

63.251.114.182
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Server: 63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 72f622f837cd8245cb52142b229894d797a781ee2797672806fc486b6b66e4d5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://site.crefaz.com.br
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

Redirect headers

Date: Wed, 12 Oct 2022 17:21:38 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin: https://site.crefaz.com.br
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap7ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 200 p
ic.tynt.com/b/ 35 B
581 B 128ms
41ms Image
image/gif 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!w1io2s93fs&lm=0&ts=1665595298162&dn=TC&iso=0&img=https%3A%2F%2Fsite.crefaz.com.br%2Fpublic%2Fsite%2Fimages%2Fdestaque-banner.png&ct=Financiamentos%20e%20Investimentos&t=Crefaz%20-%20Financiamentos%20e%20Investimentos&cu=https%3A%2F%2Fsite.crefaz.com.br%2F
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:38 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
etag: "4bc8846c-23"
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H/1.1 200
OK test_oracle Show response
pd.sharethis.com/pd/ Frame E080 438 B
675 B 38ms
37ms Script
application/javascript 3.136.124.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/test_oracle

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1065.23347&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.136.124.95 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-136-124-95.us-east-2.compute.amazonaws.com

Software

Resource Hash

9851f295477d310f11cfcadd7d95aa3e6b4f31139d38fa5a7327bb1a04e3fd69

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:38 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 438
Content-Type: application/javascript

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame 9251
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=3e5930d9-9ed8-4653-aa55-d261af64125b&gdpr=0&gdpr_consent=

42 B
297 B

166ms
46ms

Image
image/gif

3.134.32.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=3e5930d9-9ed8-4653-aa55-d261af64125b&gdpr=0&gdpr_consent=

Requested by

Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/

Protocol

HTTP/1.1

Server

3.134.32.50 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-134-32-50.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:38 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHwAA2NG96AAAAAJHTKaAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:38 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.sharethis.com/ttd?uid=3e5930d9-9ed8-4653-aa55-d261af64125b&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 215

GET
H/1.1

200
OK

nlsn
sync.sharethis.com/ Frame 9251
Redirect Chain

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1
https://sync.sharethis.com/nlsn?uid=f4161dc54b8ae364269f4a38120c5681

42 B
297 B

202ms
36ms

Image
image/gif

3.134.32.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/nlsn?uid=f4161dc54b8ae364269f4a38120c5681

Requested by

Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/

Protocol

HTTP/1.1

Server

3.134.32.50 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-134-32-50.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:38 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHwAA2NG96AAAAAJHTKaAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

date: Wed, 12 Oct 2022 17:21:38 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://sync.sharethis.com/nlsn?uid=f4161dc54b8ae364269f4a38120c5681
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame 9251
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=2Pn1ZfEddsLCyonAJfw9t09ni6BuoxZ26vOFGQ_k1d2U&gdpr=0&gdpr_consent=

42 B
297 B

164ms
46ms

Image
image/gif

3.134.32.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=2Pn1ZfEddsLCyonAJfw9t09ni6BuoxZ26vOFGQ_k1d2U&gdpr=0&gdpr_consent=

Requested by

Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/

Protocol

HTTP/1.1

Server

3.134.32.50 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-134-32-50.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:38 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHwAA2NG96AAAAAJHTKaAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=2Pn1ZfEddsLCyonAJfw9t09ni6BuoxZ26vOFGQ_k1d2U&gdpr=0&gdpr_consent=
Date: Wed, 12 Oct 2022 17:21:38 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H3

200

csync.ashx
ml314.com/ Frame 9251
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHwAA2NG96AAAAAJHTKaAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3630704673834926100
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzMDcwNDY3MzgzNDkyNjEwMBAAGg0Iou-bmgYSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=6fd0e4bb6616a9e74de5d0345a6c9cc76c66e53f9838affc99e78e7a4ab698aaf4cb09cee1a4f8eb&person_id=3630704673834926100&eid=50082

43 B
60 B

54ms
30ms

Image
image/gif

34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=6fd0e4bb6616a9e74de5d0345a6c9cc76c66e53f9838affc99e78e7a4ab698aaf4cb09cee1a4f8eb&person_id=3630704673834926100&eid=50082
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: H3
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:38 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 13 Oct 2022 13:21:39 GMT

Redirect headers

date: Wed, 12 Oct 2022 17:21:38 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=6fd0e4bb6616a9e74de5d0345a6c9cc76c66e53f9838affc99e78e7a4ab698aaf4cb09cee1a4f8eb&person_id=3630704673834926100&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

oracle
sync.sharethis.com/ Frame 9251
Redirect Chain

https://tags.bluekai.com/site/59574?id=ZHwAA2NG96AAAAAJHTKaAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

42 B
297 B

166ms
46ms

Image
image/gif

3.134.32.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Requested by

Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/

Protocol

HTTP/1.1

Server

3.134.32.50 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-134-32-50.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:38 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHwAA2NG96AAAAAJHTKaAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
date: Wed, 12 Oct 2022 17:21:38 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 v2 Show response
de.tynt.com/deb/ 2 KB
3 KB 110ms
34ms Script
application/javascript 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!w1io2s93fs&dn=TC&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 0517819f0901d9fc23641bc20f4e2803281384dbc630010cc51461d5accbcc07

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Wed, 12 Oct 2022 17:21:38 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length: 2368
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 9CD1 7 KB
1 KB 42ms
41ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

47b69299fcdc714a44c75167a15c62f244f2cc7983a63ba14e280fcf42a8900e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bhE8owJETO1t1qLbEifojQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://site.crefaz.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1119
content-security-policy: script-src 'report-sample' 'nonce-bhE8owJETO1t1qLbEifojQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 17:21:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 310B 7 KB
1 KB 41ms
40ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a5d0f05d3285489d0eb6c6e381f3f9acf3092b5af1eb828a3119216a9b16189e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-T5d8Q3-ZAiEeglT2tWdawA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://site.crefaz.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1118
content-security-policy: script-src 'report-sample' 'nonce-T5d8Q3-ZAiEeglT2tWdawA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 17:21:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame D069 7 KB
1 KB 41ms
40ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3b431f3de5278d3a68afb8199755ffa976125e150b5d873dc1e69a6d8e4c1af7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3uF2C4tQK-beX44s1_yDHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://site.crefaz.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1118
content-security-policy: script-src 'report-sample' 'nonce-3uF2C4tQK-beX44s1_yDHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 17:21:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 8D7D 7 KB
1 KB 42ms
41ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

96005966e305fb5a2e97fcdc373d73c8259c12374a6fc4e0cda3095fa8a742df

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MS7369gSHrFJKqhWlcgBBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://site.crefaz.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1119
content-security-policy: script-src 'report-sample' 'nonce-MS7369gSHrFJKqhWlcgBBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 17:21:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 54C9 7 KB
1 KB 47ms
45ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b88b79c11133b62028e896587f9beaab3a317d2f47a16025d89c267456668961

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oqHUlA8uzhoyo0_SrexeEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://site.crefaz.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1117
content-security-policy: script-src 'report-sample' 'nonce-oqHUlA8uzhoyo0_SrexeEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 17:21:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
19ms Image
image/gif 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=59723141&t=event&_s=2&dl=https%3A%2F%2Fsite.crefaz.com.br%2F&ul=en-us&de=UTF-8&dt=Crefaz%20-%20Financiamentos%20e%20Investimentos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Preenchimento%20do%20formul%C3%A1rio%20%22QUER%20CONTRATAR%20UM%20EMPR%C3%89STIMO%3F%22%2C%20%2336&ea=Visualiza%C3%A7%C3%A3o%20do%20formul%C3%A1rio%20%2336&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=976293219.1665595296&tid=UA-176320567-1&_gid=813280549.1665595296&gtm=2ouaa0&z=1874541699

Requested by

Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 05:02:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 44376
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
20ms Image
image/gif 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=59723141&t=pageview&_s=3&dl=https%3A%2F%2Fsite.crefaz.com.br%2F&dp=B24_36_VIEW.html&ul=en-us&de=UTF-8&dt=Crefaz%20-%20Financiamentos%20e%20Investimentos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=976293219.1665595296&tid=UA-176320567-1&_gid=813280549.1665595296&gtm=2ouaa0&z=1587859299

Requested by

Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 05:02:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 44376
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 9CD1 52 KB
24 KB 27ms
26ms Stylesheet
text/css 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 05:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 05:58:59 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 9CD1 392 KB
156 KB 28ms
27ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

396c964c85a9b2e9a380bb18b1f6d51960f2bc7f7d4fd2bcf4754fc0ac443cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 05:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159789
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 05:59:46 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 310B 52 KB
24 KB 27ms
19ms Stylesheet
text/css 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 05:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 05:58:59 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 310B 392 KB
156 KB 30ms
23ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

396c964c85a9b2e9a380bb18b1f6d51960f2bc7f7d4fd2bcf4754fc0ac443cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 05:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159789
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 05:59:46 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame D069 52 KB
24 KB 30ms
24ms Stylesheet
text/css 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 05:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 05:58:59 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame D069 392 KB
156 KB 37ms
30ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

396c964c85a9b2e9a380bb18b1f6d51960f2bc7f7d4fd2bcf4754fc0ac443cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 05:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159789
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 05:59:46 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 8D7D 52 KB
24 KB 29ms
21ms Stylesheet
text/css 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 05:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 05:58:59 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 8D7D 392 KB
156 KB 30ms
22ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

396c964c85a9b2e9a380bb18b1f6d51960f2bc7f7d4fd2bcf4754fc0ac443cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 05:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159789
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 05:59:46 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 54C9 52 KB
24 KB 32ms
31ms Stylesheet
text/css 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 05:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 05:58:59 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 54C9 392 KB
156 KB 47ms
46ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Led8bgUAAAAAP4rGDKk7P86YLxNSS4DU_GXep3v

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

396c964c85a9b2e9a380bb18b1f6d51960f2bc7f7d4fd2bcf4754fc0ac443cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 05:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159789
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 05:59:46 GMT

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ Frame E080 51 KB
16 KB 156ms
44ms Script
application/javascript 104.97.114.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.97.114.133 Atlanta, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-97-114-133.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Wed, 12 Oct 2022 17:21:38 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Wed, 19 Oct 2022 17:21:38 GMT

GET
H2 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 796E 0
0 135ms
28ms Document
text/plain 108.139.29.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=65801
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-24.jfk50.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer: https://site.crefaz.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

date: Wed, 12 Oct 2022 17:21:38 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
server: Apache-Coyote/1.1
via: 1.1 33aae203c47fd9e0f18a8f3f6d37fbfc.cloudfront.net (CloudFront)
x-amz-cf-id: V5NJxzzJLNY8ylcPNyW57tPPYYnTFW6k0GHNbTBM1ZJe08Q1VWxm7w==
x-amz-cf-pop: JFK50-P2
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

59074
i6.liadm.com/s/
Redirect Chain

https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=FeDxfSZH8tW68m2ZSEGrvTGq&rnd=94426
https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=FeDxfSZH8tW68m2ZSEGrvTGq&rnd=94426&_li_chk=true&previous_uuid=4c5501ce7815404eb6d4cc9a9fe162f8
https://i6.liadm.com/s/59074?bidder_id=204553&rnd=94426&bidder_uuid=FeDxfSZH8tW68m2ZSEGrvTGq

43 B
436 B

80ms
25ms

Image
image/gif

2600:1f18:ed:550a:18eb:75ae:dc51:d648
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/59074?bidder_id=204553&rnd=94426&bidder_uuid=FeDxfSZH8tW68m2ZSEGrvTGq

Requested by

Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/

Protocol

HTTP/1.1

Server

2600:1f18:ed:550a:18eb:75ae:dc51:d648 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:39 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/59074?bidder_id=204553&rnd=94426&bidder_uuid=FeDxfSZH8tW68m2ZSEGrvTGq
Date: Wed, 12 Oct 2022 17:21:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=FeDxfSZH8tW68m2ZSEGrvTGq&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_ra...
https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=FeDxfSZH8tW68m2ZSEGrvTGq&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_ra...
https://ce.lijit.com/merge?pid=5014&3pid=bdb73cb7fa1d2d997631c0cad4683fc3

43 B
999 B

25ms
25ms

Image
image/gif

23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5014&3pid=bdb73cb7fa1d2d997631c0cad4683fc3
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:39 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=5014&3pid=bdb73cb7fa1d2d997631c0cad4683fc3
date: Wed, 12 Oct 2022 17:21:39 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7591835b7fd9f99d-YYZ
content-length: 0
p3p: CP='NON DSP COR CONi OUR BUS CNT'

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match?r=58164
https://ce.lijit.com/merge?pid=2&3pid=1C00CAD18F904BA79B8E5F327C0866BF

43 B
679 B

89ms
25ms

Image
image/gif

23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=1C00CAD18F904BA79B8E5F327C0866BF
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:39 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Wed, 12 Oct 2022 17:21:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=1C00CAD18F904BA79B8E5F327C0866BF
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 11 Oct 2022 17:21:38 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=FeDxfSZH8tW68m2ZSEGrvTGq&rnd=71802
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=FeDxfSZH8tW68m2ZSEGrvTGq&rnd=71802&_li_chk=true&previous_uuid=dabe74e5b0d24c54a6015f83ffd097f6
https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=4c5501ce-7815-404e-b6d4-cc9a9fe162f8&liid=&_ct=im
https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=2623deb45a5f3350d84876bf90306ec0
https://x.bidswitch.net/sync?dsp_id=42&user_id=
https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=

43 B
510 B

44ms
44ms

Image
image/gif

35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
Date: Wed, 12 Oct 2022 17:21:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame B5C0 85 B
481 B 21ms
19ms Document
text/html 18.164.124.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-103.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://site.crefaz.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 727572
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 04 Oct 2022 07:15:26 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 a1128ada13f2f3694bc79e73c9d5598e.cloudfront.net (CloudFront)
x-amz-cf-id: eeveg5Z4rjdlqLOJ22l4lBoZxAqHNfN6LiBkt-50SuGazawkzg1NTQ==
x-amz-cf-pop: JFK50-P7
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2

200

27519 Show response
tags.bluekai.com/site/ Frame E930
Redirect Chain

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1665595298458.5&r=true
https://tags.bluekai.com/site/27519?id=212002981022435&ret=html&random=1665595299

71 B
561 B

105ms
104ms

Document
text/html

173.223.57.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/27519?id=212002981022435&ret=html&random=1665595299
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=w!w1io2s93fs&dn=TC&cc=1&r=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-84.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer: https://site.crefaz.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

bk-server: 57cb
content-length: 71
content-type: text/html
date: Wed, 12 Oct 2022 17:21:39 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
date: Wed, 12 Oct 2022 17:21:38 GMT
expires: Thu, 01-Jan-70 00:00:01 GMT
location: https://tags.bluekai.com/site/27519?id=212002981022435&ret=html&random=1665595299
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma: no-cache
referrer-policy: unsafe-url
server: 33XP001
x-33x-status: 400000000040080C

GET
H2 200 lotame-sync.html Show response
cdn-tc.33across.com/ Frame B463 343 B
458 B 124ms
26ms Document
text/html 104.18.35.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tc.33across.com/lotame-sync.html
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=w!w1io2s93fs&dn=TC&cc=1&r=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.34 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120

Request headers

Referer: https://site.crefaz.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 95483
cache-control: public, max-age=259200
cf-cache-status: HIT
cf-ray: 7591835ab980a246-YYZ
content-encoding: gzip
content-type: text/html
date: Wed, 12 Oct 2022 17:21:39 GMT
etag: W/"62d96946-157"
expires: Sat, 15 Oct 2022 17:21:39 GMT
last-modified: Thu, 21 Jul 2022 14:57:10 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2

200

push
ws.rqtrk.eu/
Redirect Chain

https://ws.rqtrk.eu/push?dmp=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&pid=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&g=1&tr=1&uid=CoIKR2NG96JTs74uB2g7Ag%3D%3D&cb=1665595298458.1&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=e09figb&ttd_tpi=1
https://ws.rqtrk.eu/push?pid=6109d77d-65b6-4ad2-ab8c-7cb7994fb314&dmp=ttdw&uid=3e5930d9-9ed8-4653-aa55-d261af64125b

43 B
302 B

13ms
12ms

Image
image/gif

15.235.42.104
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.rqtrk.eu/push?pid=6109d77d-65b6-4ad2-ab8c-7cb7994fb314&dmp=ttdw&uid=3e5930d9-9ed8-4653-aa55-d261af64125b
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: H2
Server: 15.235.42.104 , Canada, ASN16276 (OVH, FR),
Reverse DNS: haproxy-ca-003.roqad.pl
Software: istio-envoy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:39 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type: image/gif
cache-control: no-cache,private
x-envoy-upstream-service-time: 2
content-length: 43
expires: Wed, 12 Oct 2022 17:21:38 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:39 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ws.rqtrk.eu/push?pid=6109d77d-65b6-4ad2-ab8c-7cb7994fb314&dmp=ttdw&uid=3e5930d9-9ed8-4653-aa55-d261af64125b
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 261

GET
H2

204

3e5930d9-9ed8-4653-aa55-d261af64125b
map.go.affec.tv/map/ttd/
Redirect Chain

https://map.go.affec.tv/map/3a/?pid=CoIKR2NG96JTs74uB2g7Ag%3D%3D&us_privacy=&ts=1665595298458.2
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D6346f7a3c2d1f500013392fd%26chc%3Dtt%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D6346f7a3c2d1f500013392fd%2526chc%253Dtt%2526gdpr%253D%2526gdpr_consent%253D%25...
https://map.go.affec.tv/map/an/8274292330252133132?ch=6346f7a3c2d1f500013392fd&chc=tt&gdpr=&gdpr_consent=&redirect_url=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&ch=6346f7a3c2d1f500013392fd&chc=tt%7Can&gdpr=&gdpr_consent=&redirect_url=
https://map.go.affec.tv/map/ttd/3e5930d9-9ed8-4653-aa55-d261af64125b?ttd_puid=&gdpr=0&gdpr_consent=

0
563 B

27ms
25ms

Image
text/plain

34.232.121.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://map.go.affec.tv/map/ttd/3e5930d9-9ed8-4653-aa55-d261af64125b?ttd_puid=&gdpr=0&gdpr_consent=
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: H2
Server: 34.232.121.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-121-75.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:39 GMT
content-encoding: gzip
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:39 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://map.go.affec.tv/map/ttd/3e5930d9-9ed8-4653-aa55-d261af64125b?ttd_puid=&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 229

GET
H2

204

usermatch.gif
beacon.krxd.net/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKR2NG96JTs74uB2g7Ag%3D%3D&us_privacy=&random=1665595298458.3&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKR2NG96JTs74uB2g7Ag%3D%3D&us_privacy=&random=1665595298458.3&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4bd454ba-cdd9-4072-ace3-b44ebbe421b7%252Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad&gdpr=...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3e5930d9-9ed8-4653-aa55-d261af64125b&ttd_puid=4bd454ba-cdd9-4072-ace3-b44ebbe421b7%2Chttps%3A%2F%2Fusermatch.krxd.net%2Fu...
https://usermatch.krxd.net/um/v2?partner=tapad
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad

0
338 B

100ms
24ms

Image
text/plain

52.3.27.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: H2
Server: 52.3.27.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-27-31.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-served-by: beacon-n031-ash-prod.krxd.net
date: Wed, 12 Oct 2022 17:21:39 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1665595299
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
date: Wed, 12 Oct 2022 17:21:39 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a008-ash-prod.krxd.net

GET
H3

200

405716.gif
idsync.rlcdn.com/
Redirect Chain

https://dp2.33across.com/ps/?pid=1205&rand=1665595298458.4&r=true
https://idsync.rlcdn.com/405716.gif?partner_uid=2370916972571

42 B
60 B

46ms
45ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/405716.gif?partner_uid=2370916972571
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:39 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:38 GMT
referrer-policy: unsafe-url
server: 33XP005
x-33x-status: 4000000000004000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://idsync.rlcdn.com/405716.gif?partner_uid=2370916972571
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKR2NG96JTs74uB2g7Ag%3D%3D&us_privacy=&33random=1665595298458.6&cat=33across
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mi1IdmhlMXBPS2V6M1dQNWs4dUxGWF9NTnFOTkJTVmgzdDl1Z3dpZ1cydEU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEBLKNGI65ujJPGVHFxIrm0A&google_cver=1

70 B
440 B

29ms
28ms

Image
image/gif

50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEBLKNGI65ujJPGVHFxIrm0A&google_cver=1
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 12 Oct 2022 17:21:39 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEBLKNGI65ujJPGVHFxIrm0A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://spl.zeotap.com/z.png?zdid=239&ctry=CA&env=mWeb&eventType=pageview&zpb=w%21w1io2s93fs&zpbcat=Financial+Services&zcluid=CoIKR2NG96JTs74uB2g7Ag%3D%3D&us_privacy=&ziid=1665595298458.7
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=7b4ca9a4-a4c5-4d95-48e6-29685e7f6180&reqId=ce350ea3-1550-4bd9-5b62-...
https://mwzeom.zeotap.com/mw?adnxs_uid=8274292330252133132&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=7b4ca9a4-a4c5-4d95-48e6-29685e7f6180&reqId=ce350ea3-1550-4bd9-5b62-fb8a97faeaaa&...

95 B
169 B

109ms
104ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?adnxs_uid=8274292330252133132&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=7b4ca9a4-a4c5-4d95-48e6-29685e7f6180&reqId=ce350ea3-1550-4bd9-5b62-fb8a97faeaaa&us_privacy=&zcluid=CoIKR2NG96JTs74uB2g7Ag==&zdid=239&ziid=1665595298458.7&zpb=w!w1io2s93fs&zpbcat=Financial%20Services
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:39 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://site.crefaz.com.br
access-control-allow-credentials: true
cf-ray: 7591835d8e50ca5f-YUL
access-control-allow-headers: *
content-length: 95

Redirect headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:39 GMT
AN-X-Request-Uuid: 0570f763-35c6-4bb5-a234-e9e26c458727
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://mwzeom.zeotap.com/mw?adnxs_uid=8274292330252133132&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=7b4ca9a4-a4c5-4d95-48e6-29685e7f6180&reqId=ce350ea3-1550-4bd9-5b62-fb8a97faeaaa&us_privacy=&zcluid=CoIKR2NG96JTs74uB2g7Ag==&zdid=239&ziid=1665595298458.7&zpb=w!w1io2s93fs&zpbcat=Financial Services
Connection: keep-alive
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

mapuid
secure.adnxs.com/
Redirect Chain

https://dp1.33across.com/ps/?pid=669&uid=CoIKR2NG96JTs74uB2g7Ag%3D%3D&us_privacy=&random=1665595298458.9&r=true
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212002981022435&seg_code=33x&random=1665595299

43 B
963 B

55ms
18ms

Image
image/gif

68.67.179.164
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/mapuid?t=2&member=1001&user=212002981022435&seg_code=33x&random=1665595299

Requested by

Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/

Protocol

HTTP/1.1

Server

68.67.179.164 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:39 GMT
AN-X-Request-Uuid: adf16205-e8da-4290-a53f-c194c3c35c46
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:38 GMT
referrer-policy: unsafe-url
server: 33XP005
x-33x-status: 402044000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://secure.adnxs.com/mapuid?t=2&member=1001&user=212002981022435&seg_code=33x&random=1665595299
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1

204
NO CONTENT

/
partner.mediawallahscript.com/
Redirect Chain

https://ws.rqtrk.eu/push?dmp=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&pid=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&g=1&tr=1&uid=CoIKR2NG96JTs74uB2g7Ag%3D%3D&cb=1665595298458.10&gdpr_consent=
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2098&uid=7bd40d8a-afa7-4fd5-bf8b-b1861337a448&custom=&tag_format=img&tag_action=sync&cb=1665595794&rurl=https://ws.rqtrk.eu/push?dm...

0
232 B

426ms
99ms

Image
text/html

34.247.240.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2041&partner_id=2098&uid=7bd40d8a-afa7-4fd5-bf8b-b1861337a448&custom=&tag_format=img&tag_action=sync&cb=1665595794&rurl=https://ws.rqtrk.eu/push?dmp%3De873dca0-85f0-4b95-bfab-a8d855ece660%26uid%3D00000000-0000-0000-0000-000000000000
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Server: 34.247.240.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-240-231.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.20.0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:39 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
location: https://partner.mediawallahscript.com/?account_id=2041&partner_id=2098&uid=7bd40d8a-afa7-4fd5-bf8b-b1861337a448&custom=&tag_format=img&tag_action=sync&cb=1665595794&rurl=https://ws.rqtrk.eu/push?dmp%3De873dca0-85f0-4b95-bfab-a8d855ece660%26uid%3D00000000-0000-0000-0000-000000000000
cache-control: no-cache,private
x-envoy-upstream-service-time: 1
content-length: 0
expires: Wed, 12 Oct 2022 17:21:38 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKR2NG96JTs74uB2g7Ag%3D%3D&us_privacy=&33random=1665595298458.11&cat=33across
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?uid=3e5930d9-9ed8-4653-aa55-d261af64125b&bid=1e2n4ou

70 B
440 B

31ms
25ms

Image
image/gif

50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=3e5930d9-9ed8-4653-aa55-d261af64125b&bid=1e2n4ou
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 12 Oct 2022 17:21:39 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:39 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ps.eyeota.net/match?uid=3e5930d9-9ed8-4653-aa55-d261af64125b&bid=1e2n4ou
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 191

GET
H2 200 push
ws.rqtrk.eu/ 43 B
152 B 14ms
12ms Image
image/gif 15.235.42.104
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.rqtrk.eu/push?dmp=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&pid=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&g=1&tr=1&uid=CoIKR2NG96JTs74uB2g7Ag%3D%3D&cb=1665595298458.12&gdpr_consent=
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.42.104 , Canada, ASN16276 (OVH, FR),
Reverse DNS: haproxy-ca-003.roqad.pl
Software: istio-envoy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:39 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type: image/gif
cache-control: no-cache,private
x-envoy-upstream-service-time: 1
content-length: 43
expires: Wed, 12 Oct 2022 17:21:38 GMT

GET
H2 200 push
ws.rqtrk.eu/ 43 B
152 B 13ms
11ms Image
image/gif 15.235.42.104
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.rqtrk.eu/push?dmp=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&pid=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&g=1&tr=1&uid=CoIKR2NG96JTs74uB2g7Ag%3D%3D&cb=1665595298458.13&gdpr_consent=
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.42.104 , Canada, ASN16276 (OVH, FR),
Reverse DNS: haproxy-ca-003.roqad.pl
Software: istio-envoy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:39 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type: image/gif
cache-control: no-cache,private
x-envoy-upstream-service-time: 1
content-length: 43
expires: Wed, 12 Oct 2022 17:21:38 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame B5C0 766 B
1 KB 20ms
19ms Script
text/javascript 18.164.124.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-103.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 11 Oct 2022 06:24:30 GMT
via: 1.1 a1128ada13f2f3694bc79e73c9d5598e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 125829
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: KRA4f_sz3dM4Hicmho669tgn0FMJHfSHzwO_WQHf3nlMu_vbgstFhQ==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16311/ Frame B463 29 KB
29 KB 31ms
29ms Script
text/javascript 108.138.128.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Requested by: Host: cdn-tc.33across.com
URL: https://cdn-tc.33across.com/lotame-sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-28.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 742451fdc2781b02e4d414c5cb363fe035e482856c13245e3c96c00872995d74

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn-tc.33across.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 16:25:15 GMT
via: 1.1 8ee187646f657ced7afa83005e9249cc.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 18:06:21 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 3385
x-amz-server-side-encryption: AES256
etag: "4a94b9a46316c2b68248813a2bc5fbd7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
accept-ranges: bytes
content-length: 29536
x-amz-cf-id: JVgP6-3jc3jmLgCJff5TvzmACC5u0hz0BPWK2gKcjMmJbdnYPYZJcg==

GET
H2

200

5386 Show response
tags.bluekai.com/site/ Frame 1540
Redirect Chain

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHwAA2NG96AAAAAJHTKaAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1065.23347%26cid%3Dc010%26...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
https://tags.bluekai.com/site/5386?id=3e5930d9-9ed8-4653-aa55-d261af64125b&gdpr=0&gdpr_consent=

62 B
356 B

104ms
103ms

Document
image/gif

173.223.57.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/5386?id=3e5930d9-9ed8-4653-aa55-d261af64125b&gdpr=0&gdpr_consent=
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-84.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://t.sharethis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 62
content-type: image/gif
date: Wed, 12 Oct 2022 17:21:39 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

cache-control: private,no-cache, must-revalidate
content-length: 221
content-type: text/html
date: Wed, 12 Oct 2022 17:21:39 GMT
location: https://tags.bluekai.com/site/5386?id=3e5930d9-9ed8-4653-aa55-d261af64125b&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame B463 227 B
607 B 64ms
40ms XHR
application/json 107.20.181.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.181.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-181-84.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ca73adfaf208532963e6b2a40e354ded272faab763e2087f652cdeae529714b9

Request headers

Referer: https://cdn-tc.33across.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:39 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://cdn-tc.33across.com
cache-control: no-cache
x-server: 10.40.10.233
access-control-allow-credentials: true
content-length: 227
expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=FeDxfSZH8tW68m2ZSEGrvTGq/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
https://ce.lijit.com/merge?pid=5001&3pid=53649b85c5a1c379f223fbf3ac206818

43 B
1 KB

34ms
34ms

Image
image/gif

23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=53649b85c5a1c379f223fbf3ac206818
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:39 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:39 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=53649b85c5a1c379f223fbf3ac206818
cache-control: no-cache
x-server: 10.40.33.133
content-length: 0
expires: 0

GET
H/1.1 200
OK pixel Show response
ps.eyeota.net/ 793 B
1 KB 27ms
26ms Script
application/javascript 50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: c154633ef0224cdcab68ab42a907a64049442888cbca75573ae614e8b82caa54

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: application/javascript
Date: Wed, 12 Oct 2022 17:21:39 GMT
Content-Length: 793
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1 200
OK sovrn_standalone_beacon.js Show response
ap.lijit.com/www/sovrn_beacon_standalone/ 6 KB
3 KB 24ms
24ms Script
text/javascript 63.251.114.182
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Apr 2020 20:06:40 GMT
Server: nginx
ETag: W/"5e8cdd50-17e9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Methods: GET
Cache-Control: max-age=604800, must-revalidate
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ewr1
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 19 Oct 2022 17:21:39 GMT

GET
H2

200

2981
tags.bluekai.com/site/
Redirect Chain

https://tags.bluekai.com/site/29539?limit=1&id=2HcjvQJhnnWKexmKE56tauoX66ITenwzENzan_dBAxCU
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=am83L0orb1E5OTlzZFdqTQ%3D%3D
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEOjsnSnqvXPR4k_y_GHlVJ8&google_cver=1

62 B
356 B

139ms
139ms

Image
image/gif

173.223.57.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEOjsnSnqvXPR4k_y_GHlVJ8&google_cver=1
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: H2
Server: 173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-84.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 12 Oct 2022 17:21:39 GMT
content-length: 62
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEOjsnSnqvXPR4k_y_GHlVJ8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

receive
pixel.tapad.com/idsync/ex/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3081&partner_device_id=2SK8-ant5U8HIkuY_BGhKpdWpfP-nFDylCs7q4IgmBwI
https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D4bd454ba-cdd9-4072-ace3-b44ebbe421b7%252C
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8274292330252133132&pt=4bd454ba-cdd9-4072-ace3-b44ebbe421b7%2C

95 B
113 B

42ms
40ms

Image
image/png

107.178.246.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8274292330252133132&pt=4bd454ba-cdd9-4072-ace3-b44ebbe421b7%2C

Requested by

Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/

Protocol

Server

107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.246.178.107.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/png
date: Wed, 12 Oct 2022 17:21:39 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:39 GMT
AN-X-Request-Uuid: 5f37f747-c44c-46f0-b8fa-5f81ef9163d2
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8274292330252133132&pt=4bd454ba-cdd9-4072-ace3-b44ebbe421b7%2C
Connection: keep-alive
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=51md42u
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7320511249085752497&newuser=1&referrer_pid=51md42u

70 B
440 B

27ms
26ms

Image
image/gif

50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7320511249085752497&newuser=1&referrer_pid=51md42u
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 12 Oct 2022 17:21:39 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7320511249085752497&newuser=1&referrer_pid=51md42u
pragma: no-cache
date: Wed, 12 Oct 2022 17:21:38 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u
https://ps.eyeota.net/match?uid=8274292330252133132&bid=2cr76e1&referrer_pid=51md42u

70 B
440 B

27ms
26ms

Image
image/gif

50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=8274292330252133132&bid=2cr76e1&referrer_pid=51md42u
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 12 Oct 2022 17:21:39 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:39 GMT
AN-X-Request-Uuid: a1a0bb5d-4a3c-49ff-a276-b420ca96c1ab
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://ps.eyeota.net/match?uid=8274292330252133132&bid=2cr76e1&referrer_pid=51md42u
Connection: keep-alive
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://api.retargetly.com/getuid?p=1625&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6bqoi0v%26referrer_pid%3D51md42u%26uid%3D%25rlid%25
https://api.retargetly.com/getuid?p=1625&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6bqoi0v%26referrer_pid%3D51md42u%26uid%3D%25rlid%25&_rlid=3020259f-573e-468a-9f7b-...
https://ps.eyeota.net/match?bid=6bqoi0v&referrer_pid=51md42u&uid=3020259f-573e-468a-9f7b-4b03cb384703

70 B
440 B

29ms
29ms

Image
image/gif

50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=6bqoi0v&referrer_pid=51md42u&uid=3020259f-573e-468a-9f7b-4b03cb384703
Requested by: Host: site.crefaz.com.br
URL: https://site.crefaz.com.br/
Protocol: HTTP/1.1
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 12 Oct 2022 17:21:39 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:39 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/png
location: https://ps.eyeota.net/match?bid=6bqoi0v&referrer_pid=51md42u&uid=3020259f-573e-468a-9f7b-4b03cb384703
access-control-allow-origin: *
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control: no-cache
cf-ray: 7591835dabd17144-YUL
expires: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 113ms
66ms XHR
application/json 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221010&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_fy2021.js?bust=31070291

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e25a3e464e48f9c7fbb3122c66b7840570ac5a5915061e67a530acdc96f4d2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11305
x-xss-protection: 0

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ 4 KB
1 KB 63ms
20ms XHR
application/json 108.138.128.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-28.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer: https://site.crefaz.com.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 12 Oct 2022 13:23:01 GMT
content-encoding: gzip
via: 1.1 205b9099637a29b949f9be6dceccecec.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
age: 14319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 03 Oct 2022 19:27:53 GMT
server: AmazonS3
etag: W/"6db43f44304c37d76768275ee4f01ba4"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age: 86400
x-amz-cf-id: RghsaMgahB8kUCjnvIYSegfqpQ0nyjQFjSAB5Fz4nlJyzDhKXDLeZA==

GET
H/1.1 200
OK beacon Show response
ap.lijit.com/ Frame F140 5 KB
6 KB 26ms
25ms Document
text/html 63.251.114.182
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 41baa0abe257cf1bdec11e7edd90b02f165fcda00b40e9f6675687f11a719407

Request headers

Referer: https://site.crefaz.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length: 5532
Content-Type: text/html
Date: Wed, 12 Oct 2022 17:21:39 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap7ewr1

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame F140
Redirect Chain

https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=f32z-y955v5kK7H7K3uqrioq4f5kKLL1fS9RGYsV

43 B
2 KB

36ms
25ms

Image
image/gif

23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=f32z-y955v5kK7H7K3uqrioq4f5kKLL1fS9RGYsV
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:39 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:39 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=f32z-y955v5kK7H7K3uqrioq4f5kKLL1fS9RGYsV
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK beacon
ap.lijit.com/ Frame F140 3 KB
3 KB 31ms
29ms Image
image/avif 63.251.114.182
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/beacon?gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:39 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/avif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ewr1
Content-Length: 5690
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1

200
OK

reporting
ap.lijit.com/dsp/google/ Frame F140
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RmVEeGZTWkg4dFc2OG0yWlNFR3J2VEdx&gdpr=0
https://ap.lijit.com/dsp/google/reporting?gdpr=0

43 B
552 B

25ms
24ms

Image
image/gif

63.251.114.182
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/dsp/google/reporting?gdpr=0
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ap.lijit.com/dsp/google/reporting?gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame F140
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=83&3pid=L95WFQUN-E-I48T&gdpr=0

43 B
3 KB

66ms
26ms

Image
image/gif

23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=83&3pid=L95WFQUN-E-I48T&gdpr=0
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ce.lijit.com/merge?pid=83&3pid=L95WFQUN-E-I48T&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 19600bc21eacf9565125744d917cac10
Expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame F140
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=80&3pid=L95WFQNF-B-GZGF&gdpr=0

43 B
2 KB

61ms
30ms

Image
image/gif

23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=L95WFQNF-B-GZGF&gdpr=0
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ce.lijit.com/merge?pid=80&3pid=L95WFQNF-B-GZGF&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5c765cf7d1bd0738e8bf9e7ecb99ef6d
Expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame F140
Redirect Chain

https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=fmx
https://x.bidswitch.net/sync?dsp_id=188&user_id=-KtNLnI_S1xAM7aW8EK62ZU4mbg&user_group=1&ssp=fmx&gdpr=0
https://ce.lijit.com/merge?pid=26&3pid=82ae6f57-cf67-4347-a1b7-35b22eb6a653&gdpr=0&gdpr_consent=

43 B
2 KB

68ms
28ms

Image
image/gif

23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=26&3pid=82ae6f57-cf67-4347-a1b7-35b22eb6a653&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: //ce.lijit.com/merge?pid=26&3pid=82ae6f57-cf67-4347-a1b7-35b22eb6a653&gdpr=0&gdpr_consent=
Date: Wed, 12 Oct 2022 17:21:40 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame F140
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=a97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Da97de4...
https://ce.lijit.com/merge?pid=16&3pid=a97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341&gdpr=0&gdpr_consent=

43 B
3 KB

45ms
25ms

Image
image/gif

23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=16&3pid=a97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=16&3pid=a97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341&gdpr=0&gdpr_consent=
date: Wed, 12 Oct 2022 17:21:40 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame F140
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=FeDxfSZH8tW68m2ZSEGrvTGq&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=3&3pid=5e3e6346-f7a3-4400-98de-74a4ca85ba85&gdpr=0&gdpr_consent=

43 B
2 KB

28ms
27ms

Image
image/gif

23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=3&3pid=5e3e6346-f7a3-4400-98de-74a4ca85ba85&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date: Wed, 12 Oct 2022 17:21:39 GMT
Server: MT3 4539 98cc2da master ord-pixel-x51 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://ce.lijit.com/merge?pid=3&3pid=5e3e6346-f7a3-4400-98de-74a4ca85ba85&gdpr=0&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 12 Oct 2022 17:21:38 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F140
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RmVEeGZTWkg4dFc2OG0yWlNFR3J2VEdx&gdpr=0

170 B
188 B

49ms
38ms

Image
image/png

142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RmVEeGZTWkg4dFc2OG0yWlNFR3J2VEdx&gdpr=0

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=

Protocol

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 12 Oct 2022 17:21:39 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RmVEeGZTWkg4dFc2OG0yWlNFR3J2VEdx&gdpr=0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap7ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame F140
Redirect Chain

https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1665595299986
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7689957251
https://sync.1rx.io/usersync/tradedesk/3e5930d9-9ed8-4653-aa55-d261af64125b
https://sync.targeting.unrulymedia.com/csync/RX-a8c2ae2f-b4e4-407a-9ba2-d1b750d89238-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-a8c2ae2f-b4e4-407a-9ba2-d1b750d89238-005
https://ce.lijit.com/merge?pid=56&3pid=RX-a8c2ae2f-b4e4-407a-9ba2-d1b750d89238-005

43 B
3 KB

64ms
28ms

Image
image/gif

23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=56&3pid=RX-a8c2ae2f-b4e4-407a-9ba2-d1b750d89238-005
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date: Wed, 12 Oct 2022 17:21:40 GMT
Server: Tengine
ETag: RXa8c2ae2fb4e4407a9ba2d1b750d89238005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://ce.lijit.com/merge?pid=56&3pid=RX-a8c2ae2f-b4e4-407a-9ba2-d1b750d89238-005
Content-Type: text/html
Connection: keep-alive

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame F140
Redirect Chain

https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
https://ce.lijit.com/merge?pid=85&3pid=AADFvU7Gje8AAB2zsYrbcQ&gdpr=0

43 B
2 KB

48ms
26ms

Image
image/gif

23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=85&3pid=AADFvU7Gje8AAB2zsYrbcQ&gdpr=0
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=85&3pid=AADFvU7Gje8AAB2zsYrbcQ&gdpr=0
Date: Wed, 12 Oct 2022 17:21:40 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

epx.gif
px.owneriq.net/fr/ Frame F140
Redirect Chain

https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent=
https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q7188817001893117966&ref=%2Feucm%2Fp%2Fsv
https://px.owneriq.net/fr/epx.gif

43 B
402 B

74ms
26ms

Image
image/gif

23.192.61.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/fr/epx.gif
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 23.192.61.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-61-21.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:40 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Type: image/gif
Cache-Control: max-age=525285
Connection: keep-alive
Content-Length: 43
Expires: Tue, 18 Oct 2022 19:16:25 GMT

Redirect headers

Date: Wed, 12 Oct 2022 17:21:40 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://px.owneriq.net/fr/epx.gif
Content-Type: text/html
Cache-Control: max-age=62393
Connection: keep-alive
Content-Length: 154

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame F140
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=10&3pid=2810035082281571204

43 B
2 KB

52ms
29ms

Image
image/gif

23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=10&3pid=2810035082281571204
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: https://ce.lijit.com/merge?pid=10&3pid=2810035082281571204
Date: Wed, 12 Oct 2022 17:21:40 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame F140
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=87&3pid=2750a7d0-905b-47c2-acf6-c0b4544a7891

43 B
4 KB

45ms
29ms

Image
image/gif

23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=87&3pid=2750a7d0-905b-47c2-acf6-c0b4544a7891
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: //ce.lijit.com/merge?pid=87&3pid=2750a7d0-905b-47c2-acf6-c0b4544a7891
date: Wed, 12 Oct 2022 17:21:40 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame F140
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=92&3pid=8274292330252133132&gdpr=0&gdpr_consent=

43 B
2 KB

72ms
25ms

Image
image/gif

23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=92&3pid=8274292330252133132&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
AN-X-Request-Uuid: 7c03be5f-7e13-4337-9531-6a6b8deb8b1e
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://ce.lijit.com/merge?pid=92&3pid=8274292330252133132&gdpr=0&gdpr_consent=
Connection: keep-alive
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame F140
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=49&3pid=GLMRszG2FzR4&ev=1&pid=558511&gdpr_consent=&gdpr=0

43 B
3 KB

60ms
43ms

Image
image/gif

23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=49&3pid=GLMRszG2FzR4&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location: https://ce.lijit.com/merge?pid=49&3pid=GLMRszG2FzR4&ev=1&pid=558511&gdpr_consent=&gdpr=0
content-language: en-CA
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7b8b47d95b-tsqhj
expires: -1

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame F140
Redirect Chain

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
https://ce.lijit.com/merge?pid=86&3pid=P57OHTP1ok86ZT0DlIAm&pi=sovrn&gdpr=0&gdpr_consent=&tc=1

43 B
4 KB

26ms
25ms

Image
image/gif

23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=86&3pid=P57OHTP1ok86ZT0DlIAm&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=86&3pid=P57OHTP1ok86ZT0DlIAm&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT, Wed, 12 Oct 2022 17:21:40 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame F140
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=FeDxfSZH8tW68m2ZSEGrvTGq/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=5001&3pid=53649b85c5a1c379f223fbf3ac206818&gdpr=0&gdpr_consent=

43 B
3 KB

42ms
29ms

Image
image/gif

23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=53649b85c5a1c379f223fbf3ac206818&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=53649b85c5a1c379f223fbf3ac206818&gdpr=0&gdpr_consent=
cache-control: no-cache
x-server: 10.40.33.153
content-length: 0
expires: 0

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame F140
Redirect Chain

https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t

0
0

85ms
45ms

Image
text/html

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VRCZHWD9AE6AARAS2VH9
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame F140
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=185&cm=FeDxfSZH8tW68m2ZSEGrvTGq&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=84&3pid=c:3aa7923fefdd3a12652425a78e4d5e19

43 B
3 KB

105ms
41ms

Image
image/gif

23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=84&3pid=c:3aa7923fefdd3a12652425a78e4d5e19
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Wed, 12 Oct 2022 17:21:40 GMT
server: Aorta/20220929.37e3bd418
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
location: https://ce.lijit.com/merge?pid=84&3pid=c:3aa7923fefdd3a12652425a78e4d5e19
access-control-allow-origin
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: ecd8b1455972
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H2 200 cksync.php
contextual.media.net/ Frame F140 45 B
637 B 231ms
47ms Image
image/gif 23.195.100.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=sov&ovsid=FeDxfSZH8tW68m2ZSEGrvTGq&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1023%263pid%3D%24%7BUSER%7D&gdpr=0&gdpr_consent=

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-100-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 12 Oct 2022 17:21:40 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Wed, 12 Oct 2022 17:21:40 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame F140
Redirect Chain

https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=27&3pid=3e5930d9-9ed8-4653-aa55-d261af64125b&gdpr=0&gdpr_consent=

43 B
3 KB

45ms
44ms

Image
image/gif

23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=27&3pid=3e5930d9-9ed8-4653-aa55-d261af64125b&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ce.lijit.com/merge?pid=27&3pid=3e5930d9-9ed8-4653-aa55-d261af64125b&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 223

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame F140
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=12&3pid=8274292330252133132&gdpr=0&gdpr_consent=

43 B
4 KB

62ms
34ms

Image
image/gif

23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=12&3pid=8274292330252133132&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
AN-X-Request-Uuid: acdac5e2-4026-4c73-a504-84d17ebbc795
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://ce.lijit.com/merge?pid=12&3pid=8274292330252133132&gdpr=0&gdpr_consent=
Connection: keep-alive
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 308 B
1 KB 80ms
54ms XHR
application/json 107.20.181.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.181.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-181-84.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 53ad54d5b99de86b2e45884cc5ce6be7c2e5f35ad1104972bfb49d01aa825b1d

Request headers

Referer: https://site.crefaz.com.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:39 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://site.crefaz.com.br
cache-control: no-cache
x-server: 10.40.39.137
access-control-allow-credentials: true
content-length: 308
expires: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame E0D9 15 KB
6 KB 142ms
23ms Document
text/html 23.52.165.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.165.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-165-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://ap.lijit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=20755
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 12 Oct 2022 17:21:39 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Wed, 12 Oct 2022 23:07:34 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1

200
OK

merge Show response
ce.lijit.com/ Frame 2A6E
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=1&3pid=7320511249085752497&gdpr=0&gdpr_consent=

43 B
2 KB

40ms
39ms

Document
image/gif

23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=1&3pid=7320511249085752497&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length: 43
Content-Type: image/gif
Date: Wed, 12 Oct 2022 17:21:39 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap3ewr1

Redirect headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
date: Wed, 12 Oct 2022 17:21:38 GMT
location: https://ce.lijit.com/merge?pid=1&3pid=7320511249085752497&gdpr=0&gdpr_consent=
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma: no-cache

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 3BB9 15 KB
6 KB 141ms
26ms Document
text/html 23.52.165.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.165.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-165-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://ap.lijit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=20755
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 12 Oct 2022 17:21:39 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Wed, 12 Oct 2022 23:07:34 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H3

200

cm Show response
us-u.openx.net/w/1.0/ Frame 4C9C
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_c...
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&g...

759 B
486 B

61ms
15ms

Document
text/html

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: ac43816191cfae689b750c052a1a905bf0ee5db8305e0f224eac3d2a2af592e7

Request headers

Referer: https://ap.lijit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 467
content-type: text/html
date: Wed, 12 Oct 2022 17:21:39 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 12 Oct 2022 17:21:39 GMT
location: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 160ms
63ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_fy2021.js?bust=31070291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 12 Oct 2022 17:21:40 GMT

POST
H3 200 a
a.dtssrv.com/ 0
471 B 82ms
53ms Ping
text/html 2606:4700:e0::ac40:6a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=51A0166559529668EDBB65A4077AE425&k=lotpano&v=bcc161ae1a63651d8dc4f7c901de16d539389a0c9900f98a557954898ca6a2eb
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fsite.crefaz.com.br%2F&j=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tv77nJ%2BmMqTOYfw1DsVKsQf6WiUgll9mZP%2BNFxAiR8tYdbbbAuezsz59YEgfSrmz0BTzdswmthgXMQLSaoGZd8%2FvfXz6Uz%2BscXSDGFjZo4W9BP4av5soy%2BhIpJV7Iht2L3qiZOSYUmAcAV4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 75918360eae68c42-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame B110 2 KB
1 KB 29ms
21ms Document
text/html 108.138.128.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-28.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Referer: https://site.crefaz.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 43281
cache-control: max-age: 86400
content-encoding: gzip
content-type: text/html
date: Wed, 12 Oct 2022 05:20:19 GMT
etag: W/"6fcf4f5197ab24c92d090f6ac8d87e01"
last-modified: Mon, 01 Feb 2021 20:35:17 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 8ee187646f657ced7afa83005e9249cc.cloudfront.net (CloudFront)
x-amz-cf-id: A7SZOssHMQ5wewNeLTL6dHxy3LXXbh6tlKuPvuo-E49tY1OiL1sFWw==
x-amz-cf-pop: JFK50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame 4C9C 43 B
2 KB 29ms
28ms Image
image/gif 23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=76&3pid=23b159e9-2885-08ee-1d9b-9770eb8a79e9
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 4C9C
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7320511249085752497&gdpr=0&gdpr_consent=&us_privacy=

43 B
61 B

22ms
22ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=7320511249085752497&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=7320511249085752497&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 4C9C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Y0b3pAABUd3hXABU
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y0b3pAABUd3hXABU&_test=Y0b3pAABUd3hXABU

43 B
61 B

37ms
24ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y0b3pAABUd3hXABU&_test=Y0b3pAABUd3hXABU
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-yul12832-YUL
pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1665595300.224250,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y0b3pAABUd3hXABU&_test=Y0b3pAABUd3hXABU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 db98e16d-529d-a0aa-6bf0-37236c6c8bf2
pr-bh.ybp.yahoo.com/sync/openx/ Frame 4C9C 43 B
602 B 93ms
29ms Image
image/gif 2600:1f18:4e9:5a01:9d9d:28ed:7091:e8f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/db98e16d-529d-a0aa-6bf0-37236c6c8bf2?gdpr=0

Requested by

Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a01:9d9d:28ed:7091:e8f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 4C9C
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=4f5f8729-c231-32e3-5a27-21d6933b46bb&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=3e5930d9-9ed8-4653-aa55-d261af64125b&ttd_puid=4f5f8729-c231-32e3-5a27-21d6933b46bb&gdpr=0&gdpr_consent=

43 B
62 B

16ms
15ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=3e5930d9-9ed8-4653-aa55-d261af64125b&ttd_puid=4f5f8729-c231-32e3-5a27-21d6933b46bb&gdpr=0&gdpr_consent=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=3e5930d9-9ed8-4653-aa55-d261af64125b&ttd_puid=4f5f8729-c231-32e3-5a27-21d6933b46bb&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 4C9C 170 B
188 B 44ms
41ms Image
image/png 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjMzMDU0ZTMtMGI0Ni02YzQ3LTRmYzctN2I2ZjU5ZDk4OGRi

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 4C9C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEoJHOa_2twDkSid7El-5zg&google_cver=1

43 B
61 B

16ms
14ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEoJHOa_2twDkSid7El-5zg&google_cver=1
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEoJHOa_2twDkSid7El-5zg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame E0D9 5 KB
6 KB 76ms
21ms Script
text/html 104.36.115.113
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62101170&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 4a9c41b2af8917f97b154c8396a1bf8537e46bc60e14caaf689aecc83c05c6c8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 12 Oct 2022 17:21:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BE5A 13 KB
5 KB 97ms
26ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://site.crefaz.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 9275
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 14:47:05 GMT
expires: Thu, 12 Oct 2023 14:47:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A897 783 B
534 B 45ms
44ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c7f767853da9a758b87507dc44d12e7e5c031453e02a1c31feda19bc8009c730

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-raa-2i4uXw0AIORzlFNznA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://site.crefaz.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-raa-2i4uXw0AIORzlFNznA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 17:21:40 GMT
expires: Wed, 12 Oct 2022 17:21:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame F9F2 4 KB
4 KB 27ms
26ms Document
text/html 107.20.181.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.181.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-181-84.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 12ca35c900cba6ab54d67e6b2d68576c15393f89cbc7e34b8ba1b175571c6836

Request headers

Referer: https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache
content-length: 4017
content-type: text/html
date: Wed, 12 Oct 2022 17:21:40 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.40.1.171

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame F9F2
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16101%26tp%3DADEL%26tpid%3D%24{ADELPHIC...
https://sync.crwdcntrl.net/qmap?c=16101&tp=ADEL&tpid=1b82f197-ac37-455b-a8d0-b5c42b455378&gdpr=0

49 B
264 B

98ms
36ms

Image
image/gif

107.20.181.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=16101&tp=ADEL&tpid=1b82f197-ac37-455b-a8d0-b5c42b455378&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Server: 107.20.181.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-181-84.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.8.39
content-length: 49
expires: 0

Redirect headers

Location: https://sync.crwdcntrl.net/qmap?c=16101&tp=ADEL&tpid=1b82f197-ac37-455b-a8d0-b5c42b455378&gdpr=0
Date: Wed, 12 Oct 2022 17:21:40 GMT
Connection: keep-alive
X-CI-RTID: 9d61a0e0-700d-49ed-be09-e1ab80b6b8ab
Content-Length: 131
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame F9F2
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=53649b85c5a1c379f223fbf3ac206818
https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=53649b85c5a1c379f223fbf3ac206818&dcc=t

43 B
855 B

75ms
50ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=53649b85c5a1c379f223fbf3ac206818&dcc=t

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WVP83DYNWK7YY4JGGMK2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: K73ZT024KFVGC90YFY4W
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=53649b85c5a1c379f223fbf3ac206818&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
wt.rqtrk.eu/ Frame F9F2 43 B
130 B 48ms
10ms Image
image/gif 15.235.42.104
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wt.rqtrk.eu/?pid=e34a6063-e846-4ccb-98d8-0eba4dd66b75&src=www&type=100&sid=0&cb=833247554&gdpr=0&gdpr_consent=&gdpr_pd=0&uid=53649b85c5a1c379f223fbf3ac206818
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.42.104 , Canada, ASN16276 (OVH, FR),
Reverse DNS: haproxy-ca-003.roqad.pl
Software: istio-envoy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type: image/gif
cache-control: no-cache,private
x-envoy-upstream-service-time: 1
content-length: 43
expires: Wed, 12 Oct 2022 17:21:39 GMT

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=3e5930d9-9ed8-4653-aa55-d261af64125b/gdpr=0/ Frame F9F2
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=3e5930d9-9ed8-4653-aa55-d261af64125b/gdpr=0/gdpr_consent=

49 B
264 B

46ms
37ms

Image
image/gif

107.20.181.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=3e5930d9-9ed8-4653-aa55-d261af64125b/gdpr=0/gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Server: 107.20.181.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-181-84.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.34.79
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=3e5930d9-9ed8-4653-aa55-d261af64125b/gdpr=0/gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 249

GET
H/1.1 200
OK ltm
audex.userreport.com/sync/put/ Frame F9F2 43 B
433 B 234ms
127ms Image
image/gif 108.138.106.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://audex.userreport.com/sync/put/ltm?ltmid=53649b85c5a1c379f223fbf3ac206818
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-126.jfk50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:40 GMT
Via: 1.1 8ef35b07fe667674a2922c9d83a75c52.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.20.0
X-Amz-Cf-Pop: JFK50-P3
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: RCy013BLlHIc_VNhmXly2Crblw2dGEBas4s_pnfsZwXGkNd_mGLkYw==

GET
H2

200

tpid=4bd454ba-cdd9-4072-ace3-b44ebbe421b7
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame F9F2
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=53649b85c5a1c379f223fbf3ac206818&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
https://dpm.demdex.net/ibs:dpid=540&dpuuid=4bd454ba-cdd9-4072-ace3-b44ebbe421b7&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=4bd454ba-cdd9-4072-ace3-b44ebbe421b7&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device...
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=40291979834938687024243178591311341333&pt=4bd454ba-cdd9-4072-ace3-b44ebbe421b7%2Chttps%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2F...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=4bd454ba-cdd9-4072-ace3-b44ebbe421b7

49 B
264 B

30ms
30ms

Image
image/gif

107.20.181.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=4bd454ba-cdd9-4072-ace3-b44ebbe421b7
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Server: 107.20.181.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-181-84.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.34.89
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=4bd454ba-cdd9-4072-ace3-b44ebbe421b7
date: Wed, 12 Oct 2022 17:21:40 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 204 sync.gif
dmp.truoptik.com/f2d2e39fc16bc9cc/ Frame F9F2 0
470 B 163ms
62ms Image
text/plain 104.16.112.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.112.154 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
to-dmp-sync: s4b-dmp-use1-aws.truoptik.com
cf-cache-status: DYNAMIC
server: cloudflare
user-agent: Tru Optik DMP 1.3.1
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
cache-control: no-store
cf-ray: 759183632b65a1f8-YYZ
x-xss-protection: 1; mode=block
expires: 0

GET
H/1.1 200
OK identity
c.cintnetworks.com/ Frame F9F2 0
543 B 219ms
53ms Image
text/plain 40.71.11.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.cintnetworks.com/identity?a=5461&gdpr=0&id=Lotame:53649b85c5a1c379f223fbf3ac206818
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.71.11.141 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:21:40 GMT
Cache-Control: max-age=60, private, must-revalidate
Access-Control-Allow-Credentials: true
Arr-Disable-Session-Affinity: true
Content-Length: 0
Vary: Origin
P3P: CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame F9F2 0
337 B 57ms
24ms Image
text/plain 52.3.27.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=53649b85c5a1c379f223fbf3ac206818
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.27.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-27-31.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-served-by: beacon-n019-ash-prod.krxd.net
date: Wed, 12 Oct 2022 17:21:40 GMT
cache-control: private, no-cache, no-store
x-request-time: D=25 t=1665595300
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET

pixel.gif
aorta.clickagy.com/ Frame F9F2
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=120&cm=53649b85c5a1c379f223fbf3ac206818
https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:3aa7923fefdd3a12652425a78e4d5e19&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D
https://d.agkn.com/pixel/10751/?che=1665595300560&ip=149.56.153.184&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D213150604302010044177
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=213150604302010044177
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:3aa7923fefdd3a12652425a78e4d5e19&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=40291979834938687024243178591311341333
https://idsync.rlcdn.com/420246.gif?partner_uid=c:3aa7923fefdd3a12652425a78e4d5e19
https://aorta.clickagy.com/pixel.gif?ch=114&cm=53ddeb39db9561e8b25dc3b8fa95ce40718a00d11075dbbc00f7f2250f7f57fb25abae5358c0e7bc
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:3aa7923fefdd3a12652425a78e4d5e19&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=40291979834938687024243178591311341333
https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:3aa7923fefdd3a12652425a78e4d5e19/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7...
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=120&cm=53649b85c5a1c379f223fbf3ac206818
https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=a97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341
https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:3aa7923fefdd3a12652425a78e4d5e19&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D
https://d.agkn.com/pixel/10751/?che=1665595301115&ip=149.56.153.184&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D213150604302010044177
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=213150604302010044177
https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzozYWE3OTIzZmVmZGQzYTEyNjUyNDI1YTc4ZTRkNWUxOQ
https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEOAfg4kjEjh1L1G-T4laPio&google_cver=1
https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%25...
https://aorta.clickagy.com/pixel.gif?ch=4&cm=50d1b3cc-904b-0ead-2cb2-ba977709488a&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D

0
0

GET
H/1.1

200
OK

image.sbxx
ib.mookie1.com/ Frame F9F2
Redirect Chain

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=53649b85c5a1c379f223fbf3ac206818
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=53649b85c5a1c379f223fbf3ac206818

120 B
991 B

96ms
24ms

Image
image/png

69.169.86.39
AMC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=53649b85c5a1c379f223fbf3ac206818
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: HTTP/1.1
Server: 69.169.86.39 Cranford, United States, ASN29838 (AMC, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/png
p3p: CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: NY13
Content-Length: 120
Expires: -1

Redirect headers

Date: Wed, 12 Oct 2022 17:21:39 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=53649b85c5a1c379f223fbf3ac206818
Access-Control-Allow-Origin: *
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Cache-Control: private
X-Server: LAS05
Content-Length: 217

GET
H3 200 utsync.ashx
ml314.com/ Frame F9F2 43 B
63 B 76ms
51ms Image
image/gif 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=50146&et=0&fp=53649b85c5a1c379f223fbf3ac206818&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:39 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: 0,Thu, 13 Oct 2022 13:21:40 GMT

GET
H2

404

gdpr_consent=
sync.crwdcntrl.net/qmap/c=6569/tp=STKA/tpid=0-f8ab4d2e-723f-4b5c-4033-b696f042bad9$ip$149.56.153.184&gdpr=0/ Frame F9F2
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
https://sync.crwdcntrl.net/qmap/c=6569/tp=STKA/tpid=0-f8ab4d2e-723f-4b5c-4033-b696f042bad9$ip$149.56.153.184&gdpr=0/gdpr_consent=

0
132 B

36ms
28ms

Image
text/html

107.20.181.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap/c=6569/tp=STKA/tpid=0-f8ab4d2e-723f-4b5c-4033-b696f042bad9$ip$149.56.153.184&gdpr=0/gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Server: 107.20.181.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-181-84.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:40 GMT
cache-control: must-revalidate,no-cache,no-store
last-modified: Tue, 11 Oct 2022 15:12:06 GMT
accept-ranges: bytes
content-length: 0
content-type: text/html

Redirect headers

Location: https://sync.crwdcntrl.net/qmap/c=6569/tp=STKA/tpid=0-f8ab4d2e-723f-4b5c-4033-b696f042bad9$ip$149.56.153.184&gdpr=0/gdpr_consent=
Date: Wed, 12 Oct 2022 17:21:40 GMT
Connection: keep-alive
Content-Length: 156
Content-Type: text/html; charset=utf-8

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame F9F2
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-ijs_YVZE2pzJX7Q42hfvfFhfEhuV4aR3V.s-~A&gdpr=0

49 B
265 B

61ms
35ms

Image
image/gif

107.20.181.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-ijs_YVZE2pzJX7Q42hfvfFhfEhuV4aR3V.s-~A&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Server: 107.20.181.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-181-84.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.15.180
content-length: 49
expires: 0

Redirect headers

date: Wed, 12 Oct 2022 17:21:40 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0107.pbp.bf1.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-ijs_YVZE2pzJX7Q42hfvfFhfEhuV4aR3V.s-~A&gdpr=0
content-length: 0

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame F9F2
Redirect Chain

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26src=lot%26gdpr%3D0
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=5e3e6346-f7a3-4400-98de-74a4ca85ba85&src=lot&gdpr=0

49 B
264 B

75ms
52ms

Image
image/gif

107.20.181.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=5e3e6346-f7a3-4400-98de-74a4ca85ba85&src=lot&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Server: 107.20.181.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-181-84.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.11.12
content-length: 49
expires: 0

Redirect headers

Date: Wed, 12 Oct 2022 17:21:40 GMT
Server: MT3 4539 98cc2da master ord-pixel-x57 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=5e3e6346-f7a3-4400-98de-74a4ca85ba85&src=lot&gdpr=0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 12 Oct 2022 17:21:39 GMT

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=a97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341/ Frame F9F2
Redirect Chain

https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=a97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341/gdpr=0

49 B
264 B

46ms
37ms

Image
image/gif

107.20.181.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=a97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Server: 107.20.181.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-181-84.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.10.86
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:39 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=a97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341/gdpr=0
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame F9F2 0
536 B 183ms
25ms Image
text/plain 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=7&puid=53649b85c5a1c379f223fbf3ac206818&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 8eb2d9eeed9b9c468975d0ba24565e5b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Y0b3pAABUd3hXABU/ Frame F9F2
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Y0b3pAABUd3hXABU/gdpr=0

49 B
265 B

39ms
29ms

Image
image/gif

107.20.181.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Y0b3pAABUd3hXABU/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Server: 107.20.181.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-181-84.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.35.184
content-length: 49
expires: 0

Redirect headers

x-served-by: cache-yul12832-YUL
pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1665595300.265952,VS0,VE0
x-cache: HIT
location: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Y0b3pAABUd3hXABU/gdpr=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame F9F2 170 B
188 B 73ms
51ms Image
image/png 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NTM2NDliODVjNWExYzM3OWYyMjNmYmYzYWMyMDY4MTg&gdpr=0

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5907
tags.bluekai.com/site/ Frame F9F2 62 B
356 B 135ms
106ms Image
image/gif 173.223.57.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=325e94aa0d8f9f6df0e08daac5b70894
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-84.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 12 Oct 2022 17:21:40 GMT
content-length: 62
content-type: image/gif

GET
H2 200 g.json Show response
aa.agkn.com/adscores/ Frame F9F2 103 B
720 B 129ms
33ms Script
application/json 52.85.61.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-80.ewr53.r.cloudfront.net
Software: AAWebServer /
Resource Hash: e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
via: 1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR53-P1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 103
x-amz-cf-id: x2cEj53IhNbMO3U8LbjGev97Tzm6svsRO2mj_r3Ku7KIqcZ9RLg6Kw==
expires: 0

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7320511249085752497/ Frame F9F2
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/53649b85c5a1c379f223fbf3ac206818/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7320511249085752497/gdpr=0

49 B
264 B

115ms
53ms

Image
image/gif

107.20.181.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7320511249085752497/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Server: 107.20.181.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-181-84.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.14.22
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7320511249085752497/gdpr=0
pragma: no-cache
date: Wed, 12 Oct 2022 17:21:39 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

rand=14210161
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8274292330252133132/gdpr=0/ Frame F9F2
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=14210161
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8274292330252133132/gdpr=0/rand=14210161

49 B
264 B

65ms
48ms

Image
image/gif

107.20.181.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8274292330252133132/gdpr=0/rand=14210161
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C150%2C116%2C115%2C106%2C104%2C92%2C80%2C79%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Server: 107.20.181.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-181-84.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.43.45
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
AN-X-Request-Uuid: 149b36c5-65a3-4fc5-bb1e-89a53b5bf751
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8274292330252133132/gdpr=0/rand=14210161
Connection: keep-alive
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 1502
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=59D92590-354E-4F4D-8B00-51C9447E4FBA
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=59D92590-354E-4F4D-8B00-51C9447E4FBA

35 B
467 B

51ms
16ms

Document
image/gif

185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=59D92590-354E-4F4D-8B00-51C9447E4FBA

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Wed, 12 Oct 2022 17:21:40 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Wed, 12 Oct 2022 17:21:40 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=59D92590-354E-4F4D-8B00-51C9447E4FBA
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B65E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0b3pAABUd3hXABU&gdpr=0&gdpr_consent=

1 B
239 B

151ms
35ms

Document
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0b3pAABUd3hXABU&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Wed, 12 Oct 2022 17:21:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Wed, 12 Oct 2022 17:21:40 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0b3pAABUd3hXABU&gdpr=0&gdpr_consent=
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-yul12832-YUL
x-timer: S1665595300.267230,VS0,VE0

GET
H/1.1

200
OK

dcm Show response
s.amazon-adsystem.com/ Frame 6227
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=59D92590-354E-4F4D-8B00-51C9447E4FBA&redir=true&gdpr=0&gdpr_consent=
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=59D92590-354E-4F4D-8B00-51C9447E4FBA&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

110ms
45ms

Document
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=59D92590-354E-4F4D-8B00-51C9447E4FBA&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 12 Oct 2022 17:21:40 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: PW7M4F2E49XFZRXM2KEM

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 12 Oct 2022 17:21:40 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=59D92590-354E-4F4D-8B00-51C9447E4FBA&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 36GRGEMKQ89819JNXX0G

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 8C12
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFERnZVN0dqZThBQUIyenNZcmJjUQ&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADFvU7Gje8AAB2zsYrbcQ&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partn...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADFvU7Gje8AAB2zsYrbcQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4277797524658549007
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADFvU7Gje8AAB2zsYrbcQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D4277797524658549007%26bee_sync_partners%3Dpm%26bee_sync...
https://match.prod.bidr.io/cookie-sync?userid=4277797524658549007&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AADFvU7Gje8AAB2zsYrbcQ&pid=558502&d...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADFvU7Gje8AAB2zsYrbcQ

42 B
199 B

22ms
21ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADFvU7Gje8AAB2zsYrbcQ
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 12 Oct 2022 17:21:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Wed, 12 Oct 2022 17:21:40 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADFvU7Gje8AAB2zsYrbcQ
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 496E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5e3e6346-f7a3-4400-98de-74a4ca85ba85&gdpr=0&gdpr_consent=

42 B
326 B

130ms
34ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5e3e6346-f7a3-4400-98de-74a4ca85ba85&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 12 Oct 2022 17:21:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Wed, 12 Oct 2022 17:21:40 GMT
Expires: Wed, 12 Oct 2022 17:21:39 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4539 98cc2da master ord-pixel-x26 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5e3e6346-f7a3-4400-98de-74a4ca85ba85&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame AF0B
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8RhoqKEcPa3qTmqopR5x_aRPOq3qTWmm80p7Fo9r

42 B
336 B

124ms
25ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8RhoqKEcPa3qTmqopR5x_aRPOq3qTWmm80p7Fo9r
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 12 Oct 2022 17:21:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Wed, 12 Oct 2022 17:21:40 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8RhoqKEcPa3qTmqopR5x_aRPOq3qTWmm80p7Fo9r
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 0F82 0
221 B 164ms
23ms Document
image/gif 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 0
content-type: image/gif
date: Wed, 12 Oct 2022 17:21:39 GMT
p3p: policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server: c

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F077
Redirect Chain

https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=55b2bb9c-4a52-11ed-9767-329a2587c191

42 B
243 B

51ms
30ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=55b2bb9c-4a52-11ed-9767-329a2587c191
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 12 Oct 2022 17:21:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Wed, 12 Oct 2022 17:21:40 GMT
Expires: Thu, 23 Sep 2004 17:42:04 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=55b2bb9c-4a52-11ed-9767-329a2587c191
P3P: CP="NOI OTC OTP OUR NOR"
Pragma: no-cache
X-RealServer-NX: lga-delivery-3
server: Cowboy

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 9556 43 B
363 B 97ms
31ms Document
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 17:21:39 GMT
expires: Wed, 12 Oct 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 319861
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame D2BC
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-KtNLnI_S1xAM7aW8EK62ZU4mbg

42 B
495 B

89ms
31ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-KtNLnI_S1xAM7aW8EK62ZU4mbg
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 12 Oct 2022 17:21:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 159
Content-Type: text/html; charset=utf-8
Date: Wed, 12 Oct 2022 17:21:40 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-KtNLnI_S1xAM7aW8EK62ZU4mbg

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6306
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FPx7tNZu1OIFqk5&gdpr=0&gdpr_consent=

42 B
422 B

21ms
21ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FPx7tNZu1OIFqk5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 12 Oct 2022 17:21:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Wed, 12 Oct 2022 17:21:40 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FPx7tNZu1OIFqk5&gdpr=0&gdpr_consent=
Pragma: no-cache
Server: PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0365872a60f729e92@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 72F1
Redirect Chain

https://ums.acuityplatform.com/tum?umid=6
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=698850414500

42 B
190 B

53ms
24ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=698850414500
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 12 Oct 2022 17:21:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Content-Length: 0
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=698850414500

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7BD1
Redirect Chain

https://ad.mrtnsvr.com/sync/pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=LlCdgc-tp

42 B
205 B

47ms
26ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=LlCdgc-tp
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 12 Oct 2022 17:21:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141
content-type: text/html; charset=utf-8
date: Wed, 12 Oct 2022 17:21:40 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=LlCdgc-tp
vary: Origin
via: 1.1 google

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6D6A
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-a8c2ae2f-b4e4-407a-9ba2-d1b750d89238-005&rndcb=1718320118
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=82ae6f57-cf67-4347-a1b7-35b22eb6a653&google_hm=ODJhZTZmNTctY2Y2Ny00MzQ3LWExYjctMzViMjJlYjZh...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEB7WHvPN2Uy__kvEpgmF1Ss&google_cver=1&ssp=adconductor&bsw_param=82ae6f57-cf67-4347-a1b7-35b22eb6a653
https://sync.1rx.io/usersync/bidswitch/82ae6f57-cf67-4347-a1b7-35b22eb6a653?gdpr=&gdpr_consent=
https://sync.targeting.unrulymedia.com/csync/RX-a8c2ae2f-b4e4-407a-9ba2-d1b750d89238-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a8c2ae2f-b4e4-407a-9ba2-d1b750d89238-005

42 B
253 B

22ms
21ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a8c2ae2f-b4e4-407a-9ba2-d1b750d89238-005
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 12 Oct 2022 17:21:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Type: text/html
Date: Wed, 12 Oct 2022 17:21:40 GMT
ETag: RXa8c2ae2fb4e4407a9ba2d1b750d89238005
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a8c2ae2f-b4e4-407a-9ba2-d1b750d89238-005
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server: Tengine
Transfer-Encoding: chunked

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 6C5F
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
418 B

96ms
91ms

Document
image/gif

2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 759183642872ece2-YUL
content-length: 43
content-type: image/gif; charset=utf-8
date: Wed, 12 Oct 2022 17:21:40 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 759183638fb6ece2-YUL
content-type: text/html
date: Wed, 12 Oct 2022 17:21:40 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 2170

GET
H/1.1

200
OK

pbmtc.gif Show response
beacon.lynx.cognitivlabs.com/ Frame D88A
Redirect Chain

https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=3349f5a2-0e0f-4c1d-8ec2-3cd1cb44b6c5&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=59D92590-354E-4F4D-8B00-51C9447E4FBA

42 B
493 B

45ms
24ms

Document
image/gif

54.87.99.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=59D92590-354E-4F4D-8B00-51C9447E4FBA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.99.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-99-102.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: keep-alive
Content-Length: 42
Content-Type: image/gif
Date: Wed, 12 Oct 2022 17:21:40 GMT
Server: Kestrel

Redirect headers

cache-control: no-store, no-cache, private
date: Wed, 12 Oct 2022 17:21:40 GMT
location: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=59D92590-354E-4F4D-8B00-51C9447E4FBA
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H/1.1 200
OK merge Show response
ce.lijit.com/ Frame E8C3 43 B
3 KB 40ms
27ms Document
image/gif 23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=71&3pid=59D92590-354E-4F4D-8B00-51C9447E4FBA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length: 43
Content-Type: image/gif
Date: Wed, 12 Oct 2022 17:21:40 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap3ewr1

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E0D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WdklkDVOT02LAFHJRH5Pug%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

90ms
23ms

Image
text/html

23.52.165.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Server: 23.52.165.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-165-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:40 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=20754
accept-ranges: bytes
content-length: 5549
expires: Wed, 12 Oct 2022 23:07:34 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

458249.gif
idsync.rlcdn.com/ Frame E0D9
Redirect Chain

https://idsync.rlcdn.com/420486.gif?partner_uid=59D92590-354E-4F4D-8B00-51C9447E4FBA
https://pippio.com/api/sync?pid=5324&it=1&iv=3c8dc4ec53069d264f43eff12a4e38203a7b41b925fac95b1a25b853495ab1a5791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAzYzhkYzRlYzUzMDY5ZDI2NGY0M2VmZjEyYTRlMzgyMDNhN2I0MWI5MjVmYWM5NWIxYTI1Yjg1MzQ5NWFiMWE1NzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAzYzhkYzRlYzUzMDY5ZDI2NGY0M2VmZjEyYTRlMzgyMDNhN2I0MWI5MjVmYWM5NWIxYTI1Yjg1MzQ5NWFiMWE1NzkxNDI2YjU0MTdkY2UyMRAAGgwIpO-bmgYSBAgCEABCAEoA&goog...
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
https://idsync.rlcdn.com/458249.gif?partner_uid=de40ec62-3dd9-489e-9aaa-76c6a665829f

42 B
60 B

47ms
46ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458249.gif?partner_uid=de40ec62-3dd9-489e-9aaa-76c6a665829f
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:40 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/458249.gif?partner_uid=de40ec62-3dd9-489e-9aaa-76c6a665829f
date: Wed, 12 Oct 2022 17:21:40 GMT
via: 1.1 google
x-samesite: secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
content-type: text/html; charset=utf-8

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame E0D9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5e3e6346-f7a3-4400-98de-74a4ca85ba85

0
48 B

100ms
22ms

Image
text/plain

104.36.115.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5e3e6346-f7a3-4400-98de-74a4ca85ba85
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Server: 104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:40 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 12 Oct 2022 17:21:40 GMT
Server: MT3 4539 98cc2da master ord-pixel-x55 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5e3e6346-f7a3-4400-98de-74a4ca85ba85
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 12 Oct 2022 17:21:39 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame E0D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTlEOTI1OTAtMzU0RS00RjRELThCMDAtNTFDOTQ0N0U0RkJB&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

89ms
22ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 12 Oct 2022 17:21:40 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame E0D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFNa8IeY_sqNceGBOeP__3M&google_cver=1

42 B
376 B

86ms
21ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFNa8IeY_sqNceGBOeP__3M&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 12 Oct 2022 17:21:39 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFNa8IeY_sqNceGBOeP__3M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame E0D9
Redirect Chain

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1C00CAD18F904BA79B8E5F327C0866BF

42 B
438 B

54ms
24ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1C00CAD18F904BA79B8E5F327C0866BF
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 12 Oct 2022 17:21:40 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Wed, 12 Oct 2022 17:21:40 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1C00CAD18F904BA79B8E5F327C0866BF
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 11 Oct 2022 17:21:40 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame E0D9
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7320511249085752497&gdpr=0&gdpr_consent=&us_privacy=

1 B
254 B

27ms
26ms

Image
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7320511249085752497&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 12 Oct 2022 17:21:39 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7320511249085752497&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame E0D9
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3e5930d9-9ed8-4653-aa55-d261af64125b

42 B
278 B

64ms
32ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3e5930d9-9ed8-4653-aa55-d261af64125b
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 12 Oct 2022 17:21:40 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3e5930d9-9ed8-4653-aa55-d261af64125b
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 313

GET
H2 200 59D92590-354E-4F4D-8B00-51C9447E4FBA
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E0D9 43 B
601 B 57ms
32ms Image
image/gif 2600:1f18:4e9:5a01:9d9d:28ed:7091:e8f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/59D92590-354E-4F4D-8B00-51C9447E4FBA?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a01:9d9d:28ed:7091:e8f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame E0D9
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=59D92590-354E-4F4D-8B00-51C9447E4FBA&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bPK3rnpE2uWUB37366lOQa2lKd6veRI-~A&gdpr=0&gdpr_consent=

0
260 B

92ms
21ms

Image
text/plain

104.36.115.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bPK3rnpE2uWUB37366lOQa2lKd6veRI-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Server: 104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:40 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bPK3rnpE2uWUB37366lOQa2lKd6veRI-~A&gdpr=0&gdpr_consent=
date: Wed, 12 Oct 2022 17:21:40 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame E0D9
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=98161c5f-8fb6-4302-9ae2-c07a3711b4d8&gdpr=0&gdpr_consent=

1 B
236 B

28ms
27ms

Image
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=98161c5f-8fb6-4302-9ae2-c07a3711b4d8&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 12 Oct 2022 17:21:40 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=98161c5f-8fb6-4302-9ae2-c07a3711b4d8&gdpr=0&gdpr_consent=
Date: Wed, 12 Oct 2022 17:21:40 GMT
Connection: keep-alive
X-CI-RTID: 3c8e6c3f-ef53-46a0-891b-ed1a33230e33
Content-Length: 205
Content-Type: text/html; charset=utf-8

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame E0D9
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8274292330252133132&gdpr=0&gdpr_consent=

42 B
217 B

73ms
28ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8274292330252133132&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 12 Oct 2022 17:21:40 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
AN-X-Request-Uuid: 316d6f82-10df-41b1-a9b3-9acf78245e78
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8274292330252133132&gdpr=0&gdpr_consent=
Connection: keep-alive
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame E0D9
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=59D92590-354E-4F4D-8B00-51C9447E4FBA&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=18689ff23c1c142a&is_secure=true&networkId=17100&version=1&nuid=59D92590-354E-4F4D-8B00-51C9447E4FBA&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHLBD86Kd0wQMCMtlLAAAAAAA&expiration=1665681700&nuid=59D92590-354E-4F4D-8B00-51C9447E4FBA&...

42 B
265 B

22ms
20ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHLBD86Kd0wQMCMtlLAAAAAAA&expiration=1665681700&nuid=59D92590-354E-4F4D-8B00-51C9447E4FBA&is_secure=true&gdpr_consent=&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 12 Oct 2022 17:21:40 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHLBD86Kd0wQMCMtlLAAAAAAA&expiration=1665681700&nuid=59D92590-354E-4F4D-8B00-51C9447E4FBA&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2 204 CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame E0D9 0
35 B 146ms
41ms Image
text/plain 52.203.100.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.100.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-100-41.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:40 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame E0D9
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341&gdpr=0&gdpr_consent=

42 B
217 B

57ms
27ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 12 Oct 2022 17:21:40 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:39 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

sn.ashx
pmp.mxptint.net/ Frame E0D9
Redirect Chain

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B341_F7A5F1C6_7905B4F6&r=https://pmp.mxptint.net/sn.ashx?ak=1
https://pmp.mxptint.net/sn.ashx?ak=1

43 B
266 B

56ms
55ms

Image
image/gif

4.78.226.233
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pmp.mxptint.net/sn.ashx?ak=1

Requested by

Protocol

HTTP/1.1

Server

4.78.226.233 Fort Worth, United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=-348582100; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Expires: -1
Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:40 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=-348582100; includeSubDomains
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://pmp.mxptint.net/sn.ashx?ak=1
date: Wed, 12 Oct 2022 17:21:40 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame E0D9
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=82ae6f57-cf67-4347-a1b7-35b22eb6a653
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=2750a7d0-905b-47c2-acf6-c0b4544a7891&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=82ae6f57-cf67-4347-a1b7-35b22eb6a653&gdpr=&gdpr_consent=&gdpr_pd=

1 B
202 B

21ms
20ms

Image
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=82ae6f57-cf67-4347-a1b7-35b22eb6a653&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 12 Oct 2022 17:21:39 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=82ae6f57-cf67-4347-a1b7-35b22eb6a653&gdpr=&gdpr_consent=&gdpr_pd=
Date: Wed, 12 Oct 2022 17:21:40 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame E0D9
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3128883889331652583

42 B
219 B

68ms
27ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3128883889331652583
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 12 Oct 2022 17:21:40 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3128883889331652583
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A897 0
0 66ms
60ms Image
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221010&jk=1541219906748436&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js Show response
pagead2.googlesyndication.com/bg/ Frame BE5A 36 KB
16 KB 58ms
19ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3a8782bbe8cd0610acc3f91da27e1d89a86cb7049fd4146a833f0518c112ec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 14:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15993
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 14:47:05 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BE5A 0
10 B 20ms
19ms Image
text/plain 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jIaDBg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 9251 0
289 B 23ms
21ms Image
text/plain 23.192.50.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwAA2NG96AAAAAJHTKaAw%253D%253D&tt=t.dhj&dhjLcy=1665595296973&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1065.23347&ell=d&cck=__stid&dmn=site.crefaz.com.br&pn=%2F&qs=na&rdn=site.crefaz.com.br&rpn=%2Fsite.crefaz.com.br&rqs=na&cc=CA&cont=NA&evid=FH1NNPYAHpQZ4s0oHoiu&urls=!1!935!b-13j,!1!856!b-13h,!1!936!b-14s,!1!0!b-14t,!1!937!b-150,!1!914!b-16f&rnd=1665595301272&cid=c010&version=1.1065.23347&cc=CA&cont=NA&cls=C&repeat=0&htmLcy=778

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.192.50.25 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-50-25.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1065.23347&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Wed, 12 Oct 2022 17:21:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
41ms Image
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221010&jk=1541219906748436&bg=!_P-l_7vNAAYqRg79CkY7ACkAdvg8WnrXTBli3SfQ_aI9yxZ3SH0Cgdgu7iaOv-dBSgCqXI78-UNLPQIAAADJUgAAAARoAQcKAJfSkRF8dQrrvZP8VcI4MMzh_XnPr2-Fc-G7eV9l7wH4yRExLMWRbvBTj4Azv15xcYCp3C-OJjrmIfWvG9IxY8yptoMaEkVaiXqvgkbsdXxjqdqEPG2gb3G8TL4qXfNK4ElZBlBEZS2B7AXWIw7yulDEBPaxOqc5hn8bMLie8KNrDmi4RPG80YiqqfoO8MjjoFIFL0ogFc9emQKmEJEZF5TzwKrKK1GBkT-EHoP2zUhHFn6REuWDtLclQsvH-dLQpv1C3C5h_c7nF3fddEHG7vgplukyBwEylPl5AiMl9iL1hrxlQirWO--gVIdRrAREmjw8rt9Se5Q-MgGAMi-lOHxQyOt_ASczYwQhI3K8o9ztVDPSX6y-K2yOps33RBjpdKBxW-CpCLZfhiT9Ocxy92o8Rg9dCzddg-TtNu7jdMjxZVEpwsJMV2nzHMyF5wNheRMNM3Gx2XOJF48mXKMPcTxfUj-2DS30OO9hP3W4GtEYqEZM5mhuIFJjgXKpjYxi81MTCdRv-Aue2BsOSK942ezGzC_MFN1_hQ6ykhr-hupC-00XSTnqysa1QWyaz2G0_PbzjG9TXM_mW39Lo9KqGC3DyfggUJ6T_SdjEsltbYQpJrZWlETPBY0p-Xhycpuc-XYu1vdy7CrJMwjxmH_RmjUEkS6Bf0N6E1LxN1SHS9HSFpTzwaGLwgTUeTpb3pc-1hNR5ZpY0osmcv-mUmndtYbrJD2VeDjvR4UfCRV7UwQ21iFW1jg-3R_WBUBcwg2UWg2ioLrbP4plOpLNXDXC0jcC-Zbr5sI6JTTwlzxUTGcW5bCkbKnaKiqT3viF5Y0SLn_D02V7c_2JQsLc_g9uHd2Wqb_RvOITqOvA7Uq1AfGC7kP7Skeg6fTnzufseqCe-pDDTTadcSbv5rJ8oNw2uLulppmYHdPMZWLYUIVfwBCyCuL8LX2Yv8OvbGKAKdGU-W8HHl35LqA8h0qrpu7gpX6guUvFOGLDSjH8qj4PCU_8e80t7GY7us7kbhRnGitxd0J2gf_m2LCY0HQT5uGioI1PguF5aUBWkbYQYAoojnLKQJnDQJUjdTc0yE0ehsL3m8LWLTer7PH61APSWrU2Rf5e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame E0D9 0
128 B 31ms
22ms Script
text/plain 104.36.115.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156212&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:41 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 3BB9 3 KB
3 KB 23ms
21ms Script
text/html 104.36.115.113
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=68897652&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 4c618d9def8f2e5c7e46f7e7d55a4a5bb1254759551974f0ba70598837812139

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 12 Oct 2022 17:21:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 /
csync.loopme.me/ Frame 39A4 0
0 148ms
112ms Document
text/plain 2606:4700::6813:ac6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:ac6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 759183752c7a4bd1-YUL
date: Wed, 12 Oct 2022 17:21:43 GMT
server: cloudflare

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8BFC
Redirect Chain

https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7188817001893117966

42 B
298 B

24ms
24ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7188817001893117966
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 12 Oct 2022 17:21:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: max-age=62390
Connection: keep-alive
Content-Length: 154
Content-Type: text/html
Date: Wed, 12 Oct 2022 17:21:43 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7188817001893117966
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: Apache/2.4.6 (CentOS)
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.33

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame CEAF 0
0 94ms
24ms Document
text/plain 5.161.47.120
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),

Reverse DNS

static.120.47.161.5.clients.your-server.de

Software

nginx/1.23.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: keep-alive
Date: Wed, 12 Oct 2022 17:21:43 GMT
Server: nginx/1.23.1
Strict-Transport-Security: max-age=15768000

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 28F7
Redirect Chain

https://gocm.c.appier.net/pubmatic
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=emPgJ_a4CGGZxk3qp_dGYw

42 B
307 B

24ms
23ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=emPgJ_a4CGGZxk3qp_dGYw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 12 Oct 2022 17:21:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-store
content-length: 153
content-type: text/html; charset=utf-8
date: Wed, 12 Oct 2022 17:21:43 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=emPgJ_a4CGGZxk3qp_dGYw
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: nginx

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame DCAB
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8cf33822-38bd-4642-8c75-b22c4163d57b-tucta407d27&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
149 B

66ms
31ms

Document
text/plain

151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8cf33822-38bd-4642-8c75-b22c4163d57b-tucta407d27&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
content-length: 0
date: Wed, 12 Oct 2022 17:21:43 GMT
server: nginx
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-yul12830-YUL
x-timer: S1665595303.301053,VS0,VE20

Redirect headers

accept-ranges: bytes
content-length: 0
date: Wed, 12 Oct 2022 17:21:43 GMT
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8cf33822-38bd-4642-8c75-b22c4163d57b-tucta407d27&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server: nginx
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-yul12824-YUL
x-timer: S1665595303.242194,VS0,VE10
x-vcl-time-ms: 10

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame BF11 43 B
279 B 527ms
148ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Wed, 12 Oct 2022 17:21:43 GMT
Vary: Accept-Encoding
X-adserver-worker: komodo-f2255fd871df@version_1.528v3
X-core-time: 0ms
X-server-arch: v2

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 878F
Redirect Chain

https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=1b8ef0cc-622c-4dd9-9b4a-b80a9d45b654

1 B
72 B

22ms
22ms

Document
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=1b8ef0cc-622c-4dd9-9b4a-b80a9d45b654
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Wed, 12 Oct 2022 17:21:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Wed, 12 Oct 2022 17:21:43 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=1b8ef0cc-622c-4dd9-9b4a-b80a9d45b654
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B134
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:1C00CAD18F904BA79B8E5F327C0866BF

1 B
53 B

24ms
24ms

Document
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:1C00CAD18F904BA79B8E5F327C0866BF
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Wed, 12 Oct 2022 17:21:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Wed, 12 Oct 2022 17:21:43 GMT
expires: Tue, 11 Oct 2022 17:21:43 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:1C00CAD18F904BA79B8E5F327C0866BF
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2

200

epx Show response
um.simpli.fi/ Frame 1815
Redirect Chain

https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
https://um.simpli.fi/epx

43 B
228 B

26ms
25ms

Document
image/gif

34.150.170.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://um.simpli.fi/epx
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 96.170.150.34.bc.googleusercontent.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
content-type: image/gif
date: Wed, 12 Oct 2022 17:21:43 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
pragma: no-cache

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Wed, 12 Oct 2022 17:21:43 GMT
expires: Tue, 11 Oct 2022 17:21:43 GMT
location: https://um.simpli.fi/epx
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H/1.1 200
OK merge Show response
ce.lijit.com/ Frame 262F 43 B
4 KB 29ms
26ms Document
image/gif 23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=58&3pid=59D92590-354E-4F4D-8B00-51C9447E4FBA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length: 43
Content-Type: image/gif
Date: Wed, 12 Oct 2022 17:21:43 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap3ewr1

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 3BB9
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=59D92590-354E-4F4D-8B00-51C9447E4FBA
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://pixel.onaudience.com/?partner=147&mapped=3e5930d9-9ed8-4653-aa55-d261af64125b&icm&gdpr=0&gdpr_consent=&cver
https://spl.zeotap.com/?zdid=1332&zcluid=63888515040b29ab
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7b4ca9a4-a4c5-4d95-48e6-29685e7f6180&reqId=f95661ef-2d90-47d0-7e66-fbc9a1bdab0d&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEJbDHLMwHkf6srFfUit1THc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7b4ca9a4-a4c5-4d95-48e6-29685e7f6180&reqId=f95661ef-2d90-47d0-7e66-fbc...

95 B
152 B

111ms
110ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEJbDHLMwHkf6srFfUit1THc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7b4ca9a4-a4c5-4d95-48e6-29685e7f6180&reqId=f95661ef-2d90-47d0-7e66-fbc9a1bdab0d&zcluid=63888515040b29ab&zdid=1332
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 75918378ccc8ca5f-YUL
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEJbDHLMwHkf6srFfUit1THc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7b4ca9a4-a4c5-4d95-48e6-29685e7f6180&reqId=f95661ef-2d90-47d0-7e66-fbc9a1bdab0d&zcluid=63888515040b29ab&zdid=1332
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

202

Artemis
aud.pubmatic.com/AdServer/ Frame 3BB9
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=59D92590-354E-4F4D-8B00-51C9447E4FBA&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=59D92590-354E-4F4D-8B00-51C9447E4FBA&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=59D92590-354E-4F4D-8B00-51C9447E4FBA&addseg=12,35,41

0
0

76ms
21ms

Image
application/json

162.248.18.10
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=59D92590-354E-4F4D-8B00-51C9447E4FBA&addseg=12,35,41
Protocol: H2
Server: 162.248.18.10 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Redirect headers

date: Wed, 12 Oct 2022 17:21:43 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=59D92590-354E-4F4D-8B00-51C9447E4FBA&addseg=12,35,41
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 3BB9
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=59D92590-354E-4F4D-8B00-51C9447E4FBA&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=59D92590-354E-4F4D-8B00-51C9447E4FBA&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

33ms
32ms

Image
image/gif

50.57.31.206
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=59D92590-354E-4F4D-8B00-51C9447E4FBA&sInitiator=external&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:43 GMT
Frontend-ID: 3
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type: image/gif
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Content-Length: 42
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:43 GMT
Frontend-ID: 1
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location: /pubmatic/1/info2?sType=sync&sExtCookieId=59D92590-354E-4F4D-8B00-51C9447E4FBA&sInitiator=external&gdpr=0&gdpr_consent=
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Length: 0
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 3BB9 43 B
656 B 30ms
28ms Image
image/gif 52.85.61.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=59D92590-354E-4F4D-8B00-51C9447E4FBA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-80.ewr53.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:43 GMT
via: 1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR53-P1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: nN_FK1A0QIIgDFCltDIQZhj7SERRljCO_eYInMolbBzad3WsJzcIZg==
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3BB9
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8274292330252133132

42 B
95 B

24ms
23ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8274292330252133132
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 12 Oct 2022 17:21:43 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:21:43 GMT
AN-X-Request-Uuid: d898abf2-10ec-4977-90cc-26087162f0a5
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8274292330252133132
Connection: keep-alive
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3BB9
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:99b799e9-2ca6-412d-a054-0ec2c24a90c2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
95 B

21ms
20ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:99b799e9-2ca6-412d-a054-0ec2c24a90c2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 12 Oct 2022 17:21:43 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:99b799e9-2ca6-412d-a054-0ec2c24a90c2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Wed, 12 Oct 2022 17:21:43 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 d1ba4609
rtb.gumgum.com/getuid/ Frame 3BB9 35 B
209 B 105ms
25ms Image
image/gif 3.226.175.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.175.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-175-232.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:43 GMT
server: nginx
content-type: image/gif;charset=UTF-8
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 75ms
33ms Ping
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-MZJPDFCDG4&gtm=2oeaa0&_p=59723141&cid=976293219.1665595296&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1665595296&sct=1&seg=0&dl=https%3A%2F%2Fsite.crefaz.com.br%2F&dt=Crefaz%20-%20Financiamentos%20e%20Investimentos&en=Visualiza%C3%A7%C3%A3o%20do%20formul%C3%A1rio%20%2336&_ee=1&ep.event_category=Preenchimento%20do%20formul%C3%A1rio%20%22QUER%20CONTRATAR%20UM%20EMPR%C3%89STIMO%3F%22%2C%20%2336&_et=2236
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MZJPDFCDG4&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://site.crefaz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:21:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://site.crefaz.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 3BB9 0
128 B 25ms
24ms Script
text/plain 104.36.115.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=137711&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:21:45 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: aorta.clickagy.com
URL: https://aorta.clickagy.com/pixel.gif?ch=4&cm=50d1b3cc-904b-0ead-2cb2-ba977709488a&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D

Verdicts & Comments Add Verdict or Comment

316 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

226 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
map.go.affec.tv/map/ttd	1969-12-31 23:59:59	Name: oo Value: 1
map.go.affec.tv/map/an	1969-12-31 23:59:59	Name: oo Value: 1
.mrtnsvr.com/sync	1970-01-20 15:26:57	Name: userId Value: LlCdgc-tp
i.liadm.com/s	1970-01-20 07:23:07	Name: _li_ss Value: MgkI_____wcQuxM
site.crefaz.com.br/	1970-01-20 06:40:02	Name: ci_session_site_ Value: u1auo8rg2btdf5ofq1tt3se8f9sodngc
.dtscout.com/	1970-01-20 06:40:00	Name: m Value: 1
.dtscout.com/	1970-01-20 06:39:58	Name: st Value: 1
.dtscout.com/	1970-01-20 06:40:09	Name: oa Value: 1
.dtscout.com/	1970-01-20 09:03:55	Name: df Value: 1665595296
.dtscout.com/	1970-01-20 08:48:04	Name: l Value: 51A0166559529668EDBB65A4077AE425
.crefaz.com.br/	1970-01-20 16:15:55	Name: _ga Value: GA1.3.976293219.1665595296
.crefaz.com.br/	1970-01-20 06:41:21	Name: _gid Value: GA1.3.813280549.1665595296
.crefaz.com.br/	1970-01-20 06:39:55	Name: _gat_gtag_UA_176320567_1 Value: 1
.crefaz.com.br/	1970-01-20 08:49:31	Name: _fbp Value: fb.2.1665595296443.1258706247
.crefaz.com.br/	1970-01-20 16:01:31	Name: __gads Value: ID=4c81262b828ca0f3-22f1e80cacd700bc:T=1665595296:RT=1665595296:S=ALNI_Ma3iL5F5UNV0NMN_b0YOOXBZzhVtQ
.crefaz.com.br/	1970-01-20 16:01:31	Name: __gpi Value: UID=0000088315adfc85:T=1665595296:RT=1665595296:S=ALNI_MYDc4kZoKaQyKrWWEIXz71_qj7Ejg
.sharethis.com/	1970-01-20 15:25:31	Name: __stid Value: ZHwAA2NG96AAAAAJHTKaAw==
.sharethis.com/	1970-01-20 15:25:31	Name: __stidv Value: 2
.crefaz.com.br/	1970-01-20 08:45:12	Name: __dtsu Value: 51A0166559529668EDBB65A4077AE425
.dtscdn.com/	1970-01-20 10:57:40	Name: uid Value: 51A0166559529668EDBB65A4077AE425
.onaudience.com/	1970-01-20 15:25:31	Name: cookie Value: 63888515040b29ab
.onaudience.com/	1970-01-20 06:41:21	Name: done_redirects161 Value: 1
.lijit.com/	1970-01-20 15:25:31	Name: ljt_reader Value: FeDxfSZH8tW68m2ZSEGrvTGq
.t.sharethis.com/	1970-01-20 07:00:04	Name: pxcelPage_default_c010_C Value: 1_0_1665595298271
.crefaz.com.br/	1970-01-20 06:39:55	Name: lotame_domain_check Value: crefaz.com.br
.tynt.com/	1970-01-20 15:25:31	Name: uid Value: CoIKR2NG96JTs74uB2g7Ag==
.exelator.com/	1970-01-20 09:32:43	Name: EE Value: "f4161dc54b8ae364269f4a38120c5681"
.ml314.com/	1970-01-20 15:25:31	Name: pi Value: 3630704673834926100
.adsrvr.org/	1970-01-20 15:25:31	Name: TDID Value: 3e5930d9-9ed8-4653-aa55-d261af64125b
.eyeota.net/	1970-01-20 15:25:31	Name: mako_uid Value: 183cd375249-132a0000010a56c9
.eyeota.net/	1970-01-20 06:39:55	Name: SERVERID Value: 22217~DM
.exelator.com/	1970-01-20 09:32:43	Name: ud Value: "eJxrXxzq6XKLQSHNxNDMMCXZ1CTJIjHV2MzEyMwyzSTR2MLQyCDZ1MzCcHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAbEl%252BUWb6ImfHxUUpaQyLSopPBR98NgcAdrEqQg%253D%253D"
.onaudience.com/	1970-01-20 06:41:21	Name: done_redirects104 Value: 1
.crefaz.com.br/	1970-01-20 16:15:55	Name: _ga_MZJPDFCDG4 Value: GS1.1.1665595296.1.0.1665595298.58.0.0
.tynt.com/	1970-01-20 08:49:31	Name: pids Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1665595298458%7D%2C%7B%22p%22%3A%221d819f216e%22%2C%22f%22%3A1%2C%22ts%22%3A1665595298458%7D%2C%7B%22p%22%3A%224bbb341d17%22%2C%22f%22%3A1%2C%22ts%22%3A1665595298458%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1665595298458%7D%2C%7B%22p%22%3A%222a1349c163%22%2C%22f%22%3A4%2C%22ts%22%3A1665595298458%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1665595298458%7D%2C%7B%22p%22%3A%226361f7f203%22%2C%22f%22%3A2%2C%22ts%22%3A1665595298458%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1665595298458%7D%2C%7B%22p%22%3A%227361b0e8e4%22%2C%22f%22%3A1%2C%22ts%22%3A1665595298458%7D%5D
.liadm.com/	1970-01-20 16:15:55	Name: lidid Value: 4c5501ce-7815-404e-b6d4-cc9a9fe162f8
.simpli.fi/	1970-01-20 15:26:57	Name: suid Value: 1C00CAD18F904BA79B8E5F327C0866BF
.intentiq.com/	1970-01-20 16:15:55	Name: IQver Value: 1.9
.adsymptotic.com/	1970-01-20 08:49:31	Name: U Value: bdb73cb7fa1d2d997631c0cad4683fc3
.tapad.com/	1970-01-20 08:06:19	Name: TapAd_TS Value: 1665595298995
.tapad.com/	1970-01-20 08:06:19	Name: TapAd_DID Value: 4bd454ba-cdd9-4072-ace3-b44ebbe421b7
.go.affec.tv/	1970-01-20 15:25:31	Name: ck Value: 6346f7a3c2d1f500013392fc
.go.affec.tv/	1970-01-20 15:25:31	Name: oo Value: 1
.crwdcntrl.net/	1970-01-20 13:08:42	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 13:08:42	Name: _cc_id Value: 53649b85c5a1c379f223fbf3ac206818
.33across.com/	1970-01-20 15:25:31	Name: 33x_ps Value: u%3D212002981022435%3As1%3D1665595299037%3Ats%3D1665595299037
.bluekai.com/	1970-01-20 10:59:07	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 10:59:07	Name: bkpa Value: KJpEnXTLu5Dl1MzN+nEwEnWN1Mx01eY0+e961e/01EjPv6G+Lz6G0zNHv6g1uX7w+ED61p1N+ExNLgxW91SbefT=
.bluekai.com/	1970-01-20 10:59:07	Name: bku Value: 4tL99vwlHZweALQZ
.lijit.com/	1970-01-20 15:25:31	Name: _ljtrtb_2 Value: 1C00CAD18F904BA79B8E5F327C0866BF
.rqtrk.eu/	1970-01-20 15:25:31	Name: browser_id Value: 7bd40d8a-afa7-4fd5-bf8b-b1861337a448
.doubleclick.net/	1970-01-20 16:15:55	Name: IDE Value: AHWqTUm9a_X6K8H5bZST7k9CqF1ZiTZMB2qDanYIBpPKr77zJMeCINcWdBlm5m5eeUg
.adnxs.com/	1970-01-20 08:49:31	Name: uuid2 Value: 8274292330252133132
.lijit.com/	1970-01-20 15:25:31	Name: _ljtrtb_5014 Value: bdb73cb7fa1d2d997631c0cad4683fc3
.rqtrk.eu/	1970-01-20 06:41:21	Name: rc Value: 6_0:
.onaudience.com/	1970-01-20 06:41:21	Name: done_redirects109 Value: 1
.rkdms.com/	1970-01-20 15:25:52	Name: sessionid Value: h-2623deb45a5f3350d84876bf90306ec0_t-1665595299
.rkdms.com/	1970-01-20 15:25:52	Name: sc Value: 13%3A103265
.zeotap.com/	1970-01-20 15:25:31	Name: zc Value: 7b4ca9a4-a4c5-4d95-48e6-29685e7f6180
.adnxs.com/	1970-01-20 08:49:31	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2E?im^(Re!]tbP6j2F-XstGt!@Dg4$o+-j
.lijit.com/	1970-01-20 15:25:31	Name: _ljtrtb_5001 Value: 53649b85c5a1c379f223fbf3ac206818
.go.affec.tv/	1970-01-20 15:25:31	Name: pt Value: eyJhbiI6eyJkdCI6MTY2NTU5NTI5OSwiaWQiOiI4Mjc0MjkyMzMwMjUyMTMzMTMyIiwibHMiOjE2NjU1OTUyOTl9LCJ0dCI6eyJkdCI6MTY2NTU5NTI5OSwiaWQiOiJDb0lLUjJORzk2SlRzNzR1QjJnN0FnPT0iLCJscyI6MTY2NTU5NTI5OX0sInRkIjp7ImR0IjoxNjY1NTk1Mjk5LCJpZCI6IjNlNTkzMGQ5LTllZDgtNDY1My1hYTU1LWQyNjFhZjY0MTI1YiIsImxzIjoxNjY1NTk1Mjk5fSwidiI6MH0=\|1665595299\|41acdf9d77cfde2c7b4d94772fc06f909d92f2c9
.bidswitch.net/	1970-01-20 15:25:31	Name: tuuid Value: 82ae6f57-cf67-4347-a1b7-35b22eb6a653
.bidswitch.net/	1970-01-20 15:25:31	Name: c Value: 1665595299
.bidswitch.net/	1970-01-20 15:25:31	Name: tuuid_lu Value: 1665595299
.retargetly.com/	1970-01-20 10:59:07	Name: _rlid Value: 3020259f-573e-468a-9f7b-4b03cb384703
.krxd.net/	1970-01-20 10:59:07	Name: _kuid_ Value: PIkZI48t
.turn.com/	1970-01-20 10:59:07	Name: uid Value: 7320511249085752497
.lijit.com/	1970-01-20 15:25:31	Name: ljtrtbexp Value: eJxdjz0agDAMQu%2FS2SGp%2BSFezc%2B7a9UljI8GCufQcWiEBzSqtjFfDIhh4d7RFdmVVLoQIUWFmL7I%2BHiKyOKqyt7pUdA94Mygd%2BoNI3Zi8k%2F202oU3cffeIe9nLSJNhvlG%2BU59XH0fJXe8LoBGRRbAA%3D%3D
.openx.net/	1970-01-20 15:25:31	Name: i Value: 9cf3b870-6bb6-0d14-00f1-e93ef71c7546\|1665595299
.crwdcntrl.net/	1970-01-20 13:08:43	Name: _cc_cc Value: "ACZ4XmNQMDU2M7FMsjBNNk00TDY2t0wzMjJOS0ozTkw2MjCzMLRgAIJkt%2B%2BLQTQECC9ZsVGb8aMsw39GRoYnLz7qMu%2FRArEhItvrweKb%2FhRiE362eA4LNvHOE0v0sYmfO3qIGZv4941TsJqze99lAWzqPzTcF2BCdibDYRwuWb3%2BKTc2EyafUMcm%2FG4Jdg%2F1Yld%2B%2Be9tFkaIOxg%2BbGpnhbEP7kSIr2%2FcJwATP7IRIQ4Au7eOhQ%3D%3D"
.crwdcntrl.net/	1970-01-20 13:08:43	Name: _cc_aud Value: "ABR4XmNgYGBIdvu%2BGEhBACsDA9cMMHNRK4hk1JoNoWaBqYf1QBIAunwG%2Fg%3D%3D"
.crefaz.com.br/	1970-01-20 13:08:43	Name: _cc_id Value: 53649b85c5a1c379f223fbf3ac206818
.crefaz.com.br/	1970-01-20 06:50:00	Name: panoramaId_expiry Value: 1666200099865
.crefaz.com.br/	1970-01-20 06:50:00	Name: panoramaId Value: bcc161ae1a63651d8dc4f7c901de16d539389a0c9900f98a557954898ca6a2eb
.lijit.com/	1970-01-20 15:25:31	Name: _ljtrtb_1 Value: 7320511249085752497
.quantserve.com/	1970-01-20 16:10:09	Name: mc Value: 6346f7a3-e66b5-ccdf3-f584a
.openx.net/	1970-01-20 07:01:31	Name: pd Value: v2\|1665595299\|vMgahEkWgyiK
.lijit.com/	1970-01-20 15:25:31	Name: _ljtrtb_43 Value: f32z-y955v5kK7H7K3uqrioq4f5kKLL1fS9RGYsV
.sitescout.com/	1970-01-20 15:25:31	Name: ssi Value: a97de48a-c7dd-418a-b7f1-3bd0c8b38aeb#1665595299985
.mathtag.com/	1970-01-20 16:05:50	Name: uuid Value: 5e3e6346-f7a3-4400-98de-74a4ca85ba85
sync.srv.stackadapt.com/	1970-01-20 15:25:31	Name: sa-user-id Value: s%3A0-f8ab4d2e-723f-4b5c-4033-b696f042bad9.sVvhuVXhcmI4pkrkxXx%2BjGyXe9RxhlP4u4d16%2FRNU54
.srv.stackadapt.com/	1970-01-20 15:25:31	Name: sa-user-id-v2 Value: s%3A-KtNLnI_S1xAM7aW8EK62ZU4mbg.LtFH1K1C%2FlVst9M%2FGCAJWDxE%2BoQFvUFZorotirQai70
.lijit.com/	1970-01-20 15:25:31	Name: _ljtrtb_76 Value: 23b159e9-2885-08ee-1d9b-9770eb8a79e9
.owneriq.net/	1970-01-20 16:15:55	Name: si Value: Q7188817001893117966
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNrIwNDAwNjWwMAKyTM0NjQxMhPgMdeNdwz0MjRMtSiJ9kgAKbtWPJQAAAA
.rfihub.com/	1970-01-20 16:01:31	Name: eud Value: H4sIAAAAAAAA_zvEyGtoZmZqamlqbGBgaGgIANNL1h0QAAAA
.rfihub.com/	1970-01-20 16:01:31	Name: rud Value: H4sIAAAAAAAA_-MSNrIwNDAwNjWwMAKyTM0NjQxMhPgMdeNdwz0MjRMtSiJ9kgAKbtWPJQAAAA
.lijit.com/	1970-01-20 15:25:31	Name: _ljtrtb_3 Value: 5e3e6346-f7a3-4400-98de-74a4ca85ba85
.bidr.io/	1970-01-20 16:08:28	Name: bito Value: AADFvU7Gje8AAB2zsYrbcQ
.bidr.io/	1970-01-20 16:08:28	Name: bitoIsSecure Value: ok
.openx.net/	1970-01-20 07:01:31	Name: univ_id Value: 537072971\|3e5930d9-9ed8-4653-aa55-d261af64125b\|1665595300167597
.lijit.com/	1970-01-20 15:25:31	Name: _ljtrtb_80 Value: L95WFQNF-B-GZGF
.lijit.com/	1970-01-20 15:25:31	Name: _ljtrtb_10 Value: 2810035082281571204
.everesttech.net/	1970-01-20 15:25:31	Name: everest_g_v2 Value: g_surferid~Y0b3pAABUd3hXABU
.pubmatic.com/	1970-01-20 08:49:31	Name: KADUSERCOOKIE Value: 59D92590-354E-4F4D-8B00-51C9447E4FBA
.lijit.com/	1970-01-20 15:25:31	Name: _ljtrtb_85 Value: AADFvU7Gje8AAB2zsYrbcQ
.yahoo.com/	1970-01-20 15:25:52	Name: A3 Value: d=AQABBKT3RmMCEMbj33_ttmso8n0w5RzrYAUFEgEBAQFJSGNQYwAAAAAA_eMAAA&S=AQAAAslD1vhsw86J9YzNPGty_Jk
.lijit.com/	1970-01-20 15:25:31	Name: _ljtrtb_26 Value: 82ae6f57-cf67-4347-a1b7-35b22eb6a653
.lijit.com/	1970-01-20 15:25:31	Name: _ljtrtb_92 Value: 8274292330252133132
.lijit.com/	1970-01-20 15:25:31	Name: _ljtrtb_16 Value: a97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341
.quantserve.com/	1970-01-20 08:49:31	Name: d Value: EPgBEgGoJ_ijDejbEA
.mfadsrvr.com/	1970-01-20 16:15:55	Name: tuuid Value: 2750a7d0-905b-47c2-acf6-c0b4544a7891
.mfadsrvr.com/	1970-01-20 16:15:55	Name: c Value: 1665595300
.mfadsrvr.com/	1970-01-20 16:15:55	Name: tuuid_lu Value: 1665595300
.rubiconproject.com/	1970-01-20 15:25:31	Name: khaos Value: L95WFQUN-E-I48T
.targeting.unrulymedia.com/	1970-01-20 15:25:31	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-a8c2ae2f-b4e4-407a-9ba2-d1b750d89238-005%22%7D
.lijit.com/	1970-01-20 15:25:31	Name: _ljtrtb_71 Value: 59D92590-354E-4F4D-8B00-51C9447E4FBA
.sitescout.com/	1970-01-20 07:23:07	Name: _ssuma Value: eyI0NSI6MTY2NTU5NTMwMDMzMywiNDgiOjE2NjU1OTUzMDAwOTQsIjM5IjoxNjY1NTk1MzAwMDk0LCI3IjoxNjY1NTk1MzAwMjc1fQ
.agkn.com/	1970-01-20 15:25:31	Name: ab Value: 0001%3A1GF2%2F6aVP7CVhN9hhThbZBqIYB8vUQV2
.adform.net/	1970-01-20 07:24:33	Name: C Value: 1
.contextweb.com/	1970-01-20 15:18:19	Name: V Value: GLMRszG2FzR4
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: a91af96e51576ee8
.rlcdn.com/	1970-01-20 15:25:31	Name: rlas3 Value: SpKvRG4WV/dFeVSaWcC4zeC4dMb2SkuRLAxJkHt4Xbk=
.truoptik.com/	1970-01-20 15:25:31	Name: to_master_s Value: 0ce18677ed5a0d5d75f8143361c3cc5e
.truoptik.com/	1970-01-20 15:25:31	Name: to_version_s Value: b2
.adgrx.com/	1970-01-20 16:08:43	Name: ADGRX_UID Value: 55b2bb9c-4a52-11ed-9767-329a2587c191
.lijit.com/	1970-01-20 15:25:31	Name: _ljtrtb_83 Value: L95WFQUN-E-I48T
.adform.net/	1970-01-20 08:06:19	Name: uid Value: 4019548380811842642
.lijit.com/	1970-01-20 15:25:31	Name: _ljtrtb_56 Value: RX-a8c2ae2f-b4e4-407a-9ba2-d1b750d89238-005
.deepintent.com/	1970-01-20 16:15:55	Name: CDIUSER Value: di_08aeaa9c8da041b2a9c6a
.acuityplatform.com/	1970-01-20 15:25:31	Name: auid Value: 698850414500
.acuityplatform.com/	1970-01-20 15:25:31	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBQXMmdVG4mGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUFzJnVRuI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.pubmatic.com/	1970-01-20 07:23:07	Name: KRTBCOOKIE_148 Value: 19421-uid:1C00CAD18F904BA79B8E5F327C0866BF
.pubmatic.com/	1970-01-20 07:23:07	Name: KRTBCOOKIE_153 Value: 1923-8RhoqKEcPa3qTmqopR5x_aRPOq3qTWmm80p7Fo9r&KRTB&19420-8RhoqKEcPa3qTmqopR5x_aRPOq3qTWmm80p7Fo9r&KRTB&22979-8RhoqKEcPa3qTmqopR5x_aRPOq3qTWmm80p7Fo9r&KRTB&23403-8RhoqKEcPa3qTmqopR5x_aRPOq3qTWmm80p7Fo9r
.pubmatic.com/	1970-01-20 07:23:07	Name: KRTBCOOKIE_188 Value: 3189-a97de48a-c7dd-418a-b7f1-3bd0c8b38aeb-6346f7a3-4341
.pubmatic.com/	1970-01-20 07:23:07	Name: KRTBCOOKIE_57 Value: 22776-8274292330252133132&KRTB&23339-8274292330252133132
.ipredictive.com/	1970-01-20 15:25:31	Name: cu Value: 98161c5f-8fb6-4302-9ae2-c07a3711b4d8\|1665595300411
.pubmatic.com/	1970-01-20 07:23:07	Name: KRTBCOOKIE_860 Value: 16335--KtNLnI_S1xAM7aW8EK62ZU4mbg&KRTB&23334--KtNLnI_S1xAM7aW8EK62ZU4mbg&KRTB&23417--KtNLnI_S1xAM7aW8EK62ZU4mbg
.pubmatic.com/	1970-01-20 07:23:07	Name: KRTBCOOKIE_377 Value: 6810-3e5930d9-9ed8-4653-aa55-d261af64125b&KRTB&22918-3e5930d9-9ed8-4653-aa55-d261af64125b&KRTB&23031-3e5930d9-9ed8-4653-aa55-d261af64125b
.pubmatic.com/	1970-01-20 07:23:07	Name: KRTBCOOKIE_27 Value: 16735-uid:5e3e6346-f7a3-4400-98de-74a4ca85ba85&KRTB&16736-uid:5e3e6346-f7a3-4400-98de-74a4ca85ba85&KRTB&23019-uid:5e3e6346-f7a3-4400-98de-74a4ca85ba85&KRTB&23208-uid:5e3e6346-f7a3-4400-98de-74a4ca85ba85
.pubmatic.com/	1970-01-20 07:23:07	Name: KRTBCOOKIE_218 Value: 4056-Y0b3pAABUd3hXABU&KRTB&22978-Y0b3pAABUd3hXABU&KRTB&23194-Y0b3pAABUd3hXABU&KRTB&23209-Y0b3pAABUd3hXABU
.pubmatic.com/	1970-01-20 07:23:07	Name: KRTBCOOKIE_22 Value: 14911-7320511249085752497&KRTB&23150-7320511249085752497
.lijit.com/	1970-01-20 15:25:31	Name: _ljtrtb_49 Value: GLMRszG2FzR4
.c.cintnetworks.com/	1970-01-20 06:39:58	Name: TiPMix Value: 31.37207305771641
.c.cintnetworks.com/	1970-01-20 06:39:58	Name: x-ms-routing-name Value: self
.analytics.yahoo.com/	1970-01-20 15:25:31	Name: IDSYNC Value: 18z8~27oh
.adgrx.com/	1970-01-20 06:41:21	Name: ADGRX_CM_PUBMATIC_BRIDGED Value: 1
.lijit.com/	1970-01-20 15:25:31	Name: _ljtrtb_27 Value: 3e5930d9-9ed8-4653-aa55-d261af64125b
.mfadsrvr.com/	1970-01-20 16:15:55	Name: ssh Value: !bidswitch,1665595300
.creativecdn.com/	1970-01-20 15:25:31	Name: u Value: P57OHTP1ok86ZT0DlIAm
.creativecdn.com/	1970-01-20 15:25:31	Name: ts Value: 1665595300
.pubmatic.com/	1970-01-20 07:23:07	Name: KRTBCOOKIE_80 Value: 22987-CAESEFNa8IeY_sqNceGBOeP__3M&KRTB&16514-CAESEFNa8IeY_sqNceGBOeP__3M&KRTB&23025-CAESEFNa8IeY_sqNceGBOeP__3M&KRTB&23386-CAESEFNa8IeY_sqNceGBOeP__3M
.pubmatic.com/	1970-01-20 07:23:07	Name: KRTBCOOKIE_469 Value: 8273-698850414500
.pubmatic.com/	1970-01-20 07:23:07	Name: KRTBCOOKIE_1278 Value: 23329-3349f5a2-0e0f-4c1d-8ec2-3cd1cb44b6c5
.pubmatic.com/	1970-01-20 07:23:07	Name: KRTBCOOKIE_1305 Value: 23408-LlCdgc-tp&KRTB&23413-LlCdgc-tp
.pubmatic.com/	1970-01-20 07:23:07	Name: KRTBCOOKIE_391 Value: 22924-3128883889331652583&KRTB&23263-3128883889331652583
.pubmatic.com/	1970-01-20 07:23:07	Name: KRTBCOOKIE_279 Value: 22890-98161c5f-8fb6-4302-9ae2-c07a3711b4d8&KRTB&23011-98161c5f-8fb6-4302-9ae2-c07a3711b4d8&KRTB&23355-98161c5f-8fb6-4302-9ae2-c07a3711b4d8
.pubmatic.com/	1970-01-20 07:23:07	Name: KRTBCOOKIE_1003 Value: 22761-55b2bb9c-4a52-11ed-9767-329a2587c191&KRTB&23275-55b2bb9c-4a52-11ed-9767-329a2587c191
.lijit.com/	1970-01-20 15:25:31	Name: _ljtrtb_12 Value: 8274292330252133132
.lijit.com/	1970-01-20 15:25:31	Name: _ljtrtb_84 Value: c:3aa7923fefdd3a12652425a78e4d5e19
.amazon-adsystem.com/	1970-01-20 16:15:55	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 12:57:12	Name: ad-id Value: A6Z0q--Vy05OtyW-sCy0o0U
.media.net/	1970-01-20 15:25:31	Name: visitor-id Value: 3085969001455297000V10
.media.net/	1970-01-20 15:24:04	Name: data-sov Value: FeDxfSZH8tW68m2ZSEGrvTGq~~3
.mxptint.net/	1970-01-20 16:15:55	Name: mxpim Value: R1B341_F7A5F1C6_7905B4F6.1.00000000000000006346F7A4
.rubiconproject.com/	1970-01-20 15:25:31	Name: audit Value: 1\|VtiIWsVwmI+Fx67roq1iAKRApgFmmMuxEVZSu3OjAe7WaDs14xzbSKNEgAMYbfM8uoaPtglTz6lCqQ3+tQhlLHMDvubSxZCG6XkpxWjLVqA2lbIZpOyshevdGJvCae5zoxw3IrM1QdF01qAbJMnMkb36B19O7vOZ3sp+uxZOeRk6MWqnocaYWw==
beacon.lynx.cognitivlabs.com/	1970-01-20 15:25:31	Name: UID Value: ef6f2520-bcb2-4604-a912-26d9e456f32e
beacon.lynx.cognitivlabs.com/	1970-01-20 15:25:31	Name: ss Value: 3atHhbLso%2Bv08vbCaY1CBOR8%2BNsL%2B1SPvTcJ2V2WjUWcjTRF1VEAcq2AtX8p9lkkNZJdCd3LrIxyvHIGXeti5Q%3D%3D
.demdex.net/	1970-01-20 10:59:07	Name: demdex Value: 40291979834938687024243178591311341333
.lijit.com/	1970-01-20 15:25:31	Name: _ljtrtb_87 Value: 2750a7d0-905b-47c2-acf6-c0b4544a7891
.technoratimedia.com/	1970-01-20 16:15:55	Name: tads_uid Value: 241BC76869A7498C981E7F4D91F74BA3
.technoratimedia.com/	1970-01-20 16:15:55	Name: tads_uid_cd Value: 20221012132140-0400
.technoratimedia.com/	1970-01-20 16:15:55	Name: tads_zora Value: 2
.technoratimedia.com/	1970-01-20 16:15:55	Name: tads_uidp_73 Value: AADFvU7Gje8AAB2zsYrbcQ
.pippio.com/	1970-01-20 15:25:31	Name: did Value: ZjKWGR_EbqUXfm9a
.pippio.com/	1970-01-20 15:25:31	Name: didts Value: 1665595300
.pippio.com/	1970-01-20 08:06:19	Name: nnls Value:
.tribalfusion.com/	1970-01-20 08:49:31	Name: ANON_ID Value: aPnseFwZcF1eoXarpfrgQoSJMZakZaiZakhZd7iAGtmGVkZcYon4262q4EDN6njOlFNTdf9dA37nR0ZcsNEBp8L3UMd
.pubmatic.com/	1970-01-20 07:23:07	Name: KRTBCOOKIE_52 Value: 22772-R1B341_F7A5F1C6_7905B4F6&KRTB&23092-R1B341_F7A5F1C6_7905B4F6
.1rx.io/	1970-01-20 15:25:31	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-a8c2ae2f-b4e4-407a-9ba2-d1b750d89238-005%22%2C%22nxtrdr%22%3Afalse%7D
.dotomi.com/	1970-01-20 06:39:55	Name: DotomiTest Value: 18689ff23c1c142a
.dpm.demdex.net/	1970-01-20 10:59:07	Name: dpm Value: 40291979834938687024243178591311341333
.pubmatic.com/	1970-01-20 07:23:07	Name: KRTBCOOKIE_466 Value: 16530-82ae6f57-cf67-4347-a1b7-35b22eb6a653&KRTB&23280-82ae6f57-cf67-4347-a1b7-35b22eb6a653
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 2ohnzbxqc4rpb40dur3kemw2
.pubmatic.com/	1970-01-20 07:23:07	Name: KRTBCOOKIE_594 Value: 17105-RX-a8c2ae2f-b4e4-407a-9ba2-d1b750d89238-005&KRTB&17107-RX-a8c2ae2f-b4e4-407a-9ba2-d1b750d89238-005
.tapad.com/	1970-01-20 08:06:19	Name: TapAd_3WAY_SYNCS Value: 1!6857-2!6857-3!6857
.lijit.com/	1970-01-20 15:25:31	Name: _ljtrtb_86 Value: P57OHTP1ok86ZT0DlIAm
.pubmatic.com/	1970-01-20 07:23:07	Name: KRTBCOOKIE_32 Value: 11175-AAAHLBD86Kd0wQMCMtlLAAAAAAA&KRTB&22713-AAAHLBD86Kd0wQMCMtlLAAAAAAA&KRTB&22715-AAAHLBD86Kd0wQMCMtlLAAAAAAA
.w55c.net/	1970-01-20 16:10:09	Name: wfivefivec Value: FPx7tNZu1OIFqk5
.pippio.com/	1970-01-20 08:06:19	Name: pxrc Value: CKTvm5oGEgQIAhAAEgYI7OsBEAA=
ib.mookie1.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: j1552devs0atbms20e1ez03e
.ib.mookie1.com/	1970-01-20 15:25:31	Name: ibkukiuno Value: s=3c8bb8c5-3f9b-42ef-a832-8548494eae23&h=&v=7619132178&l=-8585360115847433902&op=&hl=0&vlu=3&tcs=1&dcc=-8585360115847433902
.ib.mookie1.com/	1970-01-20 15:25:31	Name: ibkukinet Value: 2503514552=-8585360115847433902
.smartadserver.com/	1970-01-20 16:10:09	Name: pid Value: 4277797524658549007
.smartadserver.com/	1970-01-20 16:10:09	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 15:25:31	Name: csync Value: 127:AADFvU7Gje8AAB2zsYrbcQ
.w55c.net/	1970-01-20 07:23:07	Name: matchpubmatic Value: 5
.contextweb.com/	1970-01-20 15:25:31	Name: pb_rtb_ev Value: 3-1gmc\|7dN.0.AADFvU7Gje8AAB2zsYrbcQ\|7dW.0.1
.pubmatic.com/	1970-01-20 07:23:07	Name: KRTBCOOKIE_107 Value: 1471-uid:FPx7tNZu1OIFqk5
.linksynergy.com/	1970-01-20 15:25:31	Name: rmuid Value: de40ec62-3dd9-489e-9aaa-76c6a665829f
.linksynergy.com/	1970-01-20 15:25:31	Name: icts Value: 2022-10-12T17:21:40Z
.pubmatic.com/	1970-01-20 07:23:07	Name: KRTBCOOKIE_699 Value: 22727-AADFvU7Gje8AAB2zsYrbcQ
.rlcdn.com/	1970-01-20 08:06:19	Name: pxrc Value: CKLvm5oGEgUI6AcQABIFCOhHEAISBQjbThAAEgYI/+oBEAI=
.agkn.com/	1970-01-20 15:25:31	Name: u Value: C\|0AAAAAAAAKtm0JQAAAAAB
.t.sharethis.com/	1969-12-31 23:59:59	Name: pxcelBcnLcy Value: 27
.pubmatic.com/	1970-01-20 07:23:07	Name: SPugT Value: 1665595301
.ads.pubmatic.com/	1970-01-20 06:41:21	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 08:49:31	Name: chkChromeAb67Sec Value: 2
.pubmatic.com/	1970-01-20 06:41:21	Name: pi Value: 137711:4
.pubmatic.com/	1970-01-20 08:49:31	Name: DPSync3 Value: 1666742400%3A228_201_197_219_221_226%7C1666137600%3A164%7C1665619200%3A174
.pubmatic.com/	1970-01-20 08:49:31	Name: SyncRTB3 Value: 1666742400%3A13_233_222_231_249_3_165_7_240_96_71_48_54_239_250_8_56_166_21_104_243_238_57_81_176_22_234_204_220_55_178_99_5_189%7C1666137600%3A2_15_223_38%7C1666396800%3A63%7C1666828800%3A35%7C1668124800%3A224%7C1670716800%3A69
.owneriq.net/	1970-01-20 06:54:19	Name: p2 Value: pmc
.owneriq.net/	1970-01-20 06:54:19	Name: pmc Value: 1
.lijit.com/	1970-01-20 15:25:31	Name: ljtrtb Value: eJx1UstuVDEM%2FZdZYynxI066m9edVh1KGVqg3eV1JSioaisqMYh%2FxxkkdiyubhIfn%2BNj%2B9fC4%2BJsEVEZExI5FPREnnDxZiHBQofPkGPF3HGGwp2BnWZIJSM0X1Rci5YYwTkZKc55SxIKnEqUKtlX0jQj0lxmyhVdiD4aEsNJN%2Fcwi0KdgwITK2QjBZKC2EvIQciwfmBz0tY5ZqjaGrC3U9HZA5XmaiwUcy8QiMOsmQaXt0xOlrnbvz28HHc4HQ88lNXeqEsi1xKk3iKw6UDOItAw%2BDwH9ijl5MezoUsrStXksm%2FYUtJAvrqaG4dIcz3VaDAldOI9cnJRVOyvQ88ifu3cernxcUqOV0tNq7iViVDXLoawmgxGo2%2Bd%2BrAAfz2wc5Bi66CcueYoxT6DRmfYfZJP0%2FurCVawu98NhvT%2FUeppKmmTUJKz9vIWeOINxJVJiF8nZt3ytFoOdvrHfnsFW7jgeDOeRyPqGeWsRj%2F3uTXKHoPZRMkaOzfpPg2kGHK53Eyvt7r72uNyucLjy91zqe9HdAzzWvTd%2Bc21f3yI4f7Gbb5dLL%2BPJg5jGL1zJC6inUQ9ujE1HlXNhEf4mURe5eFSz%2FWSfjw9f3l84tnu%2B72fP6TD7u7l43A8ZJCKl9QTYIwCLvYOvqUCSdX1Es1JPxU8NgJtl7M267iTAqwVIdtaQnWFhdkcJr%2F4%2FQdjocRa
.lijit.com/	1970-01-20 15:25:31	Name: _ljtrtb_58 Value: 59D92590-354E-4F4D-8B00-51C9447E4FBA
.pubmatic.com/	1970-01-20 08:49:31	Name: KRTBCOOKIE_286 Value: 5193-Q7188817001893117966&KRTB&22521-Q7188817001893117966
.pubmatic.com/	1970-01-20 07:23:07	Name: PugT Value: 1665595303
.taboola.com/	1970-01-20 15:25:31	Name: t_gid Value: 8cf33822-38bd-4642-8c75-b22c4163d57b-tucta407d27
ads.playground.xyz/	1970-01-20 06:47:45	Name: connect.sid Value: s%3A87BWegeUpmM_Wyf6ss9WeDGSlDbiimMY.fT9PH4FzMStqzn4%2FQvlZksIv5qC0ncvELofvF5KuJOg
.fiftyt.com/	1970-01-20 15:25:31	Name: fifid Value: e188c5d1-1ef8-4146-6502-d0710f626f2a
.fiftyt.com/	1970-01-20 15:25:31	Name: cs Value: MTY2NTU5NTMwM3xEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fL9NBMdCs2H5mYQo9aVkdl32ayw_lhGsPLQIkZxXomD5
.bnmla.com/	1970-01-20 06:39:55	Name: rx_sspurl_10738 Value: https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D4f9b8b2f-80e3-4269-ace2-f0818f1eafa2
.bnmla.com/	1970-01-20 07:01:31	Name: rx_uuid Value: 4f9b8b2f-80e3-4269-ace2-f0818f1eafa2
.bnmla.com/	1970-01-20 07:01:31	Name: rx_maxage_10738 Value: 1666891303
.bnmla.com/	1970-01-20 06:39:55	Name: rx_sspid_10738 Value: 6_170
.semasio.net/	1970-01-20 15:25:31	Name: SEUNCY Value: 3BD030A90F6404A4
.fiftyt.com/	1970-01-20 06:50:00	Name: fppm Value: 20221012172143
.inmobi.com/	1970-01-20 08:49:31	Name: idsp_c Value: 1b8ef0cc-622c-4dd9-9b4a-b80a9d45b654
.onaudience.com/	1970-01-20 06:41:21	Name: done_redirects147 Value: 1
.adsby.bidtheatre.com/	1970-01-20 06:50:00	Name: __kuid Value: 99b799e9-2ca6-412d-a054-0ec2c24a90c2.434809303
.adsrvr.org/	1970-01-20 15:25:31	Name: TDCPM Value: CAESFAoFdGFwYWQSCwi-loaZiKCWOxAFEhYKB2JsdWVrYWkSCwjU-e-ciKCWOxAFGAEgASgCMgsI4q3p7p6gljsQBTgBWgd4a3N3OWxhYAI.
.onaudience.com/	1970-01-20 06:41:21	Name: done_redirects219 Value: 1
.zeotap.com/	1970-01-20 06:41:21	Name: zsc Value: ET3%01%85%E7n%C8%D7%D1p0%AF%8E%28U%C6%E0%B3%07I%A7W%D3K%01m%B9%2CL%C2o6%F9db%9A%B5%C3%AD%AD%02%04%DA%E1%B3%EA%ED%AB_PA%3B%AENmv%014%3B%E1E%2F%29%B7%84%DD%09%86%C2%1C%DD%26%21%DF%B3%EE%11%8A%3E%D7%DA%3D
.c.appier.net/	1970-01-20 15:25:31	Name: _auid Value: emPgJ_a4CGGZxk3qp_dGYw
.pubmatic.com/	1970-01-20 07:23:07	Name: KRTBCOOKIE_904 Value: 16787-emPgJ_a4CGGZxk3qp_dGYw&KRTB&23130-emPgJ_a4CGGZxk3qp_dGYw

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593761836866080&output=html&adk=1812271804&adf=3025194257&lmt=1665595296&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsite.crefaz.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665595296025&bpp=6&bdt=714&idt=309&shv=r20221010&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6515394352200&frm=20&pv=2&ga_vid=976293219.1665595296&ga_sid=1665595296&ga_hid=59723141&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531706%2C31069178%2C31070291%2C44773746%2C31067826&oid=2&pvsid=1541219906748436&tmod=1682398817&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=379 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sync.crwdcntrl.net/qmap/c=6569/tp=STKA/tpid=0-f8ab4d2e-723f-4b5c-4033-b696f042bad9$ip$149.56.153.184&gdpr=0/gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aorta.clickagy.com/pixel.gif?ch=4&cm=50d1b3cc-904b-0ead-2cb2-ba977709488a&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dtssrv.com
a.tribalfusion.com
aa.agkn.com
ad.mrtnsvr.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.ca
adservice.google.com
analytics.google.com
aorta.clickagy.com
ap.lijit.com
api.intentiq.com
api.retargetly.com
aud.pubmatic.com
audex.userreport.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
c.cintnetworks.com
c1.adform.net
cdn-tc.33across.com
cdn.bitrix24.com.br
cdn.tynt.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
code.jquery.com
connect.facebook.net
contextual.media.net
core.iprom.net
creativecdn.com
crefaz.bitrix24.com.br
csync.loopme.me
d.turn.com
data-beacons.s-onetag.com
data.adsrvr.org
de.tynt.com
dis.criteo.com
dmp.truoptik.com
dp1.33across.com
dp2.33across.com
dpm.demdex.net
get.s-onetag.com
global.ib-ibi.com
gocm.c.appier.net
googleads.g.doubleclick.net
i.liadm.com
i6.liadm.com
ib.adnxs.com
ib.mookie1.com
ic.tynt.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
loada.exelator.com
loadus.exelator.com
map.go.affec.tv
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
mid.rkdms.com
ml314.com
mweb.ck.inmobi.com
mwzeom.zeotap.com
onetag-geo.s-onetag.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.mediawallahscript.com
pd.sharethis.com
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
ps.eyeota.net
pubmatic-match.dotomi.com
px.owneriq.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.tribalfusion.com
secure.adnxs.com
simage2.pubmatic.com
simage4.pubmatic.com
site.crefaz.com.br
spl.zeotap.com
stags.bluekai.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.sharethis.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
tags.rd.linksynergy.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
visitor.fiftyt.com
waust.at
whos.amung.us
ws.rqtrk.eu
wt.rqtrk.eu
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
aorta.clickagy.com
104.16.112.154
104.18.19.39
104.18.35.34
104.18.99.194
104.36.115.109
104.36.115.113
104.36.115.114
104.45.178.220
104.97.114.133
107.178.246.49
107.178.254.65
107.20.181.84
108.138.106.126
108.138.128.28
108.139.29.24
108.139.29.7
139.162.78.222
141.94.171.215
142.250.80.2
15.235.42.104
151.101.130.49
151.101.193.44
162.248.18.10
169.197.150.7
173.223.57.84
173.231.178.83
178.62.202.251
18.157.92.103
18.164.124.103
18.214.164.27
185.167.164.37
185.184.8.90
193.122.128.135
195.5.165.20
198.148.27.139
199.127.204.171
199.187.193.193
199.38.167.130
200.95.188.69
2001:4de0:ac18::1:a:1a
207.198.113.86
213.19.162.90
216.200.232.253
23.192.50.25
23.192.61.21
23.195.100.26
23.52.165.180
23.92.190.69
2600:1f18:4e9:5a01:9d9d:28ed:7091:e8f1
2600:1f18:ed:550a:18eb:75ae:dc51:d648
2606:4700:10::6816:4bab
2606:4700:10::ac43:8f4
2606:4700:10::ac43:db6
2606:4700:20::681a:507
2606:4700:4400::ac40:98f5
2606:4700::6811:190e
2606:4700::6813:ac6c
2606:4700:e0::ac40:6a19
2606:ae80:1451:19::1400
2607:f8b0:4004:c09::9c
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80d::2003
2607:f8b0:4006:817::200e
2607:f8b0:4006:81c::2008
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::2003
2607:f8b0:4006:820::2004
2607:f8b0:4006:823::2001
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:4cb8:1820:80ca:50f7
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42::300
3.134.32.50
3.136.124.95
3.211.100.251
3.212.123.192
3.217.159.252
3.218.193.24
3.226.175.232
3.81.223.235
3.82.239.128
34.102.163.6
34.102.253.54
34.111.234.236
34.150.170.96
34.232.121.75
34.247.240.231
34.98.64.218
34.98.67.3
35.190.60.146
35.201.96.126
35.207.24.140
35.211.178.172
4.78.226.233
40.71.11.141
45.55.120.93
5.161.47.120
50.16.174.192
50.57.31.206
51.89.24.70
52.0.156.250
52.203.100.41
52.223.40.198
52.3.27.31
52.46.130.91
52.85.61.80
54.175.87.114
54.227.239.48
54.232.190.40
54.87.99.102
63.251.114.182
64.58.232.176
67.202.105.24
67.202.105.32
67.202.105.34
68.67.160.76
68.67.179.164
69.169.86.39
69.173.151.100
69.90.254.78
74.119.119.150
74.222.140.158
76.13.32.147
8.43.72.98
99.84.119.117
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0517819f0901d9fc23641bc20f4e2803281384dbc630010cc51461d5accbcc07
055e578a53d9f5a28f795669cc5debafbd18b9299bf76c763f4effa12c3a0c16
062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce29307e2c6f727da0958e18f69890fae42e551944d552f1940bd5fa89233b8
12ca35c900cba6ab54d67e6b2d68576c15393f89cbc7e34b8ba1b175571c6836
144033a122bb4e6718fdfe3bdf0681bae01eecb10adee97b60f82b07782fbb37
144250ab3d941df7a0674f8bec925b98c52cab8cbed693ae8a42b09d98b34a05
161ecd6fd57fcb3b90b9d6dd278f9ee0ec8b54e826ff303a897003e9b735ffd5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1c06835b9a36f8b7a5c9b5217ee934661d95764f18d96d9478a99b69785a95f0
1c5f791c0e52380d5a9eb3373f416ebdc3d612a341e04474527325b73acb5f59
1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473
1fdfeb12aa655587de00e291c7d150cddae83f70b70bcaf4b09f1934ee1ce101
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009
3441a7abe717dfbaabf6d203bf0008304c79cbf4cd522a759f079e8bbcbf4409
3514e5a930e7bfe3750cf284c81c92a3e9ae8c6734d203576f791baec8adaef5
35fbb6dc3891aacaf1ffa07abec2344fdbc454aab533a2a03bcf93577eb7837b
3618f6d58cb26b817eac329bed1320ff09d669ebfcbc0152e052d7596de1255e
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
396c964c85a9b2e9a380bb18b1f6d51960f2bc7f7d4fd2bcf4754fc0ac443cd0
3a08c09f7004688e621be6b48769b2a4d3eb84256805d88ebda95ac33e6f1068
3b3a15a8665a14baf283938a12b3286e43bd7e83d73d0ce3b5ab8a65d0baa2da
3b431f3de5278d3a68afb8199755ffa976125e150b5d873dc1e69a6d8e4c1af7
3c5e8c6ad66d889f3f73d3bd1d0f2e4945ebfbe47d28162ee206cd1b9e75d561
3e86250780a5aa52bcbceec8988230c96440f6f61d0681a0cdd72446bcc0d96e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41baa0abe257cf1bdec11e7edd90b02f165fcda00b40e9f6675687f11a719407
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
47b69299fcdc714a44c75167a15c62f244f2cc7983a63ba14e280fcf42a8900e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4a9c41b2af8917f97b154c8396a1bf8537e46bc60e14caaf689aecc83c05c6c8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bee93474553372fbffcb8f0540484dc3128ce35916149a262662d4b6695562c
4c618d9def8f2e5c7e46f7e7d55a4a5bb1254759551974f0ba70598837812139
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
505fff817f37d43899275853aa6d6f4f3644b6abe2c420ad9cd6caab1ef147cb
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
53ad54d5b99de86b2e45884cc5ce6be7c2e5f35ad1104972bfb49d01aa825b1d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57f461d70ea6aa694687fb33c4ee5987c2f4f45122ad378406920842dfad3d18
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
5e25a3e464e48f9c7fbb3122c66b7840570ac5a5915061e67a530acdc96f4d2b
608a5bab291239d703eb2d84f60e40565aef3ee7219b48ab0f668a0821e5a62a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62e9d700a9082a651ffa0c9a5e8dc43b7877049d2b66573be2195497ac1fa477
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
6481774286cd0e449c74982b84b762ab357ffac99839b8ce915453216eaeb73f
664867dd66ad3ab253d04b78295013a661256585d911b6ce0027cd0e9e0bdb85
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cde34c52a4f984caf80c2bbc4083e7bf94a795421870030570f3665c296a6eb
6f60a9fccc28f3949fb5c1c4ecad4fe0cfe3971840c8300d29e9cfa20b0964cf
6f7ee71569e4a1e4bc39d3516786f0f662a89bc3732260405f608fcb44cce011
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120
7077a374fc09bd4d82f0c7c6ec9df535ec55adb2620b6033b4ae5e0da218cee7
72f622f837cd8245cb52142b229894d797a781ee2797672806fc486b6b66e4d5
742451fdc2781b02e4d414c5cb363fe035e482856c13245e3c96c00872995d74
78009d649db9f062dc6e568dd4f35e634440b36534d063f788f465af1f3397d9
7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3
80249a2f6817dc753bbe9f7608345175b8258c28732d424dc39e32c8b481ee9c
80a314118acf197b6c359ed5dfed4ebe0727d7b9ff3b2a8c3559fe6e3ddfb702
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
869f11c63d760ad4d6e2c701c3e091e869753489ac8c81e629ee8b3b87d013c5
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
89491f6c4eb5fc95c1deb950756db1956fa3b815bf914ae841ab08937d063b48
8ae72c845b5c6499279e87cd189cba9263e397b753a6bb5fe21b7b058f7bcaff
8bec5771ad67efd82ca2d22b0543ffe210aa2533cc2c792f015d53729372cc28
90a819d1bcd53371315ffe59df7224a76e07f597c721fbf84876c07965c82a9b
937458495c30f567aeafe715f0164bfe061ab17aee4a34aabbf191f69a6d32ae
93ab8ae2581efb90c20445709b7402e82bf74100b1446860305bb5d118917775
96005966e305fb5a2e97fcdc373d73c8259c12374a6fc4e0cda3095fa8a742df
9851f295477d310f11cfcadd7d95aa3e6b4f31139d38fa5a7327bb1a04e3fd69
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
9968833c18eb01f63a79d31005d04b5135929c900cceafe2ddc3a768ce4e53e0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a3ea25af9b6e70d61287ebbd186c5f43ddc41206fdfc25bfca2a96771673265
9d885c0f8004af3a49f5dabd6ec055095b6bfff710d5dabc88d21b8816f13384
a1d2dba5edbc20671a6779e8565388793fe281768e04dc36d59a907127b4cba4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d0f05d3285489d0eb6c6e381f3f9acf3092b5af1eb828a3119216a9b16189e
ab3b48a51fa0095c9e114541d037ed9b9fafe81273146dc654d7038281e5ce79
ab94a17042d33ca880f6ab7c69c351c3a61fc7cdd7a69a8119a18b9e5d630696
ac43816191cfae689b750c052a1a905bf0ee5db8305e0f224eac3d2a2af592e7
ac4825575e4b725108ed6e82ef04ea3a60ff7ee97280f4a09e61192810d832df
ad11145991e8936d18d8908d4666b783b5a03446148a0b594c14c6d4f33345bc
ade7199cfea494eec26ab3a8a57a55165c853af99da82ac1b864e63a7ee0a473
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4a06c28ba3e48956f7f427cd4cafc7e34e6c2b97f918dc5ed1b1f4878c91ed2
b4f35e74abd99327074cd14cd3d8b762077b214d1149d8f08128117593ba1e81
b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957
b88b79c11133b62028e896587f9beaab3a317d2f47a16025d89c267456668961
bc20c3741d80467d0868bf4ab3a6bd38e08f833945d45872b4a0357226a0fbc7
c0f91855a9bf8845ff8bb9d54ca750789fcb5ecf954cfd76ef0296b74f5d4d11
c11ac6e82a7872d2d8fc94ccc52b128a64d4ce03911b0382fd4f7053aba4b834
c154633ef0224cdcab68ab42a907a64049442888cbca75573ae614e8b82caa54
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2554a95aa2ea2a3cb5e458b06a85efbe323e340cfaf5b09f7786594a80cef10
c3a8782bbe8cd0610acc3f91da27e1d89a86cb7049fd4146a833f0518c112ec3
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
c7f767853da9a758b87507dc44d12e7e5c031453e02a1c31feda19bc8009c730
ca73adfaf208532963e6b2a40e354ded272faab763e2087f652cdeae529714b9
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caf00dccdfb24b237c2e763929bbdbf10d64d66606688390a39c6456fbddb409
cb09ab0572c6a6549a782e2843218c00285cb737ae50fe29a5061ca96aff0234
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc0f5dc4176226e318f7096353fbd790d9046c3c78c6de1aa2890079c88d97f
d013a6de9e987ab26608691e58c0e9a9f879aef05bc72b9fb92b03e28e05004e
db239e8fa9839ac396a7d0c95eade99a91c935fe96ef1d079808c49e23b449ed
dbe72f09a91d311ca2a7a553b9758a1339ad65a31ca84bd303a42dcda826d47d
dc6eccd8948d95d96d58b20b3bc73b6ae6eb3f5b72291bc89d7e832d5756bc91
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
dec6ed059e17c28d42fb8a1ed8331a8bf33ef2e4f5da5e685bcd9499570fa558
e103e0b2ee95473cac5b4665d9994e04f17ea14e9492d40e31d190b9c4c7ed4c
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
eee6ef188662ab76c29c720cab899af19bad8153a9c86d548d90b3fa46886fc9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efca06dea03245a162c8c18772260ce4a497562aa3dd18c0013b99ae865cde8b
efee2450affa4241e2011810ad188ff037a977fe212e8698980a914ecd0d0e81
f359c23ee53e4d5e0d2a6714f18c26aa6001375eb5022db491c8025e6cf331d3
f4828ec758c63effea6e9715577aa6f42a28978d622c5da8ecb7fdd464a95714
f69f152ea4d7cc6732614a2d022898ff0226b38a1e42396eb86c946d59c46457
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f830833b6661d5fb63e23d3d245e91edc7c52aa547ca19eca7c91c7570483975
fca354380eb0e64845aeafe51483741f9613dc02e12c9d320f8d767ef4a66708

site.crefaz.com.br Open in urlscan Pro 200.95.188.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

299 Requests

72 %HTTPS

23 %IPv6

104 Domains

143 Subdomains

84 IPs

12 Countries

9437 kBTransfer

14416 kBSize

226 Cookies

13 Outgoing links

Redirected requests

299 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

site.crefaz.com.br Open in urlscan Pro
200.95.188.69 Public Scan

Screenshot
Live screenshot

Full Image

299
Requests

72 %
HTTPS

23 %
IPv6

104
Domains

143
Subdomains

84
IPs

12
Countries

9437 kB
Transfer

14416 kB
Size

226
Cookies

299 HTTP transactions
1 data transactions