urlscan.io logo urlscan.io
SecurityTrails logo

iraidesousa.com.br Open in urlscan Pro
192.185.177.61  Public Scan

Go To Rescan Add Verdict Report
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Submission: On August 24 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 36 IPs in 3 countries across 35 domains to perform 159 HTTP transactions. The main IP is 192.185.177.61, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is iraidesousa.com.br.
TLS certificate: Issued by R3 on July 19th 2023. Valid for: 3 months.
This is the only time iraidesousa.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
29 192.185.177.61 19871 (NETWORK-S...)
1 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
13 2607:f8b0:400... 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
1 10 2607:f8b0:400... 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
1 142.251.40.226 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
9 2607:f8b0:400... 15169 (GOOGLE)
2 2620:100:a001... 19750 (AS-CRITEO)
3 2607:f8b0:400... 15169 (GOOGLE)
6 23.52.163.93 16625 (AKAMAI-AS)
7 23.77.172.28 16625 (AKAMAI-AS)
2 4 2620:112:f002... 6336 (TURN-US-ASN)
3 20 142.250.80.2 15169 (GOOGLE)
4 4 2606:ae80:147... 25751 (VALUECLICK)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
2 2 69.90.254.78 13768 (COGECO-PEER1)
1 1 31.220.27.135 39572 (ADVANCEDH...)
2 2 52.71.238.40 14618 (AMAZON-AES)
1 1 52.71.215.87 14618 (AMAZON-AES)
1 2620:116:800b... 14618 (AMAZON-AES)
1 1 18.211.192.157 14618 (AMAZON-AES)
1 1 199.38.167.131 54312 (ROCKETFUEL)
1 3.135.132.32 16509 (AMAZON-02)
14 2620:100:a001::4 19750 (AS-CRITEO)
2 74.119.119.147 19750 (AS-CRITEO)
3 2620:100:a001... 19750 (AS-CRITEO)
1 2620:100:a001::9 19750 (AS-CRITEO)
1 1 35.214.155.115 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 38.68.201.140 174 (COGENT-174)
3 3 35.211.178.172 15169 (GOOGLE)
2 2 52.206.103.177 14618 (AMAZON-AES)
1 202.233.84.1 131957 (MICROAD M...)
1 74.119.119.150 19750 (AS-CRITEO)
1 1 52.45.175.185 14618 (AMAZON-AES)
1 34.160.55.127 15169 (GOOGLE)
1 2620:100:a001::3 19750 (AS-CRITEO)
1 104.117.182.27 20940 (AKAMAI-ASN1)
159 36
29    192.185.177.61 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: br184-ip04.hostgator.com.br
iraidesousa.com.br
1    2607:f8b0:4006:807::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4006:80f::200a (United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
13    2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2607:f8b0:4006:821::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
10    2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    142.251.40.226 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net
www.googleadservices.com
2    2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2607:f8b0:4006:80b::200e (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c08::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4006:81c::2002 (United States)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
7    2607:f8b0:4006:816::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
9    2607:f8b0:4006:81f::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)
ads.us.criteo.com
3    2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    23.52.163.93 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-163-93.deploy.static.akamaitechnologies.com
contextual.media.net
7    23.77.172.28 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-77-172-28.deploy.static.akamaitechnologies.com
warp.media.net
lg3.media.net
hblg.media.net
cs.media.net
4    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
20    142.250.80.2 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net
cm.g.doubleclick.net
4    2606:ae80:1471:1a::1370 (United States)

ASN25751 (VALUECLICK, US)
dclk-match.dotomi.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
1    31.220.27.135 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
2    52.71.238.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-238-40.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    52.71.215.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-215-87.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    2620:116:800b:21:1456:d0e1:7db4:a56b (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
1    18.211.192.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-192-157.compute-1.amazonaws.com
fksnk.com
1    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
a.rfihub.com
1    3.135.132.32 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-132-32.us-east-2.compute.amazonaws.com
sync-dmp.mobtrakk.com
14    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
2    74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)
cat.va.us.criteo.com
3    2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)
csm.us.criteo.net
1    2620:100:a001::9 (United States)

ASN19750 (AS-CRITEO, US)
imageproxy.us.criteo.net
1    35.214.155.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.155.214.35.bc.googleusercontent.com
csync.loopme.me
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    38.68.201.140 (Levittown, United States)

ASN174 (COGENT-174, US)
aep.mxptint.net
3    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    52.206.103.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-103-177.compute-1.amazonaws.com
ads.avct.cloud
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
1    34.160.55.127 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 127.55.160.34.bc.googleusercontent.com
akl-navvy.media.net
1    2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)
rtb.va.us.criteo.com
1    104.117.182.27 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-27.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
Apex Domain
Subdomains		 Transfer
32 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
stats.g.doubleclick.net — Cisco Umbrella Rank: 93
cm.g.doubleclick.net — Cisco Umbrella Rank: 242
67 KB
29 iraidesousa.com.br
iraidesousa.com.br
436 KB
22 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
353 KB
18 criteo.net
static.criteo.net — Cisco Umbrella Rank: 621
csm.us.criteo.net — Cisco Umbrella Rank: 2806
imageproxy.us.criteo.net — Cisco Umbrella Rank: 2813
62 KB
14 media.net
contextual.media.net — Cisco Umbrella Rank: 660
warp.media.net — Cisco Umbrella Rank: 2854
lg3.media.net — Cisco Umbrella Rank: 6811
hblg.media.net — Cisco Umbrella Rank: 2292
cs.media.net — Cisco Umbrella Rank: 1532
akl-navvy.media.net — Cisco Umbrella Rank: 19399
148 KB
9 google.com
analytics.google.com — Cisco Umbrella Rank: 166
www.google.com — Cisco Umbrella Rank: 2
2 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
472 KB
6 criteo.com
ads.us.criteo.com — Cisco Umbrella Rank: 2725
cat.va.us.criteo.com — Cisco Umbrella Rank: 2781
dis.criteo.com — Cisco Umbrella Rank: 626
rtb.va.us.criteo.com — Cisco Umbrella Rank: 5882
81 KB
4 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3135
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 864
r.turn.com — Cisco Umbrella Rank: 4052
2 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
249 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 352
2 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 222
170 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
192 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 4442
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 817
s.tribalfusion.com — Cisco Umbrella Rank: 1944
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 734
2 KB
2 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1274
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
21 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 150
partner.googleadservices.com — Cisco Umbrella Rank: 1120
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
ajax.googleapis.com — Cisco Umbrella Rank: 366
33 KB
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2467
296 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 13661
521 B
1 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 6916
641 B
1 mxptint.net
aep.mxptint.net — Cisco Umbrella Rank: 5973
731 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 918
256 B
1 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 2050
1 rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 3185
1 KB
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4925
614 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 798
464 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1567
638 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 10942
288 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 357
643 B
1 gstatic.com
fonts.gstatic.com
16 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 334
30 KB
159 35
Domain Requested by
29 iraidesousa.com.br iraidesousa.com.br
ajax.googleapis.com
20 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
14 static.criteo.net ads.us.criteo.com
13 pagead2.googlesyndication.com iraidesousa.com.br
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
10 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
www.googletagmanager.com
googleads.g.doubleclick.net
9 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
iraidesousa.com.br
7 www.google.com iraidesousa.com.br
googleads.g.doubleclick.net
tpc.googlesyndication.com
7 www.googletagmanager.com iraidesousa.com.br
www.googletagmanager.com
6 contextual.media.net iraidesousa.com.br
contextual.media.net
googleads.g.doubleclick.net
4 dclk-match.dotomi.com 4 redirects
4 www.facebook.com iraidesousa.com.br
3 x.bidswitch.net 3 redirects
3 hblg.media.net googleads.g.doubleclick.net
3 csm.us.criteo.net ads.us.criteo.com
3 www.googletagservices.com googleads.g.doubleclick.net
iraidesousa.com.br
3 connect.facebook.net iraidesousa.com.br
connect.facebook.net
2 ads.avct.cloud 2 redirects
2 lg3.media.net googleads.g.doubleclick.net
2 cat.va.us.criteo.com ads.us.criteo.com
2 sync.srv.stackadapt.com 2 redirects
2 ums.acuityplatform.com 2 redirects
2 r.turn.com googleads.g.doubleclick.net
2 ad.turn.com 2 redirects
2 ads.us.criteo.com googleads.g.doubleclick.net
2 stats.g.doubleclick.net www.googletagmanager.com
2 analytics.google.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 qsearch-a.akamaihd.net
1 rtb.va.us.criteo.com googleads.g.doubleclick.net
1 akl-navvy.media.net contextual.media.net
1 im.bluevoox.com 1 redirects
1 dis.criteo.com googleads.g.doubleclick.net
1 aid.send.microad.jp googleads.g.doubleclick.net
1 aep.mxptint.net 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 a.tribalfusion.com 1 redirects
1 csync.loopme.me 1 redirects
1 cs.media.net contextual.media.net
1 imageproxy.us.criteo.net ads.us.criteo.com
1 sync-dmp.mobtrakk.com googleads.g.doubleclick.net
1 a.rfihub.com 1 redirects
1 fksnk.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 beacon.lynx.cognitivlabs.com 1 redirects
1 s.uuidksinc.net 1 redirects
1 px.ads.linkedin.com 1 redirects
1 warp.media.net iraidesousa.com.br
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googleadservices.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.jsdelivr.net iraidesousa.com.br
1 ajax.googleapis.com iraidesousa.com.br
1 fonts.googleapis.com iraidesousa.com.br
159 53

This site contains links to these domains. Also see Links.

Domain
pt.wordpress.org
Subject Issuer Validity Valid
iraidesousa.com.br
R3		 2023-07-19 -
2023-10-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-03 -
2023-09-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-27 -
2023-09-23		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
sync-dmp.mobtrakk.com
R3		 2023-08-14 -
2023-11-12		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.va.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2023-10-13		 3 months crt.sh
*.us.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-09 -
2023-11-07		 3 months crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2022-10-05 -
2023-11-06		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh

This page contains 16 frames:

Primary Page: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Frame ID: CF4C84176AF471B51C6E71F16C8D1576
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/zrt_lookup.html
Frame ID: 3AEF4B41C3D848223731A83E95A134C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7006225001390707&output=html&adk=1314090037&adf=164220786&lmt=1692940574&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Firaidesousa.com.br%2Flogs%2FWellsv2%2FUpdate%2Fverify.php&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692904574156&bpp=6&bdt=745&idt=497&shv=r20230823&mjsv=m202308210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6550365149090&frm=20&pv=2&ga_vid=217701084.1692904575&ga_sid=1692904575&ga_hid=1435861192&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44800951%2C31077299&oid=2&pvsid=3457457031583752&tmod=1196797816&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=530
Frame ID: 2FA7CF8F608A48CA761D63252E23B66E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5FD15756ADEBA4F6DCC53F92F6DCA654
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5C014117BDFA5578D81632ED9732C077
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5A535A0CDE898C689E95A2924075FCC8
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdQE0b1jAAaOkW_2_CawOq0OebP61g&u=%7CDUwFaF9B2YeHDmuugyB%2FwiThRFfaL3ikTGsH6AD3TzE%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LYAmtQqhcMAaaM0M13B53Zx0v9GePiXJy5gHAhw1eSQ7txFvSwaT_-8sZ-Vt4BHhFNobBYX7eqtjosHYssHxhdRGnygVKbGLQDddBauQWGl3xm4rMn1CapRx3Ci0nKgepsJvexCRF8-HNYd_NurG9Kk8vGo2NMyOKIkmmDnQA5RskZZfW15PU1t7IUhuNizO1uYwku6qP55h4-BAQbowf4xDv3MelOoG1xps1zQoSV2RutELFFaFw4gLE_-CHmYBv4ubWHBgafG2N2il-h7q4W8krJ73GUjw0xjWMmF_T7nDBUXXZ4Z9ybNWcDMv0h-O7rbsfpPaUvfbqJNpGYNd6I6zgE0VG2p38hw9JwumThJPD4TUJnXRMYq-NCMqDSNB0_QMYZ5cXjCObKYiUinpwo0hhIN8q9AaF4VVJe2uQQCH9SfrLorUnodArLzZ6R7vxfmR4LmXmVFMIexMvUwi9oAGV8BYM1qdchWmSPgJ1qk0j3kpP_6trEq0Uir-Ijxqa_DOiugrtAlLbYFYoMeFSQbWaNKsgeNL3qRTapMwYQlHSS_12tEo9SiroMu9pJRDVxW7Gk2lPVu0R0yTkvVciZKRnylixOcjIa4LnHc_8JiFUCjnO4NGnPY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC479DfqznZNTjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6AFP0OKTY_Qr4KucnILewLhpDYuLE7wWOze9l-lXTidg4Zjnkfk1PaySykhfe0_Nff8aVREhN-4IvbhvQXICvyKv0X_UnS4pw2D-SYvI1SmfKUQmz4z6EkIp9bHr-Ex8uZLpWuYnNB3R_7vxnmS3Qp0we7mFY6KfFtI2vphYqYUGA4_bJiqlDxoXAkhaHbIHwMa5FYv2yS61fE5HErmTjlIk1gb24ET4JuP0zYMbVDJxHVyzuoW3ie3PaPLQwrdCSqbNZV1HD1VTTksi6Eub-oaLegm7yrjl6F0QzYEIQ1z4LxUdcFYJE9KhgAb-waHY3IPfnTygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2O-ttnmBQiI8U0CT9q9N000uB2hQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Frame ID: 2B6DC7BD09546E4722B7161C2FBB5492
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A0D66BF9313785ACDE6625295982A3FA
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BAEF61B428FE0D5B123011617D8A05C6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 43AE2607D0F18366D561033515755FF8
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV&ydspr=1
Frame ID: 345DD39EC89D261D72584A1B5D17B045
Requests: 15 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdYE0b1jAAaOkfiZbXHLgOCyRWnN7Q&u=%7CDUwFaF9B2YfRSNMt%2FmyITQCrLJApoXBInEyOaus0i%2BI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkpnon-rZw824BHZdc-ZE1BYy6Co5_rQm5BXHtIz5S66DJIQFa_b46W9ZRqqnZG13EG0AXn1N-fkb7_G5e3HoWce09Js6Qs7_0r6cF90IeX5HMU96YNrNReKtNeWZyUsdg6e2XuW8uKRQOhHTAeKHGXm2VRYbFEjkK_YrQPk3sp34lHyeEvDQOfAWAd2ravZm9RZpHxS7QrmEqjWjzO8fx8M1Hqz4EnXS7GvfwuV93Tw5R0G4pSob6z5eNhimHdRb6OWyTyRTJC3plW4JIZOycxf77LEX-LHLz77XdrsMf3lHNVYp0inrmp6Erw88GQW8-DK6ZqZzgscwHZUkYTDgmvlxArUGgDbhqssD62UGOWDzwvOpeydZELnOjmIOioIfD4CmSu2MCzK8NDP7Vs-9kEVbksQdzgT-XvKxoEucyr8t5SLojZDWbZePuoAi_M-jOY98P_b6vYmiJY3aABKXp1KgQbdE6Mmq-20S1NT0QMGiltLVTZa-F7s0bG5kDS1WRg6rK6nwI1vFA09n_0n3CvnUgezTh8QwMiysXdBlWB7mImBqglR6PB8Z4MdGVgSNq8kIMJpIP5XvCKy0viyipfoEPU5L71J-myAb882ERE_4VyjeActw3m4mniKSwCzVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC46kfqznZNbjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6QFP0EIiS9QVx_QyWJht4w_K5ytyNAF-6GVHFBZIbsYrg5wtIpxzeaUBMn_AnkzcsVG5hQ0JxopA6QmMdneuURZZe10_vjSYmoPjbbzkfsHdECQSvQV9lPH-ASVp1eSZ18bKKavngIrpGeHnkMvaWl0djnSzBOW6lBhCgTsYCuXQgFujxjxeBZgzP5BO2CVKYjwiGp-G0ez08Yx9ZVcKW-9VvLqyf_gz9J1d8eNqw2K0vFJM_aDfrfg4VJT9kYajtQQP3-UYP3Ho4Fipi4vWLEETjL9B3hcNRR34b5oXr9uZ6re80uZQxwibIoAG_sGh2NyD3508oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_30J-szFxU1w_8KyERk-zUkQn25jQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Frame ID: 9DE856F2DEB8126717169493C1C10B26
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4BB6BA574E6577822DB2E69AACDB772B
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2832&&kkdd=A*%7Ch%7CH*39nAu&.d=aJuYuT7gEJagEgJJJgg&xU-f=T&V_-v=T&*U.=aTgu&X_*L=BY5g&*dU=imjgl~akI&*-*U=y5Lu(W0QCaP2jexQ!DUydK%3D%3D&*fdU=JYYEga7gg&_dCL=aJTQJTT&**=jc&_*=rB&*y2V=t3lsF0o&-dU=ikF~70YiA&X-dU=PsrgAaP&yXX-_=a&fff=XClOyB*GOBuRpYphn2.*iDJ*xL_Vbbj86o~OCyOr~GOgdfUEnLvqLF(d.IGjUX9V2Uob-Xp-.n7PQC(T5x4DyK%3D%3D&2_L=g&GK=a&6xU=7&vUXa=imjn5gh0e&vUXY=gg7JiuJEi&(UvXv=_UY%3D26GGZd6fGRG%3DaTZpxLf-V%3DTwYEZ.KRLQ*%3DTwuaZ.d_R_U%3DgEuZ6fGRf-_R(%3DiwTEZUpVR(%3DTwuiZU*Y%3DaZ_*U%3DDGZfvL%3DT%2CTZ.Rv_2%3DuTTuZUpVRG%3DYTZ.GYfR_U%3DYTY5TiY7TJZd6fGR(%3DEa7wJ7Z6fGRX)*%3DTZ6fGRfYvR(%3DTZ_XU%3Da5a7TuTT57Zsk%3Dw1.Lfdw1ZfvX%3DTwTTT%2CTZGv_X%3DZ*.px%3DYwTYZ.d_R6fGR(%3DTwg7Z.GYfRdR_U%3DYTY5TiY7T5Zd-%3DopUt)-D2uW)dDv7koV_9sZD((%3DTZ.d_R6fGRG%3DTZfdd-6v%3D5g%2C5gZLX%3DaJZf*%3DaZfd_6dU%3DT%2CTZ.GYfRdR(%3DTwTaZf-_R_U%3DYTY5TiY7aYZ.d_R(%3DEuEwg5ZfvU.%3DTwTTT%2CTZ6fGR(%3Daw7Z.GYfR6fGR(%3DTZ.GYfR6fGR.d%3Da9OaJZ6fGRX.d%3DTZ6fGRG%3DaTZ_G.%3DYiwJgZx*vX%3DOaZ((%3DauJZ..%3DTZ*.GYfR_U%3DgiYZfD.%3D7YwiYZGYfR(%3DaTTTZLf-V%3DTwYEZ.GYfR6fGR)*%3DT9TZ(V%3DaZf)L%3DT%2CTZfvU-%3DTwTTT%2CTZv5-R(%3Dgwau%2CiEwagZ_dU%3DJYYEga7ggZ_U%3DaZ6dU%3DYNvA-XfXGL~Ftu.t.xZ6fGRf-_R)*%3DTZ*.GYfR(%3DYwTYZ(XU%3D5Tii7JJJ7aui55aJiaTJgia55TEaiYTTJ5aJg7iY5JaT7u5TTYE7Y7gEaaETT5YEi7TEJYg5u577YY5gYaJTEggYugETu7EJJi5EEJTZ.K6%3DTwuaZUY-RG%3DaTZ*.GY%3DYwTYZ5-*D%3Duuiwg7Z6dV%3DTZf)X%3DTwTTT%2CTZUVVR_Xfx%3DyvfVp2WZUY-R(%3DaZpxUY-R(%3DTwuiZ__%3D03Z**%3DjcZ6dK%3DOaZ*L%3DTZf-_R(%3DiEwagZ6fGR_f-_R(%3DiwTEZf*.%3D7YwiYZmN%3DYuiuZf)K-%3DTwTTT%2CTZ)(R6*%3DOYZ2X_%3DYZ)(R**)_%3DOYZskY%3Dw1.Lfdw1Z*X%3DXvV-vZ(__RhP8%3D03%2C03Zf)KU%3DTwTTT%2CTZ(v_d_Y%3DauJZ(v_d_a%3DauJZd_lLD%3DTZkr%3DTZd_dD%3DTZ6fGRf-*R(%3DTZ(dU%3DTwYEZU*%3DiZ6fGRf-_Rf.%3DTZ.GYfR(%3D5wiuZ*(U-%3DTwagaZ_U%3DaZdXW-LRdU%3DaEZ_LGGLfRXvxRdU%3Da5a7TuTT57Z_6--GWRXvxRdU%3DZULXL*XLURXvxRdU%3DZ.dLKv(dGdXW%3DTwuaZ-p_%3DaZv*RXW-L%3DaZvU(G)%3Da5a7TuTT57ZvV-%3DaZpx(dU%3DTwYETZ(DGf%3DTwTaTZ_6dU%3Dm39c9kn-Oua5.t5jkI(r-eDO7LpZUX*%3DLv_XR_*ZUVVRLf-V%3DDvG_LZUVV%3DyvfVp2WZ(U-*v-U%3DTZUvGx%3DULDv6GXZ_p(-%3DTwa7ZQdU%3D3q!O-6(OETTJYYgTTa5uTETEZyXVG%3DaZU*6X%3D7gZUpx(%3DTOaZd(*%3DaZ2_C%3DYZXx_%3DaYTQJTT%7CaJTQJTTZ(_(%3DTZ(_-%3DTZXVQ%3DYga&2X.=T&VVV=6!p_0DNq49)%3D&dK=T&d2NDf=a&(UfNU=Yu7&(dU=55Euug&V*D=ETaJT&WU_-f=a&(vL=n7vxvLCnQ0&)vX-fL=a&)v_X_=X_XW-L%3DOaT7Ti%7C%7Cx(dU%3DOa&)vX(dU=OYa&)vXdU=iTiTgi7iT&)v-*=E&)vG_=XXW-L%3DaTTau%7C%7C-X%3Da%7C%7CGVdU%3D2v%7C%7C*Xf%3DTwYg%7C%7Cf-*%3DT%7C%7CXXU%3Di&)vXv=vXp2&)vGpx=cNq%3Di%7C%7CtNq%3DT%7C%7CskPq%3DJ7T%7C%7CcN%3D55aT%7C%7CPkPq%3DagT7gEguEiTaagJTgJgiT%7C%7CsN%3D55aY%7C%7CPBNq%3DJ%7C%7CjjNq%3DYNv)ItdBgIbUPqy-!m%7C%7CmN%3D55aY&d_dU=Y&-xdU=-TaJEi7uuTY5XYTY5TiY7auaJ&__GU=%7B%22__d-%22%3A%22YTTa%3ATggT%3AaUTg%3ATTTT%3ATTTT%3ATTTT%3ATTTT%3ATTTT%22%2C%22__**%22%3A%22jc%22%2C%22___*%22%3A%22rB%22%2C%22__*XW%22%3A%22XvV-v%22%7D&yXVG_f*=a&ure=1
Frame ID: 974D5E719D548C5327805B7AF5C984DF
Requests: 8 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUB35KNQ&prvid=462%2C99%2C77%2C20000%2C313%2C359%2C319%2C294%2C460&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 4277003A125DEE5E6CA2B63FBD5331B1
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FBE28BF6C5DA74F0357F0985B4100452
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Página não encontrada – Iraide Sousa

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

159
Requests

87 %
HTTPS

54 %
IPv6

35
Domains

53
Subdomains

36
IPs

3
Countries

2087 kB
Transfer

5844 kB
Size

53
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10986192534/?random=1496570088&cv=11&fst=1692904574314&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Firaidesousa.com.br%2Flogs%2FWellsv2%2FUpdate%2Fverify.php&label=HT3xCPz8koQYEJb9z_Yo&hn=www.googleadservices.com&frm=0&tiba=P%C3%A1gina%20n%C3%A3o%20encontrada%20%E2%80%93%20Iraide%20Sousa&did=dZTNiMT&gdid=dZTNiMT&gtm_ee=1&auid=763497265.1692904574&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=fqznZLeSH5mloPMPsuysgA0&sscte=1&crd=&pscrd=EkxDaEFJOFAtYnB3WVE4cnIxZ3FmRXI2OUhFaVVBOGtJSHFqYjdhNmhLQjJJMTlUdm9Jc01TcFBQOHJRNWJHWDJVU1FJYkZHZ0h1a1BfGldDaEFJOFAtYnB3WVF0dURDaE15czhNMTlFaTBBdU5Ncy1DaWRyWGo5cWRxOTVrSnVXdjBmeDlzbVY0eXJ4SFQzWXo3c0V5Z3Q2WnlTZnJFS2gwSFlVTjgiEwi3ybX-gPaAAxWZEmgIHTI2C9A HTTP 302
  • https://www.google.com/pagead/1p-conversion/10986192534/?random=1496570088&cv=11&fst=1692904574314&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Firaidesousa.com.br%2Flogs%2FWellsv2%2FUpdate%2Fverify.php&label=HT3xCPz8koQYEJb9z_Yo&hn=www.googleadservices.com&frm=0&tiba=P%C3%A1gina%20n%C3%A3o%20encontrada%20%E2%80%93%20Iraide%20Sousa&did=dZTNiMT&gdid=dZTNiMT&gtm_ee=1&auid=763497265.1692904574&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOFAtYnB3WVE4cnIxZ3FmRXI2OUhFaVVBOGtJSHFqYjdhNmhLQjJJMTlUdm9Jc01TcFBQOHJRNWJHWDJVU1FJYkZHZ0h1a1BfGldDaEFJOFAtYnB3WVF0dURDaE15czhNMTlFaTBBdU5Ncy1DaWRyWGo5cWRxOTVrSnVXdjBmeDlzbVY0eXJ4SFQzWXo3c0V5Z3Q2WnlTZnJFS2gwSFlVTjgiEwi3ybX-gPaAAxWZEmgIHTI2C9A&is_vtc=1&ocp_id=fqznZLeSH5mloPMPsuysgA0&cid=CAQSLABpAlJWskD0opeD579w4lPvTDB4AgIim3gNuLsMKWIuEkHgqYu2EJ4C2cr9&random=585436665
Request Chain 90
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJTo_4n4H-6JZFvOi-j3wXQ&google_cver=1&google_push=AXcoOmR1eFtxzdJWUxeMSkU8yE-yY6_3HfJweSBH6Fo7yuJEkLsTE5mVLMEOBWIt7kK0v5YosTiO2AhaGXF6_np2G8h1N4tb9jiFKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA5Mjg2ODUwNTUxMjczNDQ5Ng==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTo_4n4H-6JZFvOi-j3wXQ&google_cver=1
Request Chain 91
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEECEn2i8njhhGoNlXlTU9J0&google_cver=1&google_push=AXcoOmR6fM7eOSD0PWEmvCcEFzV7_-djcgMOpFiKN5JSurEF08mT9JVLe6KyutG29093PeHK2H5mP3DEYiyoupW8YGSaMoHDm4iK HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=2c38f909da3d064f&is_secure=true&networkId=14000&version=1&google_gid=CAESEECEn2i8njhhGoNlXlTU9J0&google_cver=1&google_push=AXcoOmR6fM7eOSD0PWEmvCcEFzV7_-djcgMOpFiKN5JSurEF08mT9JVLe6KyutG29093PeHK2H5mP3DEYiyoupW8YGSaMoHDm4iK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJROINJnsnBgNk3uN-AAAAAAA&expiration=1692990976&google_cver=1&is_secure=true&google_gid=CAESEECEn2i8njhhGoNlXlTU9J0&google_push=AXcoOmR6fM7eOSD0PWEmvCcEFzV7_-djcgMOpFiKN5JSurEF08mT9JVLe6KyutG29093PeHK2H5mP3DEYiyoupW8YGSaMoHDm4iK
Request Chain 92
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESENdvCNoY_i7bucl_hIs4510&google_cver=1&google_push=AXcoOmQF9QhtRKgDSnLQ2qaDthP6vZ8ZNU0Q0vXvWDugzFNWNmm_UZ4mZ6G3sfTheb5YmAsClTR9P5b3dCm7nFzER9JpH5ig6HbqVA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQF9QhtRKgDSnLQ2qaDthP6vZ8ZNU0Q0vXvWDugzFNWNmm_UZ4mZ6G3sfTheb5YmAsClTR9P5b3dCm7nFzER9JpH5ig6HbqVA
Request Chain 93
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEP_iwX5LecMZw6TsAjUhHEc&google_cver=1&google_push=AXcoOmSoeFOxa6aZZTSnHqSOWovMubPwqUe8eHuwxTuS8C0S4XXCZVb8SOkCIq-1uG7Tcvy_JCG9N9-TPQRmSwi06mdEOchw7ZHBcg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=818280282682
Request Chain 94
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEBt5lmoEhW8zR8_vHMPMWcU&c_param1=AXcoOmQ-N-_ydyPaSSc9riU6iLK995DYe5wQ3-KtJ0dKdUE0XOWhzofn10NfEzA-b62bBuV_tQkLajF2DnOiourabhzeTYL7mtLmeg&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQ-N-_ydyPaSSc9riU6iLK995DYe5wQ3-KtJ0dKdUE0XOWhzofn10NfEzA-b62bBuV_tQkLajF2DnOiourabhzeTYL7mtLmeg
Request Chain 95
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKEeQ-WqcuMFczL2QYjnLQI&google_cver=1&google_push=AXcoOmQsIVeHCqYP3ikUlDqWXfBjxifLFzkSr4ASmZjQQ-iozPJh3W7OnwSxsZr6asLmNUxUKlmsiYj03fTjKvzmpLIAZ93ketXs9g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=NdFSG_awX7d9lWW1RwkgoSaEdkM&google_push=AXcoOmQsIVeHCqYP3ikUlDqWXfBjxifLFzkSr4ASmZjQQ-iozPJh3W7OnwSxsZr6asLmNUxUKlmsiYj03fTjKvzmpLIAZ93ketXs9g
Request Chain 96
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEMkt9EKXkhbEXorZLUeA74E&google_cver=1&google_push=AXcoOmSs97k5_fzFAnVV3zImVWAHDxjQ-CCeNuWj5j5ddyqOucrEvojg8U3bbleTQxQm2zkISQrCUPTgv44c3zdO2oTroXd_-i7-5w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=rwx1ZzGZo0G55UvbxqhLNQ&google_push=AXcoOmSs97k5_fzFAnVV3zImVWAHDxjQ-CCeNuWj5j5ddyqOucrEvojg8U3bbleTQxQm2zkISQrCUPTgv44c3zdO2oTroXd_-i7-5w
Request Chain 102
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJTo_4n4H-6JZFvOi-j3wXQ&google_cver=1&google_push=AXcoOmT-PAYM7gJd7V-KubjcBp48Jtf3aDb5KNYnbHk3lfL6i4sVK31x5TOX-WhL2rzbkO-fDZjapjeuuQssHc9jtOSEDnhf0FTy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA5Mjg2ODUwNTUxMjczNDQ5Ng==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTo_4n4H-6JZFvOi-j3wXQ&google_cver=1
Request Chain 104
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEECEn2i8njhhGoNlXlTU9J0&google_cver=1&google_push=AXcoOmQBfvwEVtgkvoG769xeUaf30vgZSqTVSR23IbKFk8ejpw5h5DV-eKF9itBf0-nJuUWFscrrZMyB0eh8MaSYSQ0SvnxILXSxDQ HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=3f0a39b02b7e1a17&is_secure=true&networkId=14000&version=1&google_gid=CAESEECEn2i8njhhGoNlXlTU9J0&google_cver=1&google_push=AXcoOmQBfvwEVtgkvoG769xeUaf30vgZSqTVSR23IbKFk8ejpw5h5DV-eKF9itBf0-nJuUWFscrrZMyB0eh8MaSYSQ0SvnxILXSxDQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH0rC0HCGnhgMrbHq5AAAAAAA&expiration=1692990976&google_cver=1&is_secure=true&google_gid=CAESEECEn2i8njhhGoNlXlTU9J0&google_push=AXcoOmQBfvwEVtgkvoG769xeUaf30vgZSqTVSR23IbKFk8ejpw5h5DV-eKF9itBf0-nJuUWFscrrZMyB0eh8MaSYSQ0SvnxILXSxDQ
Request Chain 105
  • https://fksnk.com/cs/google?google_gid=CAESEOkCAmxuyIH4ZrTE6HaqDRs&google_cver=1&google_push=AXcoOmQ9-of87P3QqrQ2rDwqJ9PB64Zm-r6dZXZBKZ6d63R0h1L5xRbkrLyvtGkgRCqn3bo3WbVjVu-DAxrtrTMyJTwDOFffmX6zMQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=M0FFQTVCNzFEQTkwM0NFNA==
Request Chain 106
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEP_iwX5LecMZw6TsAjUhHEc&google_cver=1&google_push=AXcoOmTlJ1dylzkBa-6_Hj4PqjrQiXfBCMBwR6HTut8aSs9Y2TI5VzIm_QHvd7dRKk8BUMK3o66oXXybyJ4STobzUBdAOdClA3crzw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=818280282682
Request Chain 107
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESENNg_mS-6gcy5uhBV4CZHrM&google_cver=1&google_push=AXcoOmRdLVWqPDqwOE2dVWAQK9EFlWobHLNTD3juhr41ydp_8Xe-2HAt7fugoNYUJIXQ7uOFuN3B4siGsQOPH8en5lr-hbLBG5Eo6A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRdLVWqPDqwOE2dVWAQK9EFlWobHLNTD3juhr41ydp_8Xe-2HAt7fugoNYUJIXQ7uOFuN3B4siGsQOPH8en5lr-hbLBG5Eo6A&google_hm=MjQwMDM2MDAxMTQzNTgyMzg2Nw==
Request Chain 134
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzM1OTA2MTc2MTUyMzU2MjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEJ9-7_36ZW5YSGl9OV4JWoU&google_cver=1
Request Chain 135
  • https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26ovsid%3D%7Bviewer_token%7D%26type%3Dloop HTTP 307
  • https://contextual.media.net/cksync.php?cs=1&ovsid=079cca8f-ca21-4704-bff9-5f4dc7ad43d9&type=loop&gdpr_consent=null&gdpr=0
Request Chain 136
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJ_bOWOlWVFRadTY_DaxH-E&google_cver=1&google_push=AXcoOmQJg4F1PsAqBubcS9TKo1piWAZ4VVQMVxbDEIQWvXPjP3f9hrPMMl18XO6ix38g3rOhbrGYo-kTf_DvSsrXynt08jHAX8QARAw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQJg4F1PsAqBubcS9TKo1piWAZ4VVQMVxbDEIQWvXPjP3f9hrPMMl18XO6ix38g3rOhbrGYo-kTf_DvSsrXynt08jHAX8QARAw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJ_bOWOlWVFRadTY_DaxH-E&google_cver=1&google_push=AXcoOmQJg4F1PsAqBubcS9TKo1piWAZ4VVQMVxbDEIQWvXPjP3f9hrPMMl18XO6ix38g3rOhbrGYo-kTf_DvSsrXynt08jHAX8QARAw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQJg4F1PsAqBubcS9TKo1piWAZ4VVQMVxbDEIQWvXPjP3f9hrPMMl18XO6ix38g3rOhbrGYo-kTf_DvSsrXynt08jHAX8QARAw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 137
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEEOPxWeXJNoWndJTYcVx1HE&google_cver=1&google_push=AXcoOmSI4IekZdARE-pflGZyeFn1mQZTzkpAgldNyhFGpxNzVle__co_M498Tr3cMX3Ly-p5gw0fObl4PvLizmq7UtbdeewMgZuh5g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmSI4IekZdARE-pflGZyeFn1mQZTzkpAgldNyhFGpxNzVle__co_M498Tr3cMX3Ly-p5gw0fObl4PvLizmq7UtbdeewMgZuh5g&google_hm=UjM1Q0E1XzEwN0VEMDI2NF8zODQzNDc2Ng%3D%3D
Request Chain 138
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOhLwxqJh3CnS0Yt9uT_lNA&google_cver=1&google_push=AXcoOmRtV0QrYS354tszyvByEh0k19WdTDMDE-hH81ycf11o5IlVKVNnb47_U1Ml1ruhOsCaB30bfzXIx2AJ1hM3TwpEDtXV-2QOBYA HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOhLwxqJh3CnS0Yt9uT_lNA&google_cver=1&google_push=AXcoOmRtV0QrYS354tszyvByEh0k19WdTDMDE-hH81ycf11o5IlVKVNnb47_U1Ml1ruhOsCaB30bfzXIx2AJ1hM3TwpEDtXV-2QOBYA HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=021b4fa1-a022-44f4-883a-c6c6648ac39a&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRtV0QrYS354tszyvByEh0k19WdTDMDE-hH81ycf11o5IlVKVNnb47_U1Ml1ruhOsCaB30bfzXIx2AJ1hM3TwpEDtXV-2QOBYA&google_hm=WyPkL3N9TIedckJcQkQxwA==
Request Chain 141
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKEeQ-WqcuMFczL2QYjnLQI&google_cver=1&google_push=AXcoOmSLkRtMSdqgFA8Pcil70yrPFWwlI-irEVwEhxcC9RJ9QA7Djd0eZCgZM4fvVfBiZuXlrL5phqMlDSHTxA8z481mTTkoHGykPNY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=NdFSG_awX7d9lWW1RwkgoSaEdkM&google_push=AXcoOmSLkRtMSdqgFA8Pcil70yrPFWwlI-irEVwEhxcC9RJ9QA7Djd0eZCgZM4fvVfBiZuXlrL5phqMlDSHTxA8z481mTTkoHGykPNY
Request Chain 142
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEKL_GqTqwx3s0Y_EfLoZ4yk&google_cver=1&google_push=AXcoOmQPpBnSCMQKO2OmwOHtlw6Pt-EKk2TDpepZdMqpGF0MzPcejpPn2panRznIPOySo-V8YBwPxYWzQri8RGDzSzdK3mZSty6GgA6F HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQPpBnSCMQKO2OmwOHtlw6Pt-EKk2TDpepZdMqpGF0MzPcejpPn2panRznIPOySo-V8YBwPxYWzQri8RGDzSzdK3mZSty6GgA6F&google_hm=QlMuYWIwYS02MGRlLTRjNzQtOWYzNw==

159 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request verify.php
iraidesousa.com.br/logs/Wellsv2/Update/ 		58 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
b99dc75119f62db24faeee8cb147fab00d5966b561d1804334a01affc4cb79f8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 24 Aug 2023 19:16:12 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://iraidesousa.com.br/wp-json/>; rel="https://api.w.org/"
server
Apache
vary
Accept-Encoding
style.min.css
iraidesousa.com.br/wp-includes/css/dist/block-library/ 		102 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.3
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Wed, 09 Aug 2023 05:56:58 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/css
main.css
iraidesousa.com.br/wp-content/plugins/advanced-responsive-video-embedder/build/ 		2 KB
656 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-content/plugins/advanced-responsive-video-embedder/build/main.css?ver=b087dd41bba279baeb77
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
353e17abf25c7dbf22619f4e4fef805bf0b968ac89af146343561746fd1b4d40

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Wed, 17 May 2023 21:23:46 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
602
style.css
iraidesousa.com.br/wp-content/themes/twentytwenty/ 		119 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-content/themes/twentytwenty/style.css?ver=2.2
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
fbd62dc59a698f8af8ad6ad03ac7d01c0160e879761e68b8de1b2004f572a45f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Sat, 01 Apr 2023 18:18:35 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/css
elementor-icons.min.css
iraidesousa.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.21.0
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
8631189ca38e73206e52ed06e8f0f3b2e839b9facc236b9519b9fd8d7f8d63e2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Sun, 20 Aug 2023 16:04:41 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
4055
frontend-lite.min.css
iraidesousa.com.br/wp-content/plugins/elementor/assets/css/ 		109 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.15.3
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
972341a5962040766949a0ab1517e1e9e02137e793c80ca98994b8f8e66c1189

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Sun, 20 Aug 2023 16:04:41 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/css
swiper.min.css
iraidesousa.com.br/wp-content/plugins/elementor/assets/lib/swiper/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Sun, 20 Aug 2023 16:04:41 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3188
post-12.css
iraidesousa.com.br/wp-content/uploads/elementor/css/ 		1 KB
446 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-content/uploads/elementor/css/post-12.css?ver=1683655241
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
fe820a214b804aacb3a07caad48cd948878cfbeef9089680f99e8037e5153ad6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Tue, 09 May 2023 18:00:41 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
391
frontend-lite.min.css
iraidesousa.com.br/wp-content/plugins/elementor-pro/assets/css/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.6.4
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
43a1639e9c2a26251797c2f35727aee7a8f9ba2b8468b9e7d621a88fc0915489

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Wed, 02 Nov 2022 18:02:16 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1838
global.css
iraidesousa.com.br/wp-content/uploads/elementor/css/ 		38 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-content/uploads/elementor/css/global.css?ver=1683655242
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
73bb16d91c22da6203031bbb8abb319d861bc294248fc7c149aefdf67c3e70ab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Tue, 09 May 2023 18:00:42 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3967
css
fonts.googleapis.com/ 		44 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.3
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af56f9a97ba9853d88e0dc672d67e32e3ff2f829df312625ef64a878f8632cf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 18:59:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 24 Aug 2023 19:16:13 GMT
jquery.min.js
iraidesousa.com.br/wp-includes/js/jquery/ 		85 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Wed, 09 Aug 2023 05:56:58 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
jquery-migrate.min.js
iraidesousa.com.br/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Wed, 09 Aug 2023 05:56:58 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
5422
index.js
iraidesousa.com.br/wp-content/themes/twentytwenty/assets/js/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-content/themes/twentytwenty/assets/js/index.js?ver=2.2
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
6a9c7d809cf7886b0418e90771e5cb9b0d04c7fa4da523ca397698c3a4b4de86

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Sat, 01 Apr 2023 18:18:35 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
9092
jquery.bind-first-0.2.3.min.js
iraidesousa.com.br/wp-content/plugins/pixelyoursite/dist/scripts/ 		1 KB
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.3
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Fri, 11 Aug 2023 16:05:04 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
689
js.cookie-2.1.3.min.js
iraidesousa.com.br/wp-content/plugins/pixelyoursite/dist/scripts/ 		2 KB
929 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Fri, 11 Aug 2023 16:05:04 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
897
public.js
iraidesousa.com.br/wp-content/plugins/pixelyoursite/dist/scripts/ 		108 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=9.4.2
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
ffe894f0b96b4663c3e50d90cc93d2a99e2d2fb8e1aa87be6a9fd8a6be9dfad4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Fri, 11 Aug 2023 16:05:04 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
js
www.googletagmanager.com/gtag/ 		179 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-249563276-1
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
94627793540e9cee039c3a3ea69e2d8f08d4dea1b76ea697fe0a9a8f0ad31d38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66493
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 18:02:13 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 24 Aug 2023 19:16:13 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 11:00:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31100
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 18:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Aug 2024 11:00:07 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 		190 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://iraidesousa.com.br/
Origin
https://iraidesousa.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 24 Aug 2023 19:16:13 GMT
x-content-type-options
nosniff
content-encoding
br
age
12843748
x-jsd-version
5.2.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
30336
x-served-by
cache-fra-eddf8230122-FRA, cache-mia-kmia1760095-MIA
x-jsd-version-type
version
etag
W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
js
www.googletagmanager.com/gtag/ 		225 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11092527647
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5d690fc05671f14c75a2edd50d0e1b93ce5cc30e65cc208eb5515e6bfa783350
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79416
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 18:02:13 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 24 Aug 2023 19:16:13 GMT
js
www.googletagmanager.com/gtag/ 		143 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10986192534
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d94a4b3a36115b4bd8da5f452aaf76ab66217bc07499c2e838239a585cdd79cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55802
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 18:02:13 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 24 Aug 2023 19:16:13 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7006225001390707
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5fcb880d5f3956ab4a1a0fa69311c0d124a41c86db52cb96524d799e4bf644a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iraidesousa.com.br/
Origin
https://iraidesousa.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51567
x-xss-protection
0
server
cafe
etag
15914303383918887903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 24 Aug 2023 19:16:13 GMT
wp-polyfill-inert.min.js
iraidesousa.com.br/wp-includes/js/dist/vendor/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 05:59:01 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2977
regenerator-runtime.min.js
iraidesousa.com.br/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 05:59:01 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2726
wp-polyfill.min.js
iraidesousa.com.br/wp-includes/js/dist/vendor/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Wed, 09 Aug 2023 05:56:58 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
6842
hooks.min.js
iraidesousa.com.br/wp-includes/js/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Wed, 09 Aug 2023 05:56:58 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1619
i18n.min.js
iraidesousa.com.br/wp-includes/js/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Wed, 09 Aug 2023 05:56:58 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3951
player-static.js
iraidesousa.com.br/wp-content/plugins/presto-player/src/player/ 		506 B
355 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-content/plugins/presto-player/src/player/player-static.js?ver=1690567049
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
b75edb1970d8496cecc8b67b9e78a8d9f39147c9f031c2a32e5589ba718ed2a1

Request headers

Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Origin
https://iraidesousa.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Fri, 28 Jul 2023 17:57:29 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
301
main.js
iraidesousa.com.br/wp-content/plugins/advanced-responsive-video-embedder/build/ 		1 KB
584 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-content/plugins/advanced-responsive-video-embedder/build/main.js?ver=b087dd41bba279baeb77
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
51b0666e8acb6f6722ce116f670d1b0a8216515122a68333e841bff36697d32d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Tue, 11 Apr 2023 03:08:48 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
529
print.css
iraidesousa.com.br/wp-content/themes/twentytwenty/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-content/themes/twentytwenty/print.css?ver=2.2
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
3a6e534ba6c925e8646018b5b7133e0e42fa33c8d67bd104e7b0f2521bcdf595

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Sat, 01 Apr 2023 18:18:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1044
bd7bb112-f8a9-4c01-a50b-71aab90ba2a9
https://iraidesousa.com.br/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://iraidesousa.com.br/bd7bb112-f8a9-4c01-a50b-71aab90ba2a9
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
fbevents.js
connect.facebook.net/en_US/ 		173 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 24 Aug 2023 19:16:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
47412
x-xss-protection
0
pragma
public
x-fb-debug
KPYtyKN9p9dRBPxk34/YhFBiwKRO7f2FtdGEYZar4J8BYfEuOydLsPB9/IpAzuj086L6+bliTdwl9Z3qFm6rcw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
Inter-upright-var.woff2
iraidesousa.com.br/wp-content/themes/twentytwenty/assets/fonts/inter/ 		219 KB
219 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-content/themes/twentytwenty/assets/fonts/inter/Inter-upright-var.woff2
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/wp-content/themes/twentytwenty/style.css?ver=2.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
e03c2df7ef439d2708bbc168a21c0a00da63e5664d286120c994c39644addd03

Request headers

Referer
https://iraidesousa.com.br/wp-content/themes/twentytwenty/style.css?ver=2.2
Origin
https://iraidesousa.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
last-modified
Sat, 01 Apr 2023 18:18:35 GMT
server
Apache
accept-ranges
bytes
content-length
223892
content-type
font/woff2
gtm.js
www.googletagmanager.com/ 		108 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5GTWGK7
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e20207d99d72bcf152629cb030d2293727b79169b1b9445025d5ede5ba749ae9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42970
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 18:02:13 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 24 Aug 2023 19:16:13 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7006225001390707
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f900c92e15525208a986ca0f69cb73bb1e2c99db70c9c8d6b6041ae5255ac987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iraidesousa.com.br/
Origin
https://iraidesousa.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51566
x-xss-protection
0
server
cafe
etag
13836902322875378228
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 24 Aug 2023 19:16:13 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://iraidesousa.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 16:08:08 GMT
x-content-type-options
nosniff
age
97686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Aug 2024 16:08:08 GMT
web-components.esm.js
iraidesousa.com.br/wp-content/plugins/presto-player/dist/components/web-components/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-content/plugins/presto-player/dist/components/web-components/web-components.esm.js?ver=1690567049
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/wp-content/plugins/presto-player/src/player/player-static.js?ver=1690567049
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
ef620b01b8627349f17be8559276b127293de81c1b8a9f6e5cce6b6e1a3c0340

Request headers

Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Origin
https://iraidesousa.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Fri, 28 Jul 2023 17:57:29 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1863
wp-emoji-release.min.js
iraidesousa.com.br/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.3
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:13 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 05:59:01 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
5344
admin-ajax.php
iraidesousa.com.br/wp-admin/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-admin/admin-ajax.php
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Cache-Control
no-cache
Referer
https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 24 Aug 2023 19:16:14 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://iraidesousa.com.br
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
0
expires
Wed, 11 Jan 1984 05:00:00 GMT
p-d7399561.js
iraidesousa.com.br/wp-content/plugins/presto-player/dist/components/web-components/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iraidesousa.com.br/wp-content/plugins/presto-player/dist/components/web-components/p-d7399561.js
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.177.61 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br184-ip04.hostgator.com.br
Software
Apache /
Resource Hash
2356df0f2c923f55f1047118d2b7d67548f9a924f41a7d650c5ddb5fdf8edf69

Request headers

Referer
https://iraidesousa.com.br/wp-content/plugins/presto-player/dist/components/web-components/web-components.esm.js?ver=1690567049
Origin
https://iraidesousa.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:14 GMT
content-encoding
gzip
last-modified
Fri, 28 Jul 2023 17:57:29 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
6347
211112685232198
connect.facebook.net/signals/config/ 		132 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/211112685232198?v=2.9.124&r=stable&domain=iraidesousa.com.br
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1fe8620c5e443ea8949c20eb522bd89739d22b5de895494724bbb432f17078a0
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 24 Aug 2023 19:16:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35437
x-xss-protection
0
pragma
public
x-fb-debug
CoQLE3RkjeLFIU13MixRaWDyJVuvDqDpmtlVTpLWHIv1+6OwEL/twctN93pbMWndavuf6GLPGMbQe7XEX4sX0A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/ 		392 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js?bust=31077299
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7006225001390707
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2b6e8e72bc82a0b1134c4d767ec29f0b567d6d19268c19c110593e3535561ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134646
x-xss-protection
0
server
cafe
etag
1893709616141042763
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Aug 2023 19:16:14 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/ Frame 3AEF 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7006225001390707
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iraidesousa.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
17416
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 14:25:58 GMT
etag
9878862242593084568
expires
Thu, 07 Sep 2023 14:25:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
688339616634195
connect.facebook.net/signals/config/ 		383 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/688339616634195?v=2.9.124&r=stable&domain=iraidesousa.com.br
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6a3f5452d7dcf38ed3fba5d6462476445c26231c1425be79a41bf14b65a49011
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 24 Aug 2023 19:16:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
111666
x-xss-protection
0
pragma
public
x-fb-debug
rreenVQ7R8bvs4IB1dUxiNVDrVEdmFrvBndJCHIpLUi+guV3BdD1+u8JatNr/In6KgtIhgOPfrQ1pq4BEbK6Ww==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=211112685232198&ev=PageView&dl=https%3A%2F%2Firaidesousa.com.br%2Flogs%2FWellsv2%2FUpdate%2Fverify.php&rl=&if=false&ts=1692904574228&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=30&fbp=fb.1.1692904573870.3582662995&cs_est=true&it=1692904574110&coo=false&rqm=GET
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 24 Aug 2023 19:16:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
js
www.googletagmanager.com/gtag/ 		179 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-249563276-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10986192534
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
956c08f48af5065c53950fd966240dac21c7ad14f225e9e7fb2570e53bd7e06b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66446
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 18:02:13 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 24 Aug 2023 19:16:14 GMT
js
www.googletagmanager.com/gtag/ 		275 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-P82HG7Z&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10986192534
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
798b20dc2614306e1247389c0662c71780b1e889162d07b63407fe974c7f7819
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92685
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 24 Aug 2023 19:16:14 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10986192534/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10986192534/?random=1692904574296&cv=11&fst=1692904574296&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Firaidesousa.com.br%2Flogs%2FWellsv2%2FUpdate%2Fverify.php&hn=www.googleadservices.com&frm=0&tiba=P%C3%A1gina%20n%C3%A3o%20encontrada%20%E2%80%93%20Iraide%20Sousa&did=dZTNiMT&gdid=dZTNiMT&auid=763497265.1692904574&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10986192534
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daafe34c8c72998c966de267fa24fb5345c04349a37a896aa553287b630e2bff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/10986192534/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/10986192534/?random=1692904574314&cv=11&fst=1692904574314&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Firaidesousa.com.br%2Flogs%2FWellsv2%2FUpdate%2Fverify.php&label=HT3xCPz8koQYEJb9z_Yo&hn=www.googleadservices.com&frm=0&tiba=P%C3%A1gina%20n%C3%A3o%20encontrada%20%E2%80%93%20Iraide%20Sousa&did=dZTNiMT&gdid=dZTNiMT&gtm_ee=1&auid=763497265.1692904574&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10986192534
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
6fb04468aecb8e05d49bda01bb3f2548d43430e26cf71fc766fa59c04a972995
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1621
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11092527647/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11092527647/?random=1692904574334&cv=11&fst=1692904574334&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Firaidesousa.com.br%2Flogs%2FWellsv2%2FUpdate%2Fverify.php&hn=www.googleadservices.com&frm=0&tiba=P%C3%A1gina%20n%C3%A3o%20encontrada%20%E2%80%93%20Iraide%20Sousa&did=dZTNiMT&gdid=dZTNiMT&auid=763497265.1692904574&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11092527647
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23f7f399c7c27a71b7cb3a319f25502cd992ec72307ce2c2fd136b92471933c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1359
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		217 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L981X73TSS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-249563276-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d53721f43880bf72af389755a24c4da9f0ad7f4f700672daa73c9a44918e1986
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78798
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 24 Aug 2023 19:16:14 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-249563276-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 24 Aug 2023 18:40:55 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2119
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 24 Aug 2023 20:40:55 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=688339616634195&ev=PageView&dl=https%3A%2F%2Firaidesousa.com.br%2Flogs%2FWellsv2%2FUpdate%2Fverify.php&rl=&if=false&ts=1692904574449&cd[post_type]=false&cd[plugin]=PixelYourSite&cd[user_role]=guest&cd[event_url]=iraidesousa.com.br%2Flogs%2FWellsv2%2FUpdate%2Fverify.php&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=30&fbp=fb.1.1692904573870.3582662995&cs_est=true&it=1692904574110&coo=false&eid=pFCMnwHKdunwdqJYjjdVlS2LHAEy2OAdUDdj&rqm=GET
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 24 Aug 2023 19:16:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-CNJKP478XS&gtm=45Pe38n0&_p=1435861192&_gaz=1&gdid=dZTNiMT&cid=217701084.1692904575&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692904574&sct=1&seg=0&dl=https%3A%2F%2Firaidesousa.com.br%2Flogs%2FWellsv2%2FUpdate%2Fverify.php&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20%E2%80%93%20Iraide%20Sousa&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-P82HG7Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://iraidesousa.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CNJKP478XS&cid=217701084.1692904575&gtm=45Pe38n0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-P82HG7Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://iraidesousa.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		403 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=iraidesousa.com.br&callback=_gfp_s_&client=ca-pub-7006225001390707
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js?bust=31077299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
294f511f9b91f1c2a849ed8704c2d7e677fa566ecdb641693f452a36a5f44755
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
257
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2FA7 		207 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7006225001390707&output=html&adk=1314090037&adf=164220786&lmt=1692940574&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Firaidesousa.com.br%2Flogs%2FWellsv2%2FUpdate%2Fverify.php&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692904574156&bpp=6&bdt=745&idt=497&shv=r20230823&mjsv=m202308210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6550365149090&frm=20&pv=2&ga_vid=217701084.1692904575&ga_sid=1692904575&ga_hid=1435861192&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44800951%2C31077299&oid=2&pvsid=3457457031583752&tmod=1196797816&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=530
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js?bust=31077299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b704b39a9f5af802b9f557ac41a5f4ff660494f79d0bc7df96095f89bc509a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iraidesousa.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42095
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 19:16:15 GMT
expires
Thu, 24 Aug 2023 19:16:15 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/10986192534/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10986192534/?random=1692904574296&cv=11&fst=1692903600000&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Firaidesousa.com.br%2Flogs%2FWellsv2%2FUpdate%2Fverify.php&frm=0&tiba=P%C3%A1gina%20n%C3%A3o%20encontrada%20%E2%80%93%20Iraide%20Sousa&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2566782578&rmt_tld=0&ipr=y
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/11092527647/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11092527647/?random=1692904574334&cv=11&fst=1692903600000&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Firaidesousa.com.br%2Flogs%2FWellsv2%2FUpdate%2Fverify.php&frm=0&tiba=P%C3%A1gina%20n%C3%A3o%20encontrada%20%E2%80%93%20Iraide%20Sousa&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3762260090&rmt_tld=0&ipr=y
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-L981X73TSS&gtm=45je38n0&_p=1435861192&_gaz=1&cid=217701084.1692904575&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1692904574&sct=1&seg=0&dl=https%3A%2F%2Firaidesousa.com.br%2Flogs%2FWellsv2%2FUpdate%2Fverify.php&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20%E2%80%93%20Iraide%20Sousa&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L981X73TSS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://iraidesousa.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-L981X73TSS&cid=217701084.1692904575&gtm=45je38n0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L981X73TSS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://iraidesousa.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-conversion/10986192534/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10986192534/?random=1496570088&cv=11&fst=1692904574314&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fir...
  • https://www.google.com/pagead/1p-conversion/10986192534/?random=1496570088&cv=11&fst=1692904574314&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Firaidesousa.com.br%2Flo...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/10986192534/?random=1496570088&cv=11&fst=1692904574314&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Firaidesousa.com.br%2Flogs%2FWellsv2%2FUpdate%2Fverify.php&label=HT3xCPz8koQYEJb9z_Yo&hn=www.googleadservices.com&frm=0&tiba=P%C3%A1gina%20n%C3%A3o%20encontrada%20%E2%80%93%20Iraide%20Sousa&did=dZTNiMT&gdid=dZTNiMT&gtm_ee=1&auid=763497265.1692904574&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOFAtYnB3WVE4cnIxZ3FmRXI2OUhFaVVBOGtJSHFqYjdhNmhLQjJJMTlUdm9Jc01TcFBQOHJRNWJHWDJVU1FJYkZHZ0h1a1BfGldDaEFJOFAtYnB3WVF0dURDaE15czhNMTlFaTBBdU5Ncy1DaWRyWGo5cWRxOTVrSnVXdjBmeDlzbVY0eXJ4SFQzWXo3c0V5Z3Q2WnlTZnJFS2gwSFlVTjgiEwi3ybX-gPaAAxWZEmgIHTI2C9A&is_vtc=1&ocp_id=fqznZLeSH5mloPMPsuysgA0&cid=CAQSLABpAlJWskD0opeD579w4lPvTDB4AgIim3gNuLsMKWIuEkHgqYu2EJ4C2cr9&random=585436665
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Server
2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:14 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.google.com/pagead/1p-conversion/10986192534/?random=1496570088&cv=11&fst=1692904574314&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Firaidesousa.com.br%2Flogs%2FWellsv2%2FUpdate%2Fverify.php&label=HT3xCPz8koQYEJb9z_Yo&hn=www.googleadservices.com&frm=0&tiba=P%C3%A1gina%20n%C3%A3o%20encontrada%20%E2%80%93%20Iraide%20Sousa&did=dZTNiMT&gdid=dZTNiMT&gtm_ee=1&auid=763497265.1692904574&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOFAtYnB3WVE4cnIxZ3FmRXI2OUhFaVVBOGtJSHFqYjdhNmhLQjJJMTlUdm9Jc01TcFBQOHJRNWJHWDJVU1FJYkZHZ0h1a1BfGldDaEFJOFAtYnB3WVF0dURDaE15czhNMTlFaTBBdU5Ncy1DaWRyWGo5cWRxOTVrSnVXdjBmeDlzbVY0eXJ4SFQzWXo3c0V5Z3Q2WnlTZnJFS2gwSFlVTjgiEwi3ybX-gPaAAxWZEmgIHTI2C9A&is_vtc=1&ocp_id=fqznZLeSH5mloPMPsuysgA0&cid=CAQSLABpAlJWskD0opeD579w4lPvTDB4AgIim3gNuLsMKWIuEkHgqYu2EJ4C2cr9&random=585436665
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1435861192&t=pageview&_s=1&dl=https%3A%2F%2Firaidesousa.com.br%2Flogs%2FWellsv2%2FUpdate%2Fverify.php&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20%E2%80%93%20Iraide%20Sousa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=409612849&gjid=1408680702&cid=217701084.1692904575&tid=UA-249563276-1&_gid=1017767096.1692904575&_r=1&gtm=457e38n0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=716441416
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://iraidesousa.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://iraidesousa.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230823&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js?bust=31077299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad6c6b06a15e87306e7aef2a7a3105acb6ffb927e6cf30e0d1b95ae8e3b0a75f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11660
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/ 		154 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/reactive_library_fy2021.js?bust=31077299
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js?bust=31077299
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf5e825625d9e4f1a93db56ad5e488b6c48b7406b24ac58698e05566d0340b6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53668
x-xss-protection
0
server
cafe
etag
15261433373562877426
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Aug 2023 19:16:15 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js?bust=31077299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 24 Aug 2023 19:16:15 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/ Frame 5FD1 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js?bust=31077299
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iraidesousa.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
16269
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 14:45:06 GMT
etag
9878862242593084568
expires
Thu, 07 Sep 2023 14:45:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/ Frame 5C01 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js?bust=31077299
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iraidesousa.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
16269
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 14:45:06 GMT
etag
9878862242593084568
expires
Thu, 07 Sep 2023 14:45:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/ Frame 5A53 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js?bust=31077299
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iraidesousa.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
16269
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 14:45:06 GMT
etag
9878862242593084568
expires
Thu, 07 Sep 2023 14:45:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
afr.php
ads.us.criteo.com/delivery/r/ Frame 2B6D 		116 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdQE0b1jAAaOkW_2_CawOq0OebP61g&u=%7CDUwFaF9B2YeHDmuugyB%2FwiThRFfaL3ikTGsH6AD3TzE%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LYAmtQqhcMAaaM0M13B53Zx0v9GePiXJy5gHAhw1eSQ7txFvSwaT_-8sZ-Vt4BHhFNobBYX7eqtjosHYssHxhdRGnygVKbGLQDddBauQWGl3xm4rMn1CapRx3Ci0nKgepsJvexCRF8-HNYd_NurG9Kk8vGo2NMyOKIkmmDnQA5RskZZfW15PU1t7IUhuNizO1uYwku6qP55h4-BAQbowf4xDv3MelOoG1xps1zQoSV2RutELFFaFw4gLE_-CHmYBv4ubWHBgafG2N2il-h7q4W8krJ73GUjw0xjWMmF_T7nDBUXXZ4Z9ybNWcDMv0h-O7rbsfpPaUvfbqJNpGYNd6I6zgE0VG2p38hw9JwumThJPD4TUJnXRMYq-NCMqDSNB0_QMYZ5cXjCObKYiUinpwo0hhIN8q9AaF4VVJe2uQQCH9SfrLorUnodArLzZ6R7vxfmR4LmXmVFMIexMvUwi9oAGV8BYM1qdchWmSPgJ1qk0j3kpP_6trEq0Uir-Ijxqa_DOiugrtAlLbYFYoMeFSQbWaNKsgeNL3qRTapMwYQlHSS_12tEo9SiroMu9pJRDVxW7Gk2lPVu0R0yTkvVciZKRnylixOcjIa4LnHc_8JiFUCjnO4NGnPY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC479DfqznZNTjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6AFP0OKTY_Qr4KucnILewLhpDYuLE7wWOze9l-lXTidg4Zjnkfk1PaySykhfe0_Nff8aVREhN-4IvbhvQXICvyKv0X_UnS4pw2D-SYvI1SmfKUQmz4z6EkIp9bHr-Ex8uZLpWuYnNB3R_7vxnmS3Qp0we7mFY6KfFtI2vphYqYUGA4_bJiqlDxoXAkhaHbIHwMa5FYv2yS61fE5HErmTjlIk1gb24ET4JuP0zYMbVDJxHVyzuoW3ie3PaPLQwrdCSqbNZV1HD1VTTksi6Eub-oaLegm7yrjl6F0QzYEIQ1z4LxUdcFYJE9KhgAb-waHY3IPfnTygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2O-ttnmBQiI8U0CT9q9N000uB2hQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
34468a240693cda78a94ab4ea4ddc9f605947ccbd50970afb135ebd9e8234905
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 19:16:15 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=RZ8lXnGfkQx2PfVPKt1MmFwYEPOxR7O0THFQ0M3jjG_gBxdtW4VSGbmqbavsQVWuQMGeUhQoFGcpSzWD5-RfQNsFjaVPGUZj0U7TYgF7wXFQPeheMNYfACJg6sqqQo6ZMngmpVcroA9B04pu76nTI8e1qh_FNF7pIb7K0feQjyRPN72ruR5_LST0lF4n_Z0T1xrpJdJ8jz4m4Iqco6Eu8lCeFUZHk4ZuKGyHVPCj5qgef72va5tWykCPVqHZfX52Iqx-ww"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
14665091
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 5FD1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 14:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
18245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 14:12:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A0D6 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
8806
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 16:49:29 GMT
etag
48472445140208031
expires
Fri, 25 Aug 2023 16:49:29 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 5FD1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 14:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
18245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 14:12:10 GMT
l
www.google.com/ads/measurement/ Frame 5FD1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQuXySbKCRmMdJeL8G-GnvRXiy4NgskNNeDFLIKXlV4mw_fUgkZ2Bu0RtvazP8WfBRj2Cbj9fFbrtm94yA1p7kfdsz1Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5FD1 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692792373905140"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Aug 2023 19:16:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BAEF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iraidesousa.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
51684
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 04:54:51 GMT
expires
Fri, 23 Aug 2024 04:54:51 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 43AE 		829 B
979 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a35eb283f9c673160f8b6f352e3c12a3800843fec81f03d2942aa267dc1052c2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3wQ7qYEkxaEZ-rB6ox_1Aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iraidesousa.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-3wQ7qYEkxaEZ-rB6ox_1Aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 19:16:15 GMT
expires
Thu, 24 Aug 2023 19:16:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
nmedianet.js
contextual.media.net/ Frame 345D 		92 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV&ydspr=1
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
df6144f556b1a041f7d67bd6ce5e899d814d8357fd6da9680f46d6b3591d353d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-mnt-h
21-g4dd
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 24 Aug 2023 19:16:16 GMT
server
Apache
etag
"5cd405974ee902b2c4a611572d65e93e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-s1v0
timing-allow-origin
*
content-length
35799
expires
Thu, 24 Aug 2023 19:21:16 GMT
release-20230329-99-adperformance.js
warp.media.net/rtb/resources/ Frame 345D 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.172.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-172-28.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Thu, 24 Aug 2023 19:16:16 GMT
x-guploader-uploadid
ADPycdvIA07uolGXKB2ssiwsyDgqMV4zKQeEzrGWzE-0qe0mB_SYBHuFlR0hWZLANlGZBaEyJeskGsWCcGiO_fk5GCOg0Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25080
server
UploadServer
etag
"821663833b8f83b3092ebbca9ed4a6f2"
vary
Accept-Encoding
x-goog-hash
md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-type
application/javascript
x-goog-generation
1680095338448196
cache-control
max-age=3600
x-goog-stored-content-length
73074
expires
Thu, 24 Aug 2023 20:16:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 345D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 14:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
18245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 14:12:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 345D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 14:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
18245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 14:12:10 GMT
l
www.google.com/ads/measurement/ Frame 345D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT9o8kXJj3XdolBMEOIzkBYKL74djP1eullC8qbeF_zXMCBpWza-QPdg8gbJ7kHDqmt9L1fIowemjvI1MSm9G_48_FIqQ
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 345D 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: iraidesousa.com.br
URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692792373905140"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Aug 2023 19:16:16 GMT
afr.php
ads.us.criteo.com/delivery/r/ Frame 9DE8 		102 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdYE0b1jAAaOkfiZbXHLgOCyRWnN7Q&u=%7CDUwFaF9B2YfRSNMt%2FmyITQCrLJApoXBInEyOaus0i%2BI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkpnon-rZw824BHZdc-ZE1BYy6Co5_rQm5BXHtIz5S66DJIQFa_b46W9ZRqqnZG13EG0AXn1N-fkb7_G5e3HoWce09Js6Qs7_0r6cF90IeX5HMU96YNrNReKtNeWZyUsdg6e2XuW8uKRQOhHTAeKHGXm2VRYbFEjkK_YrQPk3sp34lHyeEvDQOfAWAd2ravZm9RZpHxS7QrmEqjWjzO8fx8M1Hqz4EnXS7GvfwuV93Tw5R0G4pSob6z5eNhimHdRb6OWyTyRTJC3plW4JIZOycxf77LEX-LHLz77XdrsMf3lHNVYp0inrmp6Erw88GQW8-DK6ZqZzgscwHZUkYTDgmvlxArUGgDbhqssD62UGOWDzwvOpeydZELnOjmIOioIfD4CmSu2MCzK8NDP7Vs-9kEVbksQdzgT-XvKxoEucyr8t5SLojZDWbZePuoAi_M-jOY98P_b6vYmiJY3aABKXp1KgQbdE6Mmq-20S1NT0QMGiltLVTZa-F7s0bG5kDS1WRg6rK6nwI1vFA09n_0n3CvnUgezTh8QwMiysXdBlWB7mImBqglR6PB8Z4MdGVgSNq8kIMJpIP5XvCKy0viyipfoEPU5L71J-myAb882ERE_4VyjeActw3m4mniKSwCzVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC46kfqznZNbjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6QFP0EIiS9QVx_QyWJht4w_K5ytyNAF-6GVHFBZIbsYrg5wtIpxzeaUBMn_AnkzcsVG5hQ0JxopA6QmMdneuURZZe10_vjSYmoPjbbzkfsHdECQSvQV9lPH-ASVp1eSZ18bKKavngIrpGeHnkMvaWl0djnSzBOW6lBhCgTsYCuXQgFujxjxeBZgzP5BO2CVKYjwiGp-G0ez08Yx9ZVcKW-9VvLqyf_gz9J1d8eNqw2K0vFJM_aDfrfg4VJT9kYajtQQP3-UYP3Ho4Fipi4vWLEETjL9B3hcNRR34b5oXr9uZ6re80uZQxwibIoAG_sGh2NyD3508oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_30J-szFxU1w_8KyERk-zUkQn25jQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
bd1067b51242ae77f16016b624d12f34bd0b18cae8cae828a3db174bb1d65895
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 19:16:15 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=3tFun3GfkQx2PfVP8HFDsUnLvNdZfxcz4Z8aS2zTZb7h7O3WNMEygrFANqsFlvIdNvBWK-NcKK9Lv7f6MuYIlBXxGXfY3fZAQka4hfPG5dJl54pVGwkxrgdNc3c3XJxyo0LiH0P7VTcG4VwGoi3aFnvG9QvTymcy4v24Ua2hoidF9W5KFgjUVWVx6vuGWzuNccNPCktUQdAb_jJEN7XArgMYYF8knNOavBl6WX9GLTLVUXQJIQ2J5lZu92KvOVCLbKq9BA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
18575585
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 5A53 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 14:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
18245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 14:12:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4BB6 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
8807
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 16:49:29 GMT
etag
48472445140208031
expires
Fri, 25 Aug 2023 16:49:29 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 5A53 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 14:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
18245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 14:12:10 GMT
l
www.google.com/ads/measurement/ Frame 5A53 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRer_OcJtQxGhXYHI49P2T1hZ-LwpreJyBahauXYR9E2Plu6OU9rjQS07LTvMmjXyRKfF9wQOmtMTEVdmrrpfyfg9uXkQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5A53 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692792373905140"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Aug 2023 19:16:16 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=211112685232198&ev=Microdata&dl=https%3A%2F%2Firaidesousa.com.br%2Flogs%2FWellsv2%2FUpdate%2Fverify.php&rl=&if=false&ts=1692904575834&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22P%C3%A1gina%20n%C3%A3o%20encontrada%20%E2%80%93%20Iraide%20Sousa%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.124&r=stable&ec=1&o=30&fbp=fb.1.1692904573870.3582662995&it=1692904574110&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 24 Aug 2023 19:16:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A0D6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJTo_4n4H-6JZFvOi-j3wXQ&google_cver=1&google_push=AXcoOmR1eFtxzdJWUxeMSkU8yE-yY6_3HfJweSBH6Fo7yuJEkLsTE5mVLMEOBWIt7kK0v5YosTiO2AhaGXF6_np2G8h1N4tb9jiFKA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA5Mjg2ODUwNTUxMjczNDQ5Ng==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTo_4n4H-6JZFvOi-j3wXQ&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTo_4n4H-6JZFvOi-j3wXQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 24 Aug 2023 19:16:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTo_4n4H-6JZFvOi-j3wXQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A0D6
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEECEn2i8njhhGoNlXlTU9J0&google_cver=1&google_push=AXcoOmR6fM7eOSD0PWEmvCcEFzV7_-djcgMOpFiKN5JSurEF08mT9JV...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=2c38f909da3d064f&is_secure=true&networkId=14000&version=1&google_gid=CAESEECEn2i8njhhGoNlXlTU9J0&google_cver=1&google_push=AXcoOmR6fM7e...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJROINJnsnBgNk3uN-AAAAAAA&expiration=1692990976&google_cver=1&is_secure=true&google_gid=CAESEECEn2i8njhhGoNlXlTU9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJROINJnsnBgNk3uN-AAAAAAA&expiration=1692990976&google_cver=1&is_secure=true&google_gid=CAESEECEn2i8njhhGoNlXlTU9J0&google_push=AXcoOmR6fM7eOSD0PWEmvCcEFzV7_-djcgMOpFiKN5JSurEF08mT9JVLe6KyutG29093PeHK2H5mP3DEYiyoupW8YGSaMoHDm4iK
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.80.2 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:16 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJROINJnsnBgNk3uN-AAAAAAA&expiration=1692990976&google_cver=1&is_secure=true&google_gid=CAESEECEn2i8njhhGoNlXlTU9J0&google_push=AXcoOmR6fM7eOSD0PWEmvCcEFzV7_-djcgMOpFiKN5JSurEF08mT9JVLe6KyutG29093PeHK2H5mP3DEYiyoupW8YGSaMoHDm4iK
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame A0D6
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESENdvCNoY_i7bucl_hIs4510&google_cver=1&google_push=AXcoOmQF9QhtRKgDSnLQ2qaDthP6vZ8ZNU0Q0vXvWDugzFNWNmm_UZ4mZ6G3sfTheb5YmAsClTR9P...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQF9QhtRKgDSnLQ2qaDthP6vZ8ZNU0Q0vXvWDugzFNWNmm_UZ4mZ6G3sfTheb5YmAsClTR9P5b3dCm7nFzER9JpH5ig6HbqVA
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQF9QhtRKgDSnLQ2qaDthP6vZ8ZNU0Q0vXvWDugzFNWNmm_UZ4mZ6G3sfTheb5YmAsClTR9P5b3dCm7nFzER9JpH5ig6HbqVA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
142.250.80.2 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 24 Aug 2023 19:16:15 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 804A9388091E42069659C1394D20ADF6 Ref B: MIA301000104023 Ref C: 2023-08-24T19:16:16Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQF9QhtRKgDSnLQ2qaDthP6vZ8ZNU0Q0vXvWDugzFNWNmm_UZ4mZ6G3sfTheb5YmAsClTR9P5b3dCm7nFzER9JpH5ig6HbqVA
x-li-proto
http/2
content-length
0
x-li-uuid
AAYDsA/lORoE4NscG/Ivew==
pixel
cm.g.doubleclick.net/ Frame A0D6
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEP_iwX5LecMZw6TsAjUhHEc&google_cver=1&google_push=AXcoOmSoeFOxa6aZZTSnHqSOWovMubPwqUe8eHuwxTuS8C0S4XXCZVb8SOkCIq-1uG7Tcvy_JCG9N9-TPQRmSwi06mdEOchw7...
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=818280282682
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=818280282682
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
142.250.80.2 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=818280282682
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame A0D6
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEBt5lmoEhW8zR8_vHMPMWcU&c_param1=AXcoOmQ-N-_ydyPaSSc9riU6iLK995DYe5wQ3-KtJ0dKdUE0XOWhzofn10NfEzA-b62bBuV_tQkLajF2DnOiourabhzeTYL7mtLmeg&gdpr=%%GDPR%...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQ-N-_ydyPaSSc9riU6iLK995DYe5wQ3-KtJ0dKdUE0XOWhzofn10NfEzA-b62bBuV_tQkLajF2DnOiourabhzeTYL7mtLmeg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQ-N-_ydyPaSSc9riU6iLK995DYe5wQ3-KtJ0dKdUE0XOWhzofn10NfEzA-b62bBuV_tQkLajF2DnOiourabhzeTYL7mtLmeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.80.2 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQ-N-_ydyPaSSc9riU6iLK995DYe5wQ3-KtJ0dKdUE0XOWhzofn10NfEzA-b62bBuV_tQkLajF2DnOiourabhzeTYL7mtLmeg
date
Thu, 24 Aug 2023 19:16:16 GMT
server
nginx/1.23.2
content-length
0
pixel
cm.g.doubleclick.net/ Frame A0D6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKEeQ-WqcuMFczL2QYjnLQI&google_cver=1&google_push=AXcoOmQsIVeHCqYP3ikUlDqWXfBjxifLFzkSr4ASmZjQQ-iozPJh3W7OnwSxsZr6asLmNUxUKlmsiYj03fTjKvz...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=NdFSG_awX7d9lWW1RwkgoSaEdkM&google_push=AXcoOmQsIVeHCqYP3ikUlDqWXfBjxifLFzkSr4ASmZjQQ-iozPJh3W7OnwSxsZr6asLmNUxUKlmsiYj03fTjKv...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=NdFSG_awX7d9lWW1RwkgoSaEdkM&google_push=AXcoOmQsIVeHCqYP3ikUlDqWXfBjxifLFzkSr4ASmZjQQ-iozPJh3W7OnwSxsZr6asLmNUxUKlmsiYj03fTjKvzmpLIAZ93ketXs9g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
142.250.80.2 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=NdFSG_awX7d9lWW1RwkgoSaEdkM&google_push=AXcoOmQsIVeHCqYP3ikUlDqWXfBjxifLFzkSr4ASmZjQQ-iozPJh3W7OnwSxsZr6asLmNUxUKlmsiYj03fTjKvzmpLIAZ93ketXs9g
Date
Thu, 24 Aug 2023 19:16:16 GMT
Connection
keep-alive
Content-Length
244
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame A0D6
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEMkt9EKXkhbEXorZLUeA74E&google_cver=1&google_push=AXcoOmSs97k5_fzFAnVV3zImVWAHDxjQ-CCeNuWj5j5ddyqOucrEvojg8U3bbleTQxQm2zkISQrCUPTgv44c3zd...
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=rwx1ZzGZo0G55UvbxqhLNQ&google_push=AXcoOmSs97k5_fzFAnVV3zImVWAHDxjQ-CCeNuWj5j5ddyqOucrEvojg8U3bbleTQxQm2zkISQrCUPTgv44c3zdO2oTroXd_-...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=rwx1ZzGZo0G55UvbxqhLNQ&google_push=AXcoOmSs97k5_fzFAnVV3zImVWAHDxjQ-CCeNuWj5j5ddyqOucrEvojg8U3bbleTQxQm2zkISQrCUPTgv44c3zdO2oTroXd_-i7-5w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
142.250.80.2 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=rwx1ZzGZo0G55UvbxqhLNQ&google_push=AXcoOmSs97k5_fzFAnVV3zImVWAHDxjQ-CCeNuWj5j5ddyqOucrEvojg8U3bbleTQxQm2zkISQrCUPTgv44c3zdO2oTroXd_-i7-5w
Date
Thu, 24 Aug 2023 19:16:16 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame A0D6 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IhG1qPBHzS9CMvWZUHIqdFAV1tdJsN4C1bRN_jLesQuJ_lodzg4nKpYheMKwzemw7xHSEoEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.2 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=688339616634195&ev=Microdata&dl=https%3A%2F%2Firaidesousa.com.br%2Flogs%2FWellsv2%2FUpdate%2Fverify.php&rl=&if=false&ts=1692904575952&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22P%C3%A1gina%20n%C3%A3o%20encontrada%20%E2%80%93%20Iraide%20Sousa%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.124&r=stable&ec=1&o=30&fbp=fb.1.1692904573870.3582662995&it=1692904574110&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 24 Aug 2023 19:16:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
sodar
pagead2.googlesyndication.com/pagead/ Frame 43AE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230823&jk=3457457031583752&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers
F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js
pagead2.googlesyndication.com/bg/ Frame BAEF 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 14:16:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
104397
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14626
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Aug 2024 14:16:19 GMT
truncated
/ Frame 5A53 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db6b3c4981004beba1b0ef887106b75b9f86ece94ac7d58fc4609fdce201033d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4BB6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJTo_4n4H-6JZFvOi-j3wXQ&google_cver=1&google_push=AXcoOmT-PAYM7gJd7V-KubjcBp48Jtf3aDb5KNYnbHk3lfL6i4sVK31x5TOX-WhL2rzbkO-fDZjapjeuuQssHc9jtOSEDnhf0FTy
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA5Mjg2ODUwNTUxMjczNDQ5Ng==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTo_4n4H-6JZFvOi-j3wXQ&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTo_4n4H-6JZFvOi-j3wXQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 24 Aug 2023 19:16:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTo_4n4H-6JZFvOi-j3wXQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 4BB6 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECh1bh17PLeiyAjcacPIgN4&google_cver=1&google_push=AXcoOmT2juO60B0Asn_xusELd7BFpnup1kekzV6VqPP_300f0z2boWz-J8Iu0gr0LlcfV_vqr9vI-knj_id2WNK0bJDYuGVVlypwlQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4BB6
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEECEn2i8njhhGoNlXlTU9J0&google_cver=1&google_push=AXcoOmQBfvwEVtgkvoG769xeUaf30vgZSqTVSR23IbKFk8ejpw5h5DV...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=3f0a39b02b7e1a17&is_secure=true&networkId=14000&version=1&google_gid=CAESEECEn2i8njhhGoNlXlTU9J0&google_cver=1&google_push=AXcoOmQBfvwE...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH0rC0HCGnhgMrbHq5AAAAAAA&expiration=1692990976&google_cver=1&is_secure=true&google_gid=CAESEECEn2i8njhhGoNlXlTU9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH0rC0HCGnhgMrbHq5AAAAAAA&expiration=1692990976&google_cver=1&is_secure=true&google_gid=CAESEECEn2i8njhhGoNlXlTU9J0&google_push=AXcoOmQBfvwEVtgkvoG769xeUaf30vgZSqTVSR23IbKFk8ejpw5h5DV-eKF9itBf0-nJuUWFscrrZMyB0eh8MaSYSQ0SvnxILXSxDQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.80.2 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:16 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH0rC0HCGnhgMrbHq5AAAAAAA&expiration=1692990976&google_cver=1&is_secure=true&google_gid=CAESEECEn2i8njhhGoNlXlTU9J0&google_push=AXcoOmQBfvwEVtgkvoG769xeUaf30vgZSqTVSR23IbKFk8ejpw5h5DV-eKF9itBf0-nJuUWFscrrZMyB0eh8MaSYSQ0SvnxILXSxDQ
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 4BB6
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEOkCAmxuyIH4ZrTE6HaqDRs&google_cver=1&google_push=AXcoOmQ9-of87P3QqrQ2rDwqJ9PB64Zm-r6dZXZBKZ6d63R0h1L5xRbkrLyvtGkgRCqn3bo3WbVjVu-DAxrtrTMyJTwDOFffmX6zMQ
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=M0FFQTVCNzFEQTkwM0NFNA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=M0FFQTVCNzFEQTkwM0NFNA==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.80.2 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=M0FFQTVCNzFEQTkwM0NFNA==
date
Thu, 24 Aug 2023 19:16:16 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 4BB6
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEP_iwX5LecMZw6TsAjUhHEc&google_cver=1&google_push=AXcoOmTlJ1dylzkBa-6_Hj4PqjrQiXfBCMBwR6HTut8aSs9Y2TI5VzIm_QHvd7dRKk8BUMK3o66oXXybyJ4STobzUBdAOdClA...
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=818280282682
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=818280282682
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
142.250.80.2 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=818280282682
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 4BB6
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESENNg_mS-6gcy5uhBV4CZHrM&google_cver=1&google_push=AXcoOmRdLVWqPDqwOE2dVWAQK9EFlWobHLNTD3juhr41ydp_8Xe-2HAt7fugoNYUJIXQ7uOFuN3B4siGsQOPH8en5lr-hbL...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRdLVWqPDqwOE2dVWAQK9EFlWobHLNTD3juhr41ydp_8Xe-2HAt7fugoNYUJIXQ7uOFuN3B4siGsQOPH8en5lr-hbLBG5Eo6A&google_hm=MjQwMDM2M...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRdLVWqPDqwOE2dVWAQK9EFlWobHLNTD3juhr41ydp_8Xe-2HAt7fugoNYUJIXQ7uOFuN3B4siGsQOPH8en5lr-hbLBG5Eo6A&google_hm=MjQwMDM2MDAxMTQzNTgyMzg2Nw==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.80.2 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRdLVWqPDqwOE2dVWAQK9EFlWobHLNTD3juhr41ydp_8Xe-2HAt7fugoNYUJIXQ7uOFuN3B4siGsQOPH8en5lr-hbLBG5Eo6A&google_hm=MjQwMDM2MDAxMTQzNTgyMzg2Nw==
Date
Thu, 24 Aug 2023 19:16:16 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
google
sync-dmp.mobtrakk.com/match/ Frame 4BB6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEFtmbS3cKpox93q_6nHw1FM&google_cver=1&google_push=AXcoOmRZSAlw8fbYijB1SclJLOt5jojgPibRbToRhJJKPxehv8sywgvs3sy4m53mr7uodMKMM64OJY1keFLOZmMyCIGJrGJ1DK3Z1uc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.135.132.32 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-135-132-32.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers
attr
cm.g.doubleclick.net/pixel/ Frame 4BB6 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KHht2LiQs7LJ423HBwsxWl81bi-9co0Z211Y_YL4szhmnzMI5w7i36OmRJGz7lOE0_O4dNR78
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.2 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame 2B6D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdQE0b1jAAaOkW_2_CawOq0OebP61g&u=%7CDUwFaF9B2YeHDmuugyB%2FwiThRFfaL3ikTGsH6AD3TzE%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LYAmtQqhcMAaaM0M13B53Zx0v9GePiXJy5gHAhw1eSQ7txFvSwaT_-8sZ-Vt4BHhFNobBYX7eqtjosHYssHxhdRGnygVKbGLQDddBauQWGl3xm4rMn1CapRx3Ci0nKgepsJvexCRF8-HNYd_NurG9Kk8vGo2NMyOKIkmmDnQA5RskZZfW15PU1t7IUhuNizO1uYwku6qP55h4-BAQbowf4xDv3MelOoG1xps1zQoSV2RutELFFaFw4gLE_-CHmYBv4ubWHBgafG2N2il-h7q4W8krJ73GUjw0xjWMmF_T7nDBUXXZ4Z9ybNWcDMv0h-O7rbsfpPaUvfbqJNpGYNd6I6zgE0VG2p38hw9JwumThJPD4TUJnXRMYq-NCMqDSNB0_QMYZ5cXjCObKYiUinpwo0hhIN8q9AaF4VVJe2uQQCH9SfrLorUnodArLzZ6R7vxfmR4LmXmVFMIexMvUwi9oAGV8BYM1qdchWmSPgJ1qk0j3kpP_6trEq0Uir-Ijxqa_DOiugrtAlLbYFYoMeFSQbWaNKsgeNL3qRTapMwYQlHSS_12tEo9SiroMu9pJRDVxW7Gk2lPVu0R0yTkvVciZKRnylixOcjIa4LnHc_8JiFUCjnO4NGnPY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC479DfqznZNTjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6AFP0OKTY_Qr4KucnILewLhpDYuLE7wWOze9l-lXTidg4Zjnkfk1PaySykhfe0_Nff8aVREhN-4IvbhvQXICvyKv0X_UnS4pw2D-SYvI1SmfKUQmz4z6EkIp9bHr-Ex8uZLpWuYnNB3R_7vxnmS3Qp0we7mFY6KfFtI2vphYqYUGA4_bJiqlDxoXAkhaHbIHwMa5FYv2yS61fE5HErmTjlIk1gb24ET4JuP0zYMbVDJxHVyzuoW3ie3PaPLQwrdCSqbNZV1HD1VTTksi6Eub-oaLegm7yrjl6F0QzYEIQ1z4LxUdcFYJE9KhgAb-waHY3IPfnTygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2O-ttnmBQiI8U0CT9q9N000uB2hQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Aug 2024 19:16:16 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 2B6D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdQE0b1jAAaOkW_2_CawOq0OebP61g&u=%7CDUwFaF9B2YeHDmuugyB%2FwiThRFfaL3ikTGsH6AD3TzE%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LYAmtQqhcMAaaM0M13B53Zx0v9GePiXJy5gHAhw1eSQ7txFvSwaT_-8sZ-Vt4BHhFNobBYX7eqtjosHYssHxhdRGnygVKbGLQDddBauQWGl3xm4rMn1CapRx3Ci0nKgepsJvexCRF8-HNYd_NurG9Kk8vGo2NMyOKIkmmDnQA5RskZZfW15PU1t7IUhuNizO1uYwku6qP55h4-BAQbowf4xDv3MelOoG1xps1zQoSV2RutELFFaFw4gLE_-CHmYBv4ubWHBgafG2N2il-h7q4W8krJ73GUjw0xjWMmF_T7nDBUXXZ4Z9ybNWcDMv0h-O7rbsfpPaUvfbqJNpGYNd6I6zgE0VG2p38hw9JwumThJPD4TUJnXRMYq-NCMqDSNB0_QMYZ5cXjCObKYiUinpwo0hhIN8q9AaF4VVJe2uQQCH9SfrLorUnodArLzZ6R7vxfmR4LmXmVFMIexMvUwi9oAGV8BYM1qdchWmSPgJ1qk0j3kpP_6trEq0Uir-Ijxqa_DOiugrtAlLbYFYoMeFSQbWaNKsgeNL3qRTapMwYQlHSS_12tEo9SiroMu9pJRDVxW7Gk2lPVu0R0yTkvVciZKRnylixOcjIa4LnHc_8JiFUCjnO4NGnPY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC479DfqznZNTjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6AFP0OKTY_Qr4KucnILewLhpDYuLE7wWOze9l-lXTidg4Zjnkfk1PaySykhfe0_Nff8aVREhN-4IvbhvQXICvyKv0X_UnS4pw2D-SYvI1SmfKUQmz4z6EkIp9bHr-Ex8uZLpWuYnNB3R_7vxnmS3Qp0we7mFY6KfFtI2vphYqYUGA4_bJiqlDxoXAkhaHbIHwMa5FYv2yS61fE5HErmTjlIk1gb24ET4JuP0zYMbVDJxHVyzuoW3ie3PaPLQwrdCSqbNZV1HD1VTTksi6Eub-oaLegm7yrjl6F0QzYEIQ1z4LxUdcFYJE9KhgAb-waHY3IPfnTygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2O-ttnmBQiI8U0CT9q9N000uB2hQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Aug 2024 19:16:16 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 2B6D 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdQE0b1jAAaOkW_2_CawOq0OebP61g&u=%7CDUwFaF9B2YeHDmuugyB%2FwiThRFfaL3ikTGsH6AD3TzE%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LYAmtQqhcMAaaM0M13B53Zx0v9GePiXJy5gHAhw1eSQ7txFvSwaT_-8sZ-Vt4BHhFNobBYX7eqtjosHYssHxhdRGnygVKbGLQDddBauQWGl3xm4rMn1CapRx3Ci0nKgepsJvexCRF8-HNYd_NurG9Kk8vGo2NMyOKIkmmDnQA5RskZZfW15PU1t7IUhuNizO1uYwku6qP55h4-BAQbowf4xDv3MelOoG1xps1zQoSV2RutELFFaFw4gLE_-CHmYBv4ubWHBgafG2N2il-h7q4W8krJ73GUjw0xjWMmF_T7nDBUXXZ4Z9ybNWcDMv0h-O7rbsfpPaUvfbqJNpGYNd6I6zgE0VG2p38hw9JwumThJPD4TUJnXRMYq-NCMqDSNB0_QMYZ5cXjCObKYiUinpwo0hhIN8q9AaF4VVJe2uQQCH9SfrLorUnodArLzZ6R7vxfmR4LmXmVFMIexMvUwi9oAGV8BYM1qdchWmSPgJ1qk0j3kpP_6trEq0Uir-Ijxqa_DOiugrtAlLbYFYoMeFSQbWaNKsgeNL3qRTapMwYQlHSS_12tEo9SiroMu9pJRDVxW7Gk2lPVu0R0yTkvVciZKRnylixOcjIa4LnHc_8JiFUCjnO4NGnPY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC479DfqznZNTjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6AFP0OKTY_Qr4KucnILewLhpDYuLE7wWOze9l-lXTidg4Zjnkfk1PaySykhfe0_Nff8aVREhN-4IvbhvQXICvyKv0X_UnS4pw2D-SYvI1SmfKUQmz4z6EkIp9bHr-Ex8uZLpWuYnNB3R_7vxnmS3Qp0we7mFY6KfFtI2vphYqYUGA4_bJiqlDxoXAkhaHbIHwMa5FYv2yS61fE5HErmTjlIk1gb24ET4JuP0zYMbVDJxHVyzuoW3ie3PaPLQwrdCSqbNZV1HD1VTTksi6Eub-oaLegm7yrjl6F0QzYEIQ1z4LxUdcFYJE9KhgAb-waHY3IPfnTygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2O-ttnmBQiI8U0CT9q9N000uB2hQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 18 Aug 2024 19:16:16 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 2B6D 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdQE0b1jAAaOkW_2_CawOq0OebP61g&u=%7CDUwFaF9B2YeHDmuugyB%2FwiThRFfaL3ikTGsH6AD3TzE%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LYAmtQqhcMAaaM0M13B53Zx0v9GePiXJy5gHAhw1eSQ7txFvSwaT_-8sZ-Vt4BHhFNobBYX7eqtjosHYssHxhdRGnygVKbGLQDddBauQWGl3xm4rMn1CapRx3Ci0nKgepsJvexCRF8-HNYd_NurG9Kk8vGo2NMyOKIkmmDnQA5RskZZfW15PU1t7IUhuNizO1uYwku6qP55h4-BAQbowf4xDv3MelOoG1xps1zQoSV2RutELFFaFw4gLE_-CHmYBv4ubWHBgafG2N2il-h7q4W8krJ73GUjw0xjWMmF_T7nDBUXXZ4Z9ybNWcDMv0h-O7rbsfpPaUvfbqJNpGYNd6I6zgE0VG2p38hw9JwumThJPD4TUJnXRMYq-NCMqDSNB0_QMYZ5cXjCObKYiUinpwo0hhIN8q9AaF4VVJe2uQQCH9SfrLorUnodArLzZ6R7vxfmR4LmXmVFMIexMvUwi9oAGV8BYM1qdchWmSPgJ1qk0j3kpP_6trEq0Uir-Ijxqa_DOiugrtAlLbYFYoMeFSQbWaNKsgeNL3qRTapMwYQlHSS_12tEo9SiroMu9pJRDVxW7Gk2lPVu0R0yTkvVciZKRnylixOcjIa4LnHc_8JiFUCjnO4NGnPY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC479DfqznZNTjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6AFP0OKTY_Qr4KucnILewLhpDYuLE7wWOze9l-lXTidg4Zjnkfk1PaySykhfe0_Nff8aVREhN-4IvbhvQXICvyKv0X_UnS4pw2D-SYvI1SmfKUQmz4z6EkIp9bHr-Ex8uZLpWuYnNB3R_7vxnmS3Qp0we7mFY6KfFtI2vphYqYUGA4_bJiqlDxoXAkhaHbIHwMa5FYv2yS61fE5HErmTjlIk1gb24ET4JuP0zYMbVDJxHVyzuoW3ie3PaPLQwrdCSqbNZV1HD1VTTksi6Eub-oaLegm7yrjl6F0QzYEIQ1z4LxUdcFYJE9KhgAb-waHY3IPfnTygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2O-ttnmBQiI8U0CT9q9N000uB2hQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 18 Aug 2024 19:16:16 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 2B6D 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=6tQ87TKMoex-gC0eKSOXbbkYHDB3GPlwLws7tPIQIR77OdMYHh5YMHJa4nxeRWhxUYoCAytky3y3YOIXoop3L7xPS6lNVIPPfhSc7BA9fLQXN7U6UiTXlg8NPBezMKe2um-KXrNxJsaUns2svS5A-7QGsgmGL8F6luz7wPlWvXA93FWStLuPIHxMEO947mtc8qR2tUDzHGw2NlvyWggs9IsFV8uXzLEAmkXux8nz22o6UH9Lcn8Krw9ytgT1wDLUkyd_XdJjeCTe-bWiG3gfVWOC5VCiT3yM48KcN5ygX1SYQtS5IWjQqAj8cUEaZ2Pm4m4UoHTsVl3WQnSx52-kIFhnp0g4zFoH2T4wscPUaKLe-JaxxjPpzgrwEC1frPP0oMh90fU3Yb0TvsGce4mBp4P5vEAWAJreH-Kn7oA7gNsXvQDaZkW_eWsYlz3v1LhGISmLz411-DmkIg5yWo6MjH8Upw2Qf7hXIGJPvWyHJ66JToQMTtzdn1WPrVfNKnDsNV5yvw
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdQE0b1jAAaOkW_2_CawOq0OebP61g&u=%7CDUwFaF9B2YeHDmuugyB%2FwiThRFfaL3ikTGsH6AD3TzE%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LYAmtQqhcMAaaM0M13B53Zx0v9GePiXJy5gHAhw1eSQ7txFvSwaT_-8sZ-Vt4BHhFNobBYX7eqtjosHYssHxhdRGnygVKbGLQDddBauQWGl3xm4rMn1CapRx3Ci0nKgepsJvexCRF8-HNYd_NurG9Kk8vGo2NMyOKIkmmDnQA5RskZZfW15PU1t7IUhuNizO1uYwku6qP55h4-BAQbowf4xDv3MelOoG1xps1zQoSV2RutELFFaFw4gLE_-CHmYBv4ubWHBgafG2N2il-h7q4W8krJ73GUjw0xjWMmF_T7nDBUXXZ4Z9ybNWcDMv0h-O7rbsfpPaUvfbqJNpGYNd6I6zgE0VG2p38hw9JwumThJPD4TUJnXRMYq-NCMqDSNB0_QMYZ5cXjCObKYiUinpwo0hhIN8q9AaF4VVJe2uQQCH9SfrLorUnodArLzZ6R7vxfmR4LmXmVFMIexMvUwi9oAGV8BYM1qdchWmSPgJ1qk0j3kpP_6trEq0Uir-Ijxqa_DOiugrtAlLbYFYoMeFSQbWaNKsgeNL3qRTapMwYQlHSS_12tEo9SiroMu9pJRDVxW7Gk2lPVu0R0yTkvVciZKRnylixOcjIa4LnHc_8JiFUCjnO4NGnPY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC479DfqznZNTjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6AFP0OKTY_Qr4KucnILewLhpDYuLE7wWOze9l-lXTidg4Zjnkfk1PaySykhfe0_Nff8aVREhN-4IvbhvQXICvyKv0X_UnS4pw2D-SYvI1SmfKUQmz4z6EkIp9bHr-Ex8uZLpWuYnNB3R_7vxnmS3Qp0we7mFY6KfFtI2vphYqYUGA4_bJiqlDxoXAkhaHbIHwMa5FYv2yS61fE5HErmTjlIk1gb24ET4JuP0zYMbVDJxHVyzuoW3ie3PaPLQwrdCSqbNZV1HD1VTTksi6Eub-oaLegm7yrjl6F0QzYEIQ1z4LxUdcFYJE9KhgAb-waHY3IPfnTygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2O-ttnmBQiI8U0CT9q9N000uB2hQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:15 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2878078
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 2B6D 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdQE0b1jAAaOkW_2_CawOq0OebP61g&u=%7CDUwFaF9B2YeHDmuugyB%2FwiThRFfaL3ikTGsH6AD3TzE%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LYAmtQqhcMAaaM0M13B53Zx0v9GePiXJy5gHAhw1eSQ7txFvSwaT_-8sZ-Vt4BHhFNobBYX7eqtjosHYssHxhdRGnygVKbGLQDddBauQWGl3xm4rMn1CapRx3Ci0nKgepsJvexCRF8-HNYd_NurG9Kk8vGo2NMyOKIkmmDnQA5RskZZfW15PU1t7IUhuNizO1uYwku6qP55h4-BAQbowf4xDv3MelOoG1xps1zQoSV2RutELFFaFw4gLE_-CHmYBv4ubWHBgafG2N2il-h7q4W8krJ73GUjw0xjWMmF_T7nDBUXXZ4Z9ybNWcDMv0h-O7rbsfpPaUvfbqJNpGYNd6I6zgE0VG2p38hw9JwumThJPD4TUJnXRMYq-NCMqDSNB0_QMYZ5cXjCObKYiUinpwo0hhIN8q9AaF4VVJe2uQQCH9SfrLorUnodArLzZ6R7vxfmR4LmXmVFMIexMvUwi9oAGV8BYM1qdchWmSPgJ1qk0j3kpP_6trEq0Uir-Ijxqa_DOiugrtAlLbYFYoMeFSQbWaNKsgeNL3qRTapMwYQlHSS_12tEo9SiroMu9pJRDVxW7Gk2lPVu0R0yTkvVciZKRnylixOcjIa4LnHc_8JiFUCjnO4NGnPY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC479DfqznZNTjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6AFP0OKTY_Qr4KucnILewLhpDYuLE7wWOze9l-lXTidg4Zjnkfk1PaySykhfe0_Nff8aVREhN-4IvbhvQXICvyKv0X_UnS4pw2D-SYvI1SmfKUQmz4z6EkIp9bHr-Ex8uZLpWuYnNB3R_7vxnmS3Qp0we7mFY6KfFtI2vphYqYUGA4_bJiqlDxoXAkhaHbIHwMa5FYv2yS61fE5HErmTjlIk1gb24ET4JuP0zYMbVDJxHVyzuoW3ie3PaPLQwrdCSqbNZV1HD1VTTksi6Eub-oaLegm7yrjl6F0QzYEIQ1z4LxUdcFYJE9KhgAb-waHY3IPfnTygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2O-ttnmBQiI8U0CT9q9N000uB2hQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Aug 2024 19:16:16 GMT
all
csm.us.criteo.net/ Frame 2B6D 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=RZ8lXnGfkQx2PfVPKt1MmFwYEPOxR7O0THFQ0M3jjG_gBxdtW4VSGbmqbavsQVWuQMGeUhQoFGcpSzWD5-RfQNsFjaVPGUZj0U7TYgF7wXFQPeheMNYfACJg6sqqQo6ZMngmpVcroA9B04pu76nTI8e1qh_FNF7pIb7K0feQjyRPN72ruR5_LST0lF4n_Z0T1xrpJdJ8jz4m4Iqco6Eu8lCeFUZHk4ZuKGyHVPCj5qgef72va5tWykCPVqHZfX52Iqx-ww&sds=2&rev=88100&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdQE0b1jAAaOkW_2_CawOq0OebP61g&u=%7CDUwFaF9B2YeHDmuugyB%2FwiThRFfaL3ikTGsH6AD3TzE%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LYAmtQqhcMAaaM0M13B53Zx0v9GePiXJy5gHAhw1eSQ7txFvSwaT_-8sZ-Vt4BHhFNobBYX7eqtjosHYssHxhdRGnygVKbGLQDddBauQWGl3xm4rMn1CapRx3Ci0nKgepsJvexCRF8-HNYd_NurG9Kk8vGo2NMyOKIkmmDnQA5RskZZfW15PU1t7IUhuNizO1uYwku6qP55h4-BAQbowf4xDv3MelOoG1xps1zQoSV2RutELFFaFw4gLE_-CHmYBv4ubWHBgafG2N2il-h7q4W8krJ73GUjw0xjWMmF_T7nDBUXXZ4Z9ybNWcDMv0h-O7rbsfpPaUvfbqJNpGYNd6I6zgE0VG2p38hw9JwumThJPD4TUJnXRMYq-NCMqDSNB0_QMYZ5cXjCObKYiUinpwo0hhIN8q9AaF4VVJe2uQQCH9SfrLorUnodArLzZ6R7vxfmR4LmXmVFMIexMvUwi9oAGV8BYM1qdchWmSPgJ1qk0j3kpP_6trEq0Uir-Ijxqa_DOiugrtAlLbYFYoMeFSQbWaNKsgeNL3qRTapMwYQlHSS_12tEo9SiroMu9pJRDVxW7Gk2lPVu0R0yTkvVciZKRnylixOcjIa4LnHc_8JiFUCjnO4NGnPY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC479DfqznZNTjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6AFP0OKTY_Qr4KucnILewLhpDYuLE7wWOze9l-lXTidg4Zjnkfk1PaySykhfe0_Nff8aVREhN-4IvbhvQXICvyKv0X_UnS4pw2D-SYvI1SmfKUQmz4z6EkIp9bHr-Ex8uZLpWuYnNB3R_7vxnmS3Qp0we7mFY6KfFtI2vphYqYUGA4_bJiqlDxoXAkhaHbIHwMa5FYv2yS61fE5HErmTjlIk1gb24ET4JuP0zYMbVDJxHVyzuoW3ie3PaPLQwrdCSqbNZV1HD1VTTksi6Eub-oaLegm7yrjl6F0QzYEIQ1z4LxUdcFYJE9KhgAb-waHY3IPfnTygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2O-ttnmBQiI8U0CT9q9N000uB2hQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 24 Aug 2023 19:16:15 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2B6D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdQE0b1jAAaOkW_2_CawOq0OebP61g&u=%7CDUwFaF9B2YeHDmuugyB%2FwiThRFfaL3ikTGsH6AD3TzE%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LYAmtQqhcMAaaM0M13B53Zx0v9GePiXJy5gHAhw1eSQ7txFvSwaT_-8sZ-Vt4BHhFNobBYX7eqtjosHYssHxhdRGnygVKbGLQDddBauQWGl3xm4rMn1CapRx3Ci0nKgepsJvexCRF8-HNYd_NurG9Kk8vGo2NMyOKIkmmDnQA5RskZZfW15PU1t7IUhuNizO1uYwku6qP55h4-BAQbowf4xDv3MelOoG1xps1zQoSV2RutELFFaFw4gLE_-CHmYBv4ubWHBgafG2N2il-h7q4W8krJ73GUjw0xjWMmF_T7nDBUXXZ4Z9ybNWcDMv0h-O7rbsfpPaUvfbqJNpGYNd6I6zgE0VG2p38hw9JwumThJPD4TUJnXRMYq-NCMqDSNB0_QMYZ5cXjCObKYiUinpwo0hhIN8q9AaF4VVJe2uQQCH9SfrLorUnodArLzZ6R7vxfmR4LmXmVFMIexMvUwi9oAGV8BYM1qdchWmSPgJ1qk0j3kpP_6trEq0Uir-Ijxqa_DOiugrtAlLbYFYoMeFSQbWaNKsgeNL3qRTapMwYQlHSS_12tEo9SiroMu9pJRDVxW7Gk2lPVu0R0yTkvVciZKRnylixOcjIa4LnHc_8JiFUCjnO4NGnPY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC479DfqznZNTjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6AFP0OKTY_Qr4KucnILewLhpDYuLE7wWOze9l-lXTidg4Zjnkfk1PaySykhfe0_Nff8aVREhN-4IvbhvQXICvyKv0X_UnS4pw2D-SYvI1SmfKUQmz4z6EkIp9bHr-Ex8uZLpWuYnNB3R_7vxnmS3Qp0we7mFY6KfFtI2vphYqYUGA4_bJiqlDxoXAkhaHbIHwMa5FYv2yS61fE5HErmTjlIk1gb24ET4JuP0zYMbVDJxHVyzuoW3ie3PaPLQwrdCSqbNZV1HD1VTTksi6Eub-oaLegm7yrjl6F0QzYEIQ1z4LxUdcFYJE9KhgAb-waHY3IPfnTygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2O-ttnmBQiI8U0CT9q9N000uB2hQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Aug 2024 19:16:16 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 2B6D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdQE0b1jAAaOkW_2_CawOq0OebP61g&u=%7CDUwFaF9B2YeHDmuugyB%2FwiThRFfaL3ikTGsH6AD3TzE%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LYAmtQqhcMAaaM0M13B53Zx0v9GePiXJy5gHAhw1eSQ7txFvSwaT_-8sZ-Vt4BHhFNobBYX7eqtjosHYssHxhdRGnygVKbGLQDddBauQWGl3xm4rMn1CapRx3Ci0nKgepsJvexCRF8-HNYd_NurG9Kk8vGo2NMyOKIkmmDnQA5RskZZfW15PU1t7IUhuNizO1uYwku6qP55h4-BAQbowf4xDv3MelOoG1xps1zQoSV2RutELFFaFw4gLE_-CHmYBv4ubWHBgafG2N2il-h7q4W8krJ73GUjw0xjWMmF_T7nDBUXXZ4Z9ybNWcDMv0h-O7rbsfpPaUvfbqJNpGYNd6I6zgE0VG2p38hw9JwumThJPD4TUJnXRMYq-NCMqDSNB0_QMYZ5cXjCObKYiUinpwo0hhIN8q9AaF4VVJe2uQQCH9SfrLorUnodArLzZ6R7vxfmR4LmXmVFMIexMvUwi9oAGV8BYM1qdchWmSPgJ1qk0j3kpP_6trEq0Uir-Ijxqa_DOiugrtAlLbYFYoMeFSQbWaNKsgeNL3qRTapMwYQlHSS_12tEo9SiroMu9pJRDVxW7Gk2lPVu0R0yTkvVciZKRnylixOcjIa4LnHc_8JiFUCjnO4NGnPY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC479DfqznZNTjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6AFP0OKTY_Qr4KucnILewLhpDYuLE7wWOze9l-lXTidg4Zjnkfk1PaySykhfe0_Nff8aVREhN-4IvbhvQXICvyKv0X_UnS4pw2D-SYvI1SmfKUQmz4z6EkIp9bHr-Ex8uZLpWuYnNB3R_7vxnmS3Qp0we7mFY6KfFtI2vphYqYUGA4_bJiqlDxoXAkhaHbIHwMa5FYv2yS61fE5HErmTjlIk1gb24ET4JuP0zYMbVDJxHVyzuoW3ie3PaPLQwrdCSqbNZV1HD1VTTksi6Eub-oaLegm7yrjl6F0QzYEIQ1z4LxUdcFYJE9KhgAb-waHY3IPfnTygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2O-ttnmBQiI8U0CT9q9N000uB2hQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Aug 2024 19:16:16 GMT
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 974D 		81 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2832&&kkdd=A*%7Ch%7CH*39nAu&.d=aJuYuT7gEJagEgJJJgg&xU-f=T&V_-v=T&*U.=aTgu&X_*L=BY5g&*dU=imjgl~akI&*-*U=y5Lu(W0QCaP2jexQ!DUydK%3D%3D&*fdU=JYYEga7gg&_dCL=aJTQJTT&**=jc&_*=rB&*y2V=t3lsF0o&-dU=ikF~70YiA&X-dU=PsrgAaP&yXX-_=a&fff=XClOyB*GOBuRpYphn2.*iDJ*xL_Vbbj86o~OCyOr~GOgdfUEnLvqLF(d.IGjUX9V2Uob-Xp-.n7PQC(T5x4DyK%3D%3D&2_L=g&GK=a&6xU=7&vUXa=imjn5gh0e&vUXY=gg7JiuJEi&(UvXv=_UY%3D26GGZd6fGRG%3DaTZpxLf-V%3DTwYEZ.KRLQ*%3DTwuaZ.d_R_U%3DgEuZ6fGRf-_R(%3DiwTEZUpVR(%3DTwuiZU*Y%3DaZ_*U%3DDGZfvL%3DT%2CTZ.Rv_2%3DuTTuZUpVRG%3DYTZ.GYfR_U%3DYTY5TiY7TJZd6fGR(%3DEa7wJ7Z6fGRX)*%3DTZ6fGRfYvR(%3DTZ_XU%3Da5a7TuTT57Zsk%3Dw1.Lfdw1ZfvX%3DTwTTT%2CTZGv_X%3DZ*.px%3DYwTYZ.d_R6fGR(%3DTwg7Z.GYfRdR_U%3DYTY5TiY7T5Zd-%3DopUt)-D2uW)dDv7koV_9sZD((%3DTZ.d_R6fGRG%3DTZfdd-6v%3D5g%2C5gZLX%3DaJZf*%3DaZfd_6dU%3DT%2CTZ.GYfRdR(%3DTwTaZf-_R_U%3DYTY5TiY7aYZ.d_R(%3DEuEwg5ZfvU.%3DTwTTT%2CTZ6fGR(%3Daw7Z.GYfR6fGR(%3DTZ.GYfR6fGR.d%3Da9OaJZ6fGRX.d%3DTZ6fGRG%3DaTZ_G.%3DYiwJgZx*vX%3DOaZ((%3DauJZ..%3DTZ*.GYfR_U%3DgiYZfD.%3D7YwiYZGYfR(%3DaTTTZLf-V%3DTwYEZ.GYfR6fGR)*%3DT9TZ(V%3DaZf)L%3DT%2CTZfvU-%3DTwTTT%2CTZv5-R(%3Dgwau%2CiEwagZ_dU%3DJYYEga7ggZ_U%3DaZ6dU%3DYNvA-XfXGL~Ftu.t.xZ6fGRf-_R)*%3DTZ*.GYfR(%3DYwTYZ(XU%3D5Tii7JJJ7aui55aJiaTJgia55TEaiYTTJ5aJg7iY5JaT7u5TTYE7Y7gEaaETT5YEi7TEJYg5u577YY5gYaJTEggYugETu7EJJi5EEJTZ.K6%3DTwuaZUY-RG%3DaTZ*.GY%3DYwTYZ5-*D%3Duuiwg7Z6dV%3DTZf)X%3DTwTTT%2CTZUVVR_Xfx%3DyvfVp2WZUY-R(%3DaZpxUY-R(%3DTwuiZ__%3D03Z**%3DjcZ6dK%3DOaZ*L%3DTZf-_R(%3DiEwagZ6fGR_f-_R(%3DiwTEZf*.%3D7YwiYZmN%3DYuiuZf)K-%3DTwTTT%2CTZ)(R6*%3DOYZ2X_%3DYZ)(R**)_%3DOYZskY%3Dw1.Lfdw1Z*X%3DXvV-vZ(__RhP8%3D03%2C03Zf)KU%3DTwTTT%2CTZ(v_d_Y%3DauJZ(v_d_a%3DauJZd_lLD%3DTZkr%3DTZd_dD%3DTZ6fGRf-*R(%3DTZ(dU%3DTwYEZU*%3DiZ6fGRf-_Rf.%3DTZ.GYfR(%3D5wiuZ*(U-%3DTwagaZ_U%3DaZdXW-LRdU%3DaEZ_LGGLfRXvxRdU%3Da5a7TuTT57Z_6--GWRXvxRdU%3DZULXL*XLURXvxRdU%3DZ.dLKv(dGdXW%3DTwuaZ-p_%3DaZv*RXW-L%3DaZvU(G)%3Da5a7TuTT57ZvV-%3DaZpx(dU%3DTwYETZ(DGf%3DTwTaTZ_6dU%3Dm39c9kn-Oua5.t5jkI(r-eDO7LpZUX*%3DLv_XR_*ZUVVRLf-V%3DDvG_LZUVV%3DyvfVp2WZ(U-*v-U%3DTZUvGx%3DULDv6GXZ_p(-%3DTwa7ZQdU%3D3q!O-6(OETTJYYgTTa5uTETEZyXVG%3DaZU*6X%3D7gZUpx(%3DTOaZd(*%3DaZ2_C%3DYZXx_%3DaYTQJTT%7CaJTQJTTZ(_(%3DTZ(_-%3DTZXVQ%3DYga&2X.=T&VVV=6!p_0DNq49)%3D&dK=T&d2NDf=a&(UfNU=Yu7&(dU=55Euug&V*D=ETaJT&WU_-f=a&(vL=n7vxvLCnQ0&)vX-fL=a&)v_X_=X_XW-L%3DOaT7Ti%7C%7Cx(dU%3DOa&)vX(dU=OYa&)vXdU=iTiTgi7iT&)v-*=E&)vG_=XXW-L%3DaTTau%7C%7C-X%3Da%7C%7CGVdU%3D2v%7C%7C*Xf%3DTwYg%7C%7Cf-*%3DT%7C%7CXXU%3Di&)vXv=vXp2&)vGpx=cNq%3Di%7C%7CtNq%3DT%7C%7CskPq%3DJ7T%7C%7CcN%3D55aT%7C%7CPkPq%3DagT7gEguEiTaagJTgJgiT%7C%7CsN%3D55aY%7C%7CPBNq%3DJ%7C%7CjjNq%3DYNv)ItdBgIbUPqy-!m%7C%7CmN%3D55aY&d_dU=Y&-xdU=-TaJEi7uuTY5XYTY5TiY7auaJ&__GU=%7B%22__d-%22%3A%22YTTa%3ATggT%3AaUTg%3ATTTT%3ATTTT%3ATTTT%3ATTTT%3ATTTT%22%2C%22__**%22%3A%22jc%22%2C%22___*%22%3A%22rB%22%2C%22__*XW%22%3A%22XvV-v%22%7D&yXVG_f*=a&ure=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
994ec583b9551d2a3a15e2520cd5e37249a170c046ca88108d2c3e1445f633f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
29630
content-type
text/html
date
Thu, 24 Aug 2023 19:16:16 GMT
expires
Thu, 24 Aug 2023 19:16:16 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-nwnl
bping.php
lg3.media.net/ Frame 345D 		35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=2397&&vgd_cdv=1059&vgd_cage=0&vgd_tsce=L235&vgd_mcf=70160&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU5RJ1PV&crid=622751455&vi=1692904576157566655&ugd=4&lf=6&cc=US&sc=FL&lper=100&wsip=170785191&r=1692904576248&rrr=tzR-hLcl-L9_o2oKBnvc8f6cgesmZZUWuYJ-zh-FJl-5ird7BeaDeObivVlUdtEmndYZptopvB4Txzb03gqfhw%3D%3D&requrl=https%3A%2F%2Firaidesousa.com.br%2F&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.fh~eBMJ-Nv9.iu~e8QMQOvXhi~xLjMLEQMGvW.9h~OmYMGv9.iW~ONfvu~QNOvkj~L1Jv9%2C9~eM1Qzvi99i~OmYMjvf9~ejfLMQOvf9fA9WfH9F~8xLjMGvhuH.FH~xLjM7UNv9~xLjMLf1MGv9~Q7OvuAuH9i99AH~c0v.*eJL8.*~L17v9.999%2C9~j1Q7v~Nemyvf.9f~e8QMxLjMGv9.XH~ejfLM8MQOvf9fA9WfH9A~8Ev3mOqUEkzi5U8k1H03YQ4c~kGGv9~e8QMxLjMjv9~L88Ex1vAX%2CAX~J7vuF~LNvu~L8Qx8Ov9%2C9~ejfLM8MGv9.9u~LEQMQOvf9fA9WfHuf~e8QMGvhih.XA~L1Oev9.999%2C9~xLjMGvu.H~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvu9~QjevfW.FX~yN17vou~GGvuiF~eev9~NejfLMQOvXWf~LkevHf.Wf~jfLMGvu999~JLEYv9.fh~ejfLMxLjMUNv949~GYvu~LUJv9%2C9~L1OEv9.999%2C9~1AEMGvX.ui%2CWh.uX~Q8OvFffhXuHXX~QOvu~x8OvfV1ZE7L7jJ6aqieqey~xLjMLEQMUNv9~NejfLMGvf.9f~G7OvA9WWHFFFHuiWAAuFWu9FXWuAA9huWf99FAuFXHWfAFu9HiA99fhHfHXhuuh99AfhWH9hFfXAiAHHffAXfuF9hXXfiXh9iHhFFWAhhF9~eBxv9.iu~OfEMjvu9~Nejfvf.9f~AENkviiW.XH~x8Yv9~LU7v9.999%2C9~OYYMQ7Lyvw1LYmz5~OfEMGvu~myOfEMGv9.iW~QQvIK~NNvPb~x8Bvou~NJv9~LEQMGvWh.uX~xLjMQLEQMGvW.9h~LNevHf.Wf~%3DVvfiWi~LUBEv9.999%2C9~UGMxNvof~z7Qvf~UGMNNUQvof~c0fv.*eJL8.*~N7v71YE1~GQQMC_pvIK%2CIK~LUBOv9.999%2C9~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~0sv9~8Q8kv9~xLjMLENMGv9~G8Ov9.fh~ONvW~xLjMLEQMLev9~ejfLMGvA.Wi~NGOEv9.uXu~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvuAuH9i99AH~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.iu~EmQvu~1NM75EJvu~1OGjUvuAuH9i99AH~1YEvu~myG8Ov9.fh9~GkjLv9.9u9~Qx8Ov%3DK4b40REoiuAeqAP0%2FGsEgkoHJm~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~QmGEv9.uH~-8OvKrtoExGoh99FffX99uAi9h9h~w7Yjvu~ONx7vHX~OmyGv9ou~8GNvu~zQlvf~7yQvuf9-F99%7CuF9-F99~GQGv9~GQEv9~7Y-vfXu&ssld=%7B%22QQ8E%22%3A%22f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22sT%22%2C%22QQN75%22%3A%2271YE1%22%7D&vgd_bid=337995&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1692904576179831431&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUB35KNQ&vgd_hb_audit_2=554689678&vgd_pgid=p01678499023t202308241916&vgd_pgids=1&vgd_uspa=0&hvsid=00001692904576242006462152351422&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.172.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-172-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 24 Aug 2023 19:16:16 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 24 Aug 2023 19:16:16 GMT
checksync.php
contextual.media.net/ Frame 4277 		27 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUB35KNQ&prvid=462%2C99%2C77%2C20000%2C313%2C359%2C319%2C294%2C460&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
20548389ff56f97ddc71b7a67cd3dbbedb0c7721c2db642b9949df68cdca9891
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9687
content-type
text/html; charset=UTF-8
date
Thu, 24 Aug 2023 19:16:16 GMT
expires
Sat, 26 Aug 2023 19:16:16 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 345D 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=5599&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CUB35KNQ&reqid=cVgHPDfN-BgDtF5NN9D2ag&vid=cVgHPDfN-BgDtF5NN9D2ag&dn=iraidesousa.com.br&rawDn=iraidesousa.com.br&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Firaidesousa.com.br%2Flogs%2FWellsv2%2FUpdate%2Fverify.php&cliIPV6=2001%3A0550%3A1d05%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=FL&ct=tampa&zip=33018&pubid=pub-ADX-125388931573&tgtval=pub-ADX-125388931573&csip=rtb-appnexus-6d4778956-xlcj8.SC&dtc=east_sc&zone=d&sd=1&ptype=23&tmax=300&xtmax=290&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&asn=202&sckfl=1&suid=CAESEPBp-913vH3UPVbFpQf-4eo&smbrid=adx-1&usp_status=0&usp_enf=1&mspa_enforced=false&gqid=AD8Fdm6fZbcp0ATa4oh8xLP7zbZ-1tmCGNBCIPKmH_6hAKvksdFp21-97zfs9q4gZovCyd0F&pexid=ADX-pub-7006225001390707&geoll=true&is_ortb=false&s_ip=172.217.36.136&s_city=atlanta&commit_id=53420152&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-08-24+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&is_msnnative_src=false&rtttime=40&req_tid_present=false&pvid=294&prvAccId=622751455&prvApiId=8CU5RJ1PV&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=554689678&prspt=headerBid&prvReqId=25033005346848_346935670_55468967822941&reqsize=160x600&size=160x600&chnl=HARMONY&bdp=0.270&cbdp=0.151&og_cbdp=0.270&ogbdp=0.27&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Fsearch.yahoo.com&dfpBd=0.151&dt=O&dbf=1&epc=622751455&s=1&snm=SUCCESS&pcrid=8CU5RJ1PV-622751455-34-26&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=91&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1692904574909&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.27&dmm_erpm=true&dmm_ogerpm=false&bcrid=8032948058480&strg=HARMONY&vls=0&scrid=8032948058480&mang=1&pvdTmax=251&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&apPrfs%3C%3E=60%23%2331%23%2365%23%2313%23%2310&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CU5RJ1PV&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUB35KNQ&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=120x600%7C160x600&mx_bsProfileRa=0&mx_IAB2=0&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=1&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=5fecf81b3c&is_video_cmp=false&acid=0b79412cb88f4d26aedbb50013559fd9&rtime=17.0&wsip=mowx-lite-6bc87c4bfb-hshjc&ltime=31.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D1&adtypes=0&adblk=1314090034&impId=1&reftime=0&reftype=0&psrc=fail&mowxReqId=0b79412cb88f4d26aedbb50013559fd9_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=1&adpos=1&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&feedback_id=cVgHPDfN-BgDtF5NN9D2ag&supplyTagId=1314090034&mnrfc=-1&v_plcmt_override=0&v_placement_override=0&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&actltime=32&debug_ts=2023-08-24+19%3A16%3A14&__expireat=1692905175164&mview=1&sc_pvid=462&sc_ogbdp=0.14&sc_adj0=0.0&sc_adj1=0.0&sc_adj2=0.0&sc_prspt=headerBid&sc_bdp=0.140&sc_cbdp=0.140&sc_advUrl=https%3A%2F%2Frelated.healthyfacts.net&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.27~vw_exc%3D0.91~vis_sd%3D579~url_rps_b%3D8.07~dom_b%3D0.98~dc2%3D1~scd%3Dfl~rae%3D0%2C0~v_asn%3D9009~dom_l%3D20~vl2r_sd%3D2023082406~iurl_b%3D714.64~url_tkc%3D0~url_r2a_b%3D0~std%3D1314090034~MP%3D.*veri.*~rat%3D0.000%2C0~last%3D~cvog%3D2.02~vis_url_b%3D0.54~vl2r_i_sd%3D2023082403~ip%3DYodHkpfn9ykifa4PYmsEM~fbb%3D0~vis_url_l%3D0~riipua%3D35%2C35~et%3D16~rc%3D1~risuid%3D0%2C0~vl2r_i_b%3D0.01~rps_sd%3D2023082412~vis_b%3D797.53~radv%3D0.000%2C0~url_b%3D1.4~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D10~slv%3D28.65~gcat%3D-1~bb%3D196~vv%3D0~cvl2r_sd%3D582~rfv%3D42.82~l2r_b%3D1000~erpm%3D0.27~vl2r_url_kc%3D0E0~bm%3D1~rke%3D0%2C0~radp%3D0.000%2C0~a3p_b%3D5.19%2C87.15~sid%3D622751455~sd%3D1~uid%3D2IaGptrtleJOH9vHvg~url_rps_kc%3D0~cvl2r_b%3D2.02~btd%3D3088466641983316810658133071820063165482361049300274245711700327840762539344223521607552957094766837760~vwu%3D0.91~d2p_l%3D10~cvl2%3D2.02~3pcf%3D998.54~uim%3D0~rkt%3D0.000%2C0~dmm_strg%3Dharmony~d2p_b%3D1~ogd2p_b%3D0.98~ss%3DNA~cc%3DUS~uiw%3D-1~ce%3D0~rps_b%3D87.15~url_srps_b%3D8.07~rcv%3D42.82~CI%3D2989~rkwp%3D0.000%2C0~kb_uc%3D-2~nts%3D2~kb_ccks%3D-2~MP2%3D.*veri.*~ct%3Dtampa~bss_KTW%3DNA%2CNA~rkwd%3D0.000%2C0~basis2%3D196~basis1%3D196~isRef%3D0~PF%3D0~isif%3D0~url_rpc_b%3D0~bid%3D0.27~dc%3D8~url_rps_rv%3D0~vl2r_b%3D3.89~cbdp%3D0.151%7Esd%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D1314090034%7Esupply_tag_id%3D%7Edetected_tag_id%3D%7Eviewability%3D0.91%7Epos%3D1%7Eac_type%3D1%7Eadblk%3D1314090034%7Eamp%3D1%7Eogbid%3D0.270%7Ebflr%3D0.010%7Esuid%3DCAESEPBp-913vH3UPVbFpQf-4eo%7Edtc%3Deast_sc%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Ddefault%7Esobp%3D0.14%7Exid%3DADX-pub-7006225001390707%7Ehtml%3D1%7Edcut%3D45%7Edogb%3D0-1~ibc%3D1~nsz%3D2~tgs%3D120x600%7C160x600~bsb%3D0~bsp%3D0~tmx%3D251&utime=1354&sf=0&cpr=0.5546880144595343
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.172.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-172-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:16 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 24 Aug 2023 19:16:16 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FBE2 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
8807
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 16:49:29 GMT
etag
48472445140208031
expires
Fri, 25 Aug 2023 16:49:29 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 9DE8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdYE0b1jAAaOkfiZbXHLgOCyRWnN7Q&u=%7CDUwFaF9B2YfRSNMt%2FmyITQCrLJApoXBInEyOaus0i%2BI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkpnon-rZw824BHZdc-ZE1BYy6Co5_rQm5BXHtIz5S66DJIQFa_b46W9ZRqqnZG13EG0AXn1N-fkb7_G5e3HoWce09Js6Qs7_0r6cF90IeX5HMU96YNrNReKtNeWZyUsdg6e2XuW8uKRQOhHTAeKHGXm2VRYbFEjkK_YrQPk3sp34lHyeEvDQOfAWAd2ravZm9RZpHxS7QrmEqjWjzO8fx8M1Hqz4EnXS7GvfwuV93Tw5R0G4pSob6z5eNhimHdRb6OWyTyRTJC3plW4JIZOycxf77LEX-LHLz77XdrsMf3lHNVYp0inrmp6Erw88GQW8-DK6ZqZzgscwHZUkYTDgmvlxArUGgDbhqssD62UGOWDzwvOpeydZELnOjmIOioIfD4CmSu2MCzK8NDP7Vs-9kEVbksQdzgT-XvKxoEucyr8t5SLojZDWbZePuoAi_M-jOY98P_b6vYmiJY3aABKXp1KgQbdE6Mmq-20S1NT0QMGiltLVTZa-F7s0bG5kDS1WRg6rK6nwI1vFA09n_0n3CvnUgezTh8QwMiysXdBlWB7mImBqglR6PB8Z4MdGVgSNq8kIMJpIP5XvCKy0viyipfoEPU5L71J-myAb882ERE_4VyjeActw3m4mniKSwCzVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC46kfqznZNbjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6QFP0EIiS9QVx_QyWJht4w_K5ytyNAF-6GVHFBZIbsYrg5wtIpxzeaUBMn_AnkzcsVG5hQ0JxopA6QmMdneuURZZe10_vjSYmoPjbbzkfsHdECQSvQV9lPH-ASVp1eSZ18bKKavngIrpGeHnkMvaWl0djnSzBOW6lBhCgTsYCuXQgFujxjxeBZgzP5BO2CVKYjwiGp-G0ez08Yx9ZVcKW-9VvLqyf_gz9J1d8eNqw2K0vFJM_aDfrfg4VJT9kYajtQQP3-UYP3Ho4Fipi4vWLEETjL9B3hcNRR34b5oXr9uZ6re80uZQxwibIoAG_sGh2NyD3508oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_30J-szFxU1w_8KyERk-zUkQn25jQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Aug 2024 19:16:16 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 9DE8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdYE0b1jAAaOkfiZbXHLgOCyRWnN7Q&u=%7CDUwFaF9B2YfRSNMt%2FmyITQCrLJApoXBInEyOaus0i%2BI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkpnon-rZw824BHZdc-ZE1BYy6Co5_rQm5BXHtIz5S66DJIQFa_b46W9ZRqqnZG13EG0AXn1N-fkb7_G5e3HoWce09Js6Qs7_0r6cF90IeX5HMU96YNrNReKtNeWZyUsdg6e2XuW8uKRQOhHTAeKHGXm2VRYbFEjkK_YrQPk3sp34lHyeEvDQOfAWAd2ravZm9RZpHxS7QrmEqjWjzO8fx8M1Hqz4EnXS7GvfwuV93Tw5R0G4pSob6z5eNhimHdRb6OWyTyRTJC3plW4JIZOycxf77LEX-LHLz77XdrsMf3lHNVYp0inrmp6Erw88GQW8-DK6ZqZzgscwHZUkYTDgmvlxArUGgDbhqssD62UGOWDzwvOpeydZELnOjmIOioIfD4CmSu2MCzK8NDP7Vs-9kEVbksQdzgT-XvKxoEucyr8t5SLojZDWbZePuoAi_M-jOY98P_b6vYmiJY3aABKXp1KgQbdE6Mmq-20S1NT0QMGiltLVTZa-F7s0bG5kDS1WRg6rK6nwI1vFA09n_0n3CvnUgezTh8QwMiysXdBlWB7mImBqglR6PB8Z4MdGVgSNq8kIMJpIP5XvCKy0viyipfoEPU5L71J-myAb882ERE_4VyjeActw3m4mniKSwCzVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC46kfqznZNbjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6QFP0EIiS9QVx_QyWJht4w_K5ytyNAF-6GVHFBZIbsYrg5wtIpxzeaUBMn_AnkzcsVG5hQ0JxopA6QmMdneuURZZe10_vjSYmoPjbbzkfsHdECQSvQV9lPH-ASVp1eSZ18bKKavngIrpGeHnkMvaWl0djnSzBOW6lBhCgTsYCuXQgFujxjxeBZgzP5BO2CVKYjwiGp-G0ez08Yx9ZVcKW-9VvLqyf_gz9J1d8eNqw2K0vFJM_aDfrfg4VJT9kYajtQQP3-UYP3Ho4Fipi4vWLEETjL9B3hcNRR34b5oXr9uZ6re80uZQxwibIoAG_sGh2NyD3508oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_30J-szFxU1w_8KyERk-zUkQn25jQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Aug 2024 19:16:16 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 9DE8 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdYE0b1jAAaOkfiZbXHLgOCyRWnN7Q&u=%7CDUwFaF9B2YfRSNMt%2FmyITQCrLJApoXBInEyOaus0i%2BI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkpnon-rZw824BHZdc-ZE1BYy6Co5_rQm5BXHtIz5S66DJIQFa_b46W9ZRqqnZG13EG0AXn1N-fkb7_G5e3HoWce09Js6Qs7_0r6cF90IeX5HMU96YNrNReKtNeWZyUsdg6e2XuW8uKRQOhHTAeKHGXm2VRYbFEjkK_YrQPk3sp34lHyeEvDQOfAWAd2ravZm9RZpHxS7QrmEqjWjzO8fx8M1Hqz4EnXS7GvfwuV93Tw5R0G4pSob6z5eNhimHdRb6OWyTyRTJC3plW4JIZOycxf77LEX-LHLz77XdrsMf3lHNVYp0inrmp6Erw88GQW8-DK6ZqZzgscwHZUkYTDgmvlxArUGgDbhqssD62UGOWDzwvOpeydZELnOjmIOioIfD4CmSu2MCzK8NDP7Vs-9kEVbksQdzgT-XvKxoEucyr8t5SLojZDWbZePuoAi_M-jOY98P_b6vYmiJY3aABKXp1KgQbdE6Mmq-20S1NT0QMGiltLVTZa-F7s0bG5kDS1WRg6rK6nwI1vFA09n_0n3CvnUgezTh8QwMiysXdBlWB7mImBqglR6PB8Z4MdGVgSNq8kIMJpIP5XvCKy0viyipfoEPU5L71J-myAb882ERE_4VyjeActw3m4mniKSwCzVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC46kfqznZNbjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6QFP0EIiS9QVx_QyWJht4w_K5ytyNAF-6GVHFBZIbsYrg5wtIpxzeaUBMn_AnkzcsVG5hQ0JxopA6QmMdneuURZZe10_vjSYmoPjbbzkfsHdECQSvQV9lPH-ASVp1eSZ18bKKavngIrpGeHnkMvaWl0djnSzBOW6lBhCgTsYCuXQgFujxjxeBZgzP5BO2CVKYjwiGp-G0ez08Yx9ZVcKW-9VvLqyf_gz9J1d8eNqw2K0vFJM_aDfrfg4VJT9kYajtQQP3-UYP3Ho4Fipi4vWLEETjL9B3hcNRR34b5oXr9uZ6re80uZQxwibIoAG_sGh2NyD3508oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_30J-szFxU1w_8KyERk-zUkQn25jQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 18 Aug 2024 19:16:16 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 9DE8 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdYE0b1jAAaOkfiZbXHLgOCyRWnN7Q&u=%7CDUwFaF9B2YfRSNMt%2FmyITQCrLJApoXBInEyOaus0i%2BI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkpnon-rZw824BHZdc-ZE1BYy6Co5_rQm5BXHtIz5S66DJIQFa_b46W9ZRqqnZG13EG0AXn1N-fkb7_G5e3HoWce09Js6Qs7_0r6cF90IeX5HMU96YNrNReKtNeWZyUsdg6e2XuW8uKRQOhHTAeKHGXm2VRYbFEjkK_YrQPk3sp34lHyeEvDQOfAWAd2ravZm9RZpHxS7QrmEqjWjzO8fx8M1Hqz4EnXS7GvfwuV93Tw5R0G4pSob6z5eNhimHdRb6OWyTyRTJC3plW4JIZOycxf77LEX-LHLz77XdrsMf3lHNVYp0inrmp6Erw88GQW8-DK6ZqZzgscwHZUkYTDgmvlxArUGgDbhqssD62UGOWDzwvOpeydZELnOjmIOioIfD4CmSu2MCzK8NDP7Vs-9kEVbksQdzgT-XvKxoEucyr8t5SLojZDWbZePuoAi_M-jOY98P_b6vYmiJY3aABKXp1KgQbdE6Mmq-20S1NT0QMGiltLVTZa-F7s0bG5kDS1WRg6rK6nwI1vFA09n_0n3CvnUgezTh8QwMiysXdBlWB7mImBqglR6PB8Z4MdGVgSNq8kIMJpIP5XvCKy0viyipfoEPU5L71J-myAb882ERE_4VyjeActw3m4mniKSwCzVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC46kfqznZNbjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6QFP0EIiS9QVx_QyWJht4w_K5ytyNAF-6GVHFBZIbsYrg5wtIpxzeaUBMn_AnkzcsVG5hQ0JxopA6QmMdneuURZZe10_vjSYmoPjbbzkfsHdECQSvQV9lPH-ASVp1eSZ18bKKavngIrpGeHnkMvaWl0djnSzBOW6lBhCgTsYCuXQgFujxjxeBZgzP5BO2CVKYjwiGp-G0ez08Yx9ZVcKW-9VvLqyf_gz9J1d8eNqw2K0vFJM_aDfrfg4VJT9kYajtQQP3-UYP3Ho4Fipi4vWLEETjL9B3hcNRR34b5oXr9uZ6re80uZQxwibIoAG_sGh2NyD3508oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_30J-szFxU1w_8KyERk-zUkQn25jQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 18 Aug 2024 19:16:16 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 9DE8 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=WC3CJ72gOptNcE2nNAMBHo8hYk8fxDLDOIMeQcf6tCko0cZAjg6rgPU9ixWpOi23hjdoJiS4XqLAiHpjcnMv4f-itW1KdWDy1N2CkurXE5qhzLPonWVu4ghIcW2Osp4N_DzEgJPSkywYCgl7gJrqTN1895Xvlp_iYBCqORmg4rH8dxgWeCxCxk70qiqGY0RXoaK0E88NEOXMYJgBh61r16Ve5kN5XO9jgIvSCDXp4Dgty-xLMsZt7EllL0oTdNIv59l-S_4NphY_KUT2ZsUPbsRi7_g0a0LI9cgI3-almctqPesNadlDyvdROUD3HnUTb2KGjn9bi-6WKyRxdtqjCCrWBLbVdAz-sZiaFPTPQ1mbMWtBl0yBbFb-I4OFRUAAyW3PPry7h5Is6dSa8j4JJNYPvpB6C-IQJwaX7vHMSLXeB7XwAC1f_dsPw-ZppZ7rbfAqOJgb2qsxWrcu768xlMTaEcG4-QPoq_jGmTVfXMyuwjINOF9ZBm9j73G9GLoHbqU61g
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdYE0b1jAAaOkfiZbXHLgOCyRWnN7Q&u=%7CDUwFaF9B2YfRSNMt%2FmyITQCrLJApoXBInEyOaus0i%2BI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkpnon-rZw824BHZdc-ZE1BYy6Co5_rQm5BXHtIz5S66DJIQFa_b46W9ZRqqnZG13EG0AXn1N-fkb7_G5e3HoWce09Js6Qs7_0r6cF90IeX5HMU96YNrNReKtNeWZyUsdg6e2XuW8uKRQOhHTAeKHGXm2VRYbFEjkK_YrQPk3sp34lHyeEvDQOfAWAd2ravZm9RZpHxS7QrmEqjWjzO8fx8M1Hqz4EnXS7GvfwuV93Tw5R0G4pSob6z5eNhimHdRb6OWyTyRTJC3plW4JIZOycxf77LEX-LHLz77XdrsMf3lHNVYp0inrmp6Erw88GQW8-DK6ZqZzgscwHZUkYTDgmvlxArUGgDbhqssD62UGOWDzwvOpeydZELnOjmIOioIfD4CmSu2MCzK8NDP7Vs-9kEVbksQdzgT-XvKxoEucyr8t5SLojZDWbZePuoAi_M-jOY98P_b6vYmiJY3aABKXp1KgQbdE6Mmq-20S1NT0QMGiltLVTZa-F7s0bG5kDS1WRg6rK6nwI1vFA09n_0n3CvnUgezTh8QwMiysXdBlWB7mImBqglR6PB8Z4MdGVgSNq8kIMJpIP5XvCKy0viyipfoEPU5L71J-myAb882ERE_4VyjeActw3m4mniKSwCzVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC46kfqznZNbjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6QFP0EIiS9QVx_QyWJht4w_K5ytyNAF-6GVHFBZIbsYrg5wtIpxzeaUBMn_AnkzcsVG5hQ0JxopA6QmMdneuURZZe10_vjSYmoPjbbzkfsHdECQSvQV9lPH-ASVp1eSZ18bKKavngIrpGeHnkMvaWl0djnSzBOW6lBhCgTsYCuXQgFujxjxeBZgzP5BO2CVKYjwiGp-G0ez08Yx9ZVcKW-9VvLqyf_gz9J1d8eNqw2K0vFJM_aDfrfg4VJT9kYajtQQP3-UYP3Ho4Fipi4vWLEETjL9B3hcNRR34b5oXr9uZ6re80uZQxwibIoAG_sGh2NyD3508oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_30J-szFxU1w_8KyERk-zUkQn25jQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:15 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2648967
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 9DE8 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdYE0b1jAAaOkfiZbXHLgOCyRWnN7Q&u=%7CDUwFaF9B2YfRSNMt%2FmyITQCrLJApoXBInEyOaus0i%2BI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkpnon-rZw824BHZdc-ZE1BYy6Co5_rQm5BXHtIz5S66DJIQFa_b46W9ZRqqnZG13EG0AXn1N-fkb7_G5e3HoWce09Js6Qs7_0r6cF90IeX5HMU96YNrNReKtNeWZyUsdg6e2XuW8uKRQOhHTAeKHGXm2VRYbFEjkK_YrQPk3sp34lHyeEvDQOfAWAd2ravZm9RZpHxS7QrmEqjWjzO8fx8M1Hqz4EnXS7GvfwuV93Tw5R0G4pSob6z5eNhimHdRb6OWyTyRTJC3plW4JIZOycxf77LEX-LHLz77XdrsMf3lHNVYp0inrmp6Erw88GQW8-DK6ZqZzgscwHZUkYTDgmvlxArUGgDbhqssD62UGOWDzwvOpeydZELnOjmIOioIfD4CmSu2MCzK8NDP7Vs-9kEVbksQdzgT-XvKxoEucyr8t5SLojZDWbZePuoAi_M-jOY98P_b6vYmiJY3aABKXp1KgQbdE6Mmq-20S1NT0QMGiltLVTZa-F7s0bG5kDS1WRg6rK6nwI1vFA09n_0n3CvnUgezTh8QwMiysXdBlWB7mImBqglR6PB8Z4MdGVgSNq8kIMJpIP5XvCKy0viyipfoEPU5L71J-myAb882ERE_4VyjeActw3m4mniKSwCzVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC46kfqznZNbjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6QFP0EIiS9QVx_QyWJht4w_K5ytyNAF-6GVHFBZIbsYrg5wtIpxzeaUBMn_AnkzcsVG5hQ0JxopA6QmMdneuURZZe10_vjSYmoPjbbzkfsHdECQSvQV9lPH-ASVp1eSZ18bKKavngIrpGeHnkMvaWl0djnSzBOW6lBhCgTsYCuXQgFujxjxeBZgzP5BO2CVKYjwiGp-G0ez08Yx9ZVcKW-9VvLqyf_gz9J1d8eNqw2K0vFJM_aDfrfg4VJT9kYajtQQP3-UYP3Ho4Fipi4vWLEETjL9B3hcNRR34b5oXr9uZ6re80uZQxwibIoAG_sGh2NyD3508oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_30J-szFxU1w_8KyERk-zUkQn25jQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Aug 2024 19:16:16 GMT
img
imageproxy.us.criteo.net/img/ Frame 9DE8 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?h=244&m=0&partner=102266&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F102266%2F4793739%2F1371674528fd4403ab35a736b15beaac_logo_-_boston_brain_science.png&v=3&w=402&s=JLSd0kFSjKlj6wCAGqJ0Ittw
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdYE0b1jAAaOkfiZbXHLgOCyRWnN7Q&u=%7CDUwFaF9B2YfRSNMt%2FmyITQCrLJApoXBInEyOaus0i%2BI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkpnon-rZw824BHZdc-ZE1BYy6Co5_rQm5BXHtIz5S66DJIQFa_b46W9ZRqqnZG13EG0AXn1N-fkb7_G5e3HoWce09Js6Qs7_0r6cF90IeX5HMU96YNrNReKtNeWZyUsdg6e2XuW8uKRQOhHTAeKHGXm2VRYbFEjkK_YrQPk3sp34lHyeEvDQOfAWAd2ravZm9RZpHxS7QrmEqjWjzO8fx8M1Hqz4EnXS7GvfwuV93Tw5R0G4pSob6z5eNhimHdRb6OWyTyRTJC3plW4JIZOycxf77LEX-LHLz77XdrsMf3lHNVYp0inrmp6Erw88GQW8-DK6ZqZzgscwHZUkYTDgmvlxArUGgDbhqssD62UGOWDzwvOpeydZELnOjmIOioIfD4CmSu2MCzK8NDP7Vs-9kEVbksQdzgT-XvKxoEucyr8t5SLojZDWbZePuoAi_M-jOY98P_b6vYmiJY3aABKXp1KgQbdE6Mmq-20S1NT0QMGiltLVTZa-F7s0bG5kDS1WRg6rK6nwI1vFA09n_0n3CvnUgezTh8QwMiysXdBlWB7mImBqglR6PB8Z4MdGVgSNq8kIMJpIP5XvCKy0viyipfoEPU5L71J-myAb882ERE_4VyjeActw3m4mniKSwCzVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC46kfqznZNbjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6QFP0EIiS9QVx_QyWJht4w_K5ytyNAF-6GVHFBZIbsYrg5wtIpxzeaUBMn_AnkzcsVG5hQ0JxopA6QmMdneuURZZe10_vjSYmoPjbbzkfsHdECQSvQV9lPH-ASVp1eSZ18bKKavngIrpGeHnkMvaWl0djnSzBOW6lBhCgTsYCuXQgFujxjxeBZgzP5BO2CVKYjwiGp-G0ez08Yx9ZVcKW-9VvLqyf_gz9J1d8eNqw2K0vFJM_aDfrfg4VJT9kYajtQQP3-UYP3Ho4Fipi4vWLEETjL9B3hcNRR34b5oXr9uZ6re80uZQxwibIoAG_sGh2NyD3508oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_30J-szFxU1w_8KyERk-zUkQn25jQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
7e6ee90e5e70d01ed1d948c989a20b5382f94c6d01e12a4b1ecb5145b4ecdf3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
37472
expires
Tue, 30 Jul 2024 01:01:42 GMT
all
csm.us.criteo.net/ Frame 9DE8 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=3tFun3GfkQx2PfVP8HFDsUnLvNdZfxcz4Z8aS2zTZb7h7O3WNMEygrFANqsFlvIdNvBWK-NcKK9Lv7f6MuYIlBXxGXfY3fZAQka4hfPG5dJl54pVGwkxrgdNc3c3XJxyo0LiH0P7VTcG4VwGoi3aFnvG9QvTymcy4v24Ua2hoidF9W5KFgjUVWVx6vuGWzuNccNPCktUQdAb_jJEN7XArgMYYF8knNOavBl6WX9GLTLVUXQJIQ2J5lZu92KvOVCLbKq9BA&sds=2&rev=88100&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdYE0b1jAAaOkfiZbXHLgOCyRWnN7Q&u=%7CDUwFaF9B2YfRSNMt%2FmyITQCrLJApoXBInEyOaus0i%2BI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkpnon-rZw824BHZdc-ZE1BYy6Co5_rQm5BXHtIz5S66DJIQFa_b46W9ZRqqnZG13EG0AXn1N-fkb7_G5e3HoWce09Js6Qs7_0r6cF90IeX5HMU96YNrNReKtNeWZyUsdg6e2XuW8uKRQOhHTAeKHGXm2VRYbFEjkK_YrQPk3sp34lHyeEvDQOfAWAd2ravZm9RZpHxS7QrmEqjWjzO8fx8M1Hqz4EnXS7GvfwuV93Tw5R0G4pSob6z5eNhimHdRb6OWyTyRTJC3plW4JIZOycxf77LEX-LHLz77XdrsMf3lHNVYp0inrmp6Erw88GQW8-DK6ZqZzgscwHZUkYTDgmvlxArUGgDbhqssD62UGOWDzwvOpeydZELnOjmIOioIfD4CmSu2MCzK8NDP7Vs-9kEVbksQdzgT-XvKxoEucyr8t5SLojZDWbZePuoAi_M-jOY98P_b6vYmiJY3aABKXp1KgQbdE6Mmq-20S1NT0QMGiltLVTZa-F7s0bG5kDS1WRg6rK6nwI1vFA09n_0n3CvnUgezTh8QwMiysXdBlWB7mImBqglR6PB8Z4MdGVgSNq8kIMJpIP5XvCKy0viyipfoEPU5L71J-myAb882ERE_4VyjeActw3m4mniKSwCzVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC46kfqznZNbjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6QFP0EIiS9QVx_QyWJht4w_K5ytyNAF-6GVHFBZIbsYrg5wtIpxzeaUBMn_AnkzcsVG5hQ0JxopA6QmMdneuURZZe10_vjSYmoPjbbzkfsHdECQSvQV9lPH-ASVp1eSZ18bKKavngIrpGeHnkMvaWl0djnSzBOW6lBhCgTsYCuXQgFujxjxeBZgzP5BO2CVKYjwiGp-G0ez08Yx9ZVcKW-9VvLqyf_gz9J1d8eNqw2K0vFJM_aDfrfg4VJT9kYajtQQP3-UYP3Ho4Fipi4vWLEETjL9B3hcNRR34b5oXr9uZ6re80uZQxwibIoAG_sGh2NyD3508oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_30J-szFxU1w_8KyERk-zUkQn25jQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 24 Aug 2023 19:16:16 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9DE8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdYE0b1jAAaOkfiZbXHLgOCyRWnN7Q&u=%7CDUwFaF9B2YfRSNMt%2FmyITQCrLJApoXBInEyOaus0i%2BI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkpnon-rZw824BHZdc-ZE1BYy6Co5_rQm5BXHtIz5S66DJIQFa_b46W9ZRqqnZG13EG0AXn1N-fkb7_G5e3HoWce09Js6Qs7_0r6cF90IeX5HMU96YNrNReKtNeWZyUsdg6e2XuW8uKRQOhHTAeKHGXm2VRYbFEjkK_YrQPk3sp34lHyeEvDQOfAWAd2ravZm9RZpHxS7QrmEqjWjzO8fx8M1Hqz4EnXS7GvfwuV93Tw5R0G4pSob6z5eNhimHdRb6OWyTyRTJC3plW4JIZOycxf77LEX-LHLz77XdrsMf3lHNVYp0inrmp6Erw88GQW8-DK6ZqZzgscwHZUkYTDgmvlxArUGgDbhqssD62UGOWDzwvOpeydZELnOjmIOioIfD4CmSu2MCzK8NDP7Vs-9kEVbksQdzgT-XvKxoEucyr8t5SLojZDWbZePuoAi_M-jOY98P_b6vYmiJY3aABKXp1KgQbdE6Mmq-20S1NT0QMGiltLVTZa-F7s0bG5kDS1WRg6rK6nwI1vFA09n_0n3CvnUgezTh8QwMiysXdBlWB7mImBqglR6PB8Z4MdGVgSNq8kIMJpIP5XvCKy0viyipfoEPU5L71J-myAb882ERE_4VyjeActw3m4mniKSwCzVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC46kfqznZNbjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6QFP0EIiS9QVx_QyWJht4w_K5ytyNAF-6GVHFBZIbsYrg5wtIpxzeaUBMn_AnkzcsVG5hQ0JxopA6QmMdneuURZZe10_vjSYmoPjbbzkfsHdECQSvQV9lPH-ASVp1eSZ18bKKavngIrpGeHnkMvaWl0djnSzBOW6lBhCgTsYCuXQgFujxjxeBZgzP5BO2CVKYjwiGp-G0ez08Yx9ZVcKW-9VvLqyf_gz9J1d8eNqw2K0vFJM_aDfrfg4VJT9kYajtQQP3-UYP3Ho4Fipi4vWLEETjL9B3hcNRR34b5oXr9uZ6re80uZQxwibIoAG_sGh2NyD3508oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_30J-szFxU1w_8KyERk-zUkQn25jQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Aug 2024 19:16:16 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 9DE8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdYE0b1jAAaOkfiZbXHLgOCyRWnN7Q&u=%7CDUwFaF9B2YfRSNMt%2FmyITQCrLJApoXBInEyOaus0i%2BI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkpnon-rZw824BHZdc-ZE1BYy6Co5_rQm5BXHtIz5S66DJIQFa_b46W9ZRqqnZG13EG0AXn1N-fkb7_G5e3HoWce09Js6Qs7_0r6cF90IeX5HMU96YNrNReKtNeWZyUsdg6e2XuW8uKRQOhHTAeKHGXm2VRYbFEjkK_YrQPk3sp34lHyeEvDQOfAWAd2ravZm9RZpHxS7QrmEqjWjzO8fx8M1Hqz4EnXS7GvfwuV93Tw5R0G4pSob6z5eNhimHdRb6OWyTyRTJC3plW4JIZOycxf77LEX-LHLz77XdrsMf3lHNVYp0inrmp6Erw88GQW8-DK6ZqZzgscwHZUkYTDgmvlxArUGgDbhqssD62UGOWDzwvOpeydZELnOjmIOioIfD4CmSu2MCzK8NDP7Vs-9kEVbksQdzgT-XvKxoEucyr8t5SLojZDWbZePuoAi_M-jOY98P_b6vYmiJY3aABKXp1KgQbdE6Mmq-20S1NT0QMGiltLVTZa-F7s0bG5kDS1WRg6rK6nwI1vFA09n_0n3CvnUgezTh8QwMiysXdBlWB7mImBqglR6PB8Z4MdGVgSNq8kIMJpIP5XvCKy0viyipfoEPU5L71J-myAb882ERE_4VyjeActw3m4mniKSwCzVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC46kfqznZNbjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6QFP0EIiS9QVx_QyWJht4w_K5ytyNAF-6GVHFBZIbsYrg5wtIpxzeaUBMn_AnkzcsVG5hQ0JxopA6QmMdneuURZZe10_vjSYmoPjbbzkfsHdECQSvQV9lPH-ASVp1eSZ18bKKavngIrpGeHnkMvaWl0djnSzBOW6lBhCgTsYCuXQgFujxjxeBZgzP5BO2CVKYjwiGp-G0ez08Yx9ZVcKW-9VvLqyf_gz9J1d8eNqw2K0vFJM_aDfrfg4VJT9kYajtQQP3-UYP3Ho4Fipi4vWLEETjL9B3hcNRR34b5oXr9uZ6re80uZQxwibIoAG_sGh2NyD3508oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_30J-szFxU1w_8KyERk-zUkQn25jQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Aug 2024 19:16:16 GMT
cksync
cs.media.net/ Frame 4277
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzM1OTA2MTc2MTUyMzU2MjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEJ9-7_36ZW5YSGl9OV4JWoU&google_cver=1
53 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEJ9-7_36ZW5YSGl9OV4JWoU&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUB35KNQ&prvid=462%2C99%2C77%2C20000%2C313%2C359%2C319%2C294%2C460&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.77.172.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-172-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:16 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 24 Aug 2023 19:16:16 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEJ9-7_36ZW5YSGl9OV4JWoU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 4277
Redirect Chain
  • https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26ovsid%3D%7Bviewer_token%7D%26type%3Dloop
  • https://contextual.media.net/cksync.php?cs=1&ovsid=079cca8f-ca21-4704-bff9-5f4dc7ad43d9&type=loop&gdpr_consent=null&gdpr=0
53 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=079cca8f-ca21-4704-bff9-5f4dc7ad43d9&type=loop&gdpr_consent=null&gdpr=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUB35KNQ&prvid=462%2C99%2C77%2C20000%2C313%2C359%2C319%2C294%2C460&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 24 Aug 2023 19:16:17 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 24 Aug 2023 19:16:17 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=1&ovsid=079cca8f-ca21-4704-bff9-5f4dc7ad43d9&type=loop&gdpr_consent=null&gdpr=0
date
Thu, 24 Aug 2023 19:16:17 GMT
server
_
content-length
0
i.match
s.tribalfusion.com/z/ Frame FBE2
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJ_bOWOlWVFRadTY_DaxH-E&google_cver=1&google_push=AXcoOmQJg4F1PsAqBubcS9TKo1piWAZ4VVQMVxbDEIQWvXPjP3f9hrPMMl18XO6ix38g3rOhbrGYo-kTf_DvSsrXynt08jHAX8QAR...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJ_bOWOlWVFRadTY_DaxH-E&google_cver=1&google_push=AXcoOmQJg4F1PsAqBubcS9TKo1piWAZ4VVQMVxbDEIQWvXPjP3f9hrPMMl18XO6ix38g3rOhbrGYo-kTf_DvSsrXynt08jHAX8Q...
43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJ_bOWOlWVFRadTY_DaxH-E&google_cver=1&google_push=AXcoOmQJg4F1PsAqBubcS9TKo1piWAZ4VVQMVxbDEIQWvXPjP3f9hrPMMl18XO6ix38g3rOhbrGYo-kTf_DvSsrXynt08jHAX8QARAw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQJg4F1PsAqBubcS9TKo1piWAZ4VVQMVxbDEIQWvXPjP3f9hrPMMl18XO6ix38g3rOhbrGYo-kTf_DvSsrXynt08jHAX8QARAw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:17 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7fbdedc73db221c1-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:17 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
652
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJ_bOWOlWVFRadTY_DaxH-E&google_cver=1&google_push=AXcoOmQJg4F1PsAqBubcS9TKo1piWAZ4VVQMVxbDEIQWvXPjP3f9hrPMMl18XO6ix38g3rOhbrGYo-kTf_DvSsrXynt08jHAX8QARAw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQJg4F1PsAqBubcS9TKo1piWAZ4VVQMVxbDEIQWvXPjP3f9hrPMMl18XO6ix38g3rOhbrGYo-kTf_DvSsrXynt08jHAX8QARAw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7fbdedc67cb421c1-MIA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FBE2
Redirect Chain
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEEOPxWeXJNoWndJTYcVx1HE&google_cver=1&google_push=AXcoOmSI4IekZdARE-pflGZyeFn1mQZTzkpAgldNyhFGpxNzVle__co_M498Tr3cMX3Ly-p5gw0fObl4PvLizmq7UtbdeewMgZuh5g
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmSI4IekZdARE-pflGZyeFn1mQZTzkpAgldNyhFGpxNzVle__co_M498Tr3cMX3Ly-p5gw0fObl4PvLizmq7UtbdeewMgZuh5g&google_hm=UjM1Q0E1XzEwN0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmSI4IekZdARE-pflGZyeFn1mQZTzkpAgldNyhFGpxNzVle__co_M498Tr3cMX3Ly-p5gw0fObl4PvLizmq7UtbdeewMgZuh5g&google_hm=UjM1Q0E1XzEwN0VEMDI2NF8zODQzNDc2Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.80.2 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmSI4IekZdARE-pflGZyeFn1mQZTzkpAgldNyhFGpxNzVle__co_M498Tr3cMX3Ly-p5gw0fObl4PvLizmq7UtbdeewMgZuh5g&google_hm=UjM1Q0E1XzEwN0VEMDI2NF8zODQzNDc2Ng%3D%3D
Date
Thu, 24 Aug 2023 19:16:16 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-375909377; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
348
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame FBE2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOhLwxqJh3CnS0Yt9uT_lNA&google_cver=1&google_push=AXcoOmRtV0QrYS354tszyvByEh0k19WdTDMDE-hH81ycf11o5IlVKVNnb47_U1Ml1ruhOsCaB30bfzXIx2AJ1hM3TwpE...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOhLwxqJh3CnS0Yt9uT_lNA&google_cver=1&google_push=AXcoOmRtV0QrYS354tszyvByEh0k19WdTDMDE-hH81ycf11o5IlVKVNnb47_U1Ml1ruhOsCaB30bfzXIx2AJ1h...
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=021b4fa1-a022-44f4-883a-c6c6648ac39a&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRtV0QrYS354tszyvByEh0k19WdTDMDE-hH81ycf11o5IlVKVNnb47_U1Ml1ruhOsCaB30bfzXIx2AJ1hM3TwpEDtXV-2QOBYA&google_hm=WyPkL3N9TIedckJcQkQx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRtV0QrYS354tszyvByEh0k19WdTDMDE-hH81ycf11o5IlVKVNnb47_U1Ml1ruhOsCaB30bfzXIx2AJ1hM3TwpEDtXV-2QOBYA&google_hm=WyPkL3N9TIedckJcQkQxwA==
Protocol
H3
Server
142.250.80.2 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRtV0QrYS354tszyvByEh0k19WdTDMDE-hH81ycf11o5IlVKVNnb47_U1Ml1ruhOsCaB30bfzXIx2AJ1hM3TwpEDtXV-2QOBYA&google_hm=WyPkL3N9TIedckJcQkQxwA==
Date
Thu, 24 Aug 2023 19:16:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
asr
aid.send.microad.jp/g/ Frame FBE2 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEPqBVzARMgE22jB5ZE3G1tY&google_cver=1&google_push=AXcoOmQy95I4cVz1PMA2qidKHSXn-xpGtu-AaXUogp3m9SsdOK6Myi1d03Zzh40Kj81kb3lFy6ndsEbpQtbYrGcXwFtgSV7l1gmlZV0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Thu, 24 Aug 2023 19:16:17 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
usersync.aspx
dis.criteo.com/dis/ Frame FBE2 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTGKruryAfDgjdQuMC3IEasLyPoN79UzXrMXtuyjiZaAijpLkUTRZ0WLC50X2J970L5xynSmmom7v5a1gvPqy4SXZ-7DODOXj8&google_gid=CAESEG6kdl0-7vJ-hxMW6_VLa0s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:16 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
368381
expires
Thu, 24 Aug 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FBE2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKEeQ-WqcuMFczL2QYjnLQI&google_cver=1&google_push=AXcoOmSLkRtMSdqgFA8Pcil70yrPFWwlI-irEVwEhxcC9RJ9QA7Djd0eZCgZM4fvVfBiZuXlrL5phqMlDSHTxA8...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=NdFSG_awX7d9lWW1RwkgoSaEdkM&google_push=AXcoOmSLkRtMSdqgFA8Pcil70yrPFWwlI-irEVwEhxcC9RJ9QA7Djd0eZCgZM4fvVfBiZuXlrL5phqMlDSHTxA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=NdFSG_awX7d9lWW1RwkgoSaEdkM&google_push=AXcoOmSLkRtMSdqgFA8Pcil70yrPFWwlI-irEVwEhxcC9RJ9QA7Djd0eZCgZM4fvVfBiZuXlrL5phqMlDSHTxA8z481mTTkoHGykPNY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.80.2 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=NdFSG_awX7d9lWW1RwkgoSaEdkM&google_push=AXcoOmSLkRtMSdqgFA8Pcil70yrPFWwlI-irEVwEhxcC9RJ9QA7Djd0eZCgZM4fvVfBiZuXlrL5phqMlDSHTxA8z481mTTkoHGykPNY
Date
Thu, 24 Aug 2023 19:16:16 GMT
Connection
keep-alive
Content-Length
245
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame FBE2
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEKL_GqTqwx3s0Y_EfLoZ4yk&google_cver=1&google_push=AXcoOmQPpBnSCMQKO2OmwOHtlw6Pt-EKk2TDpepZdMqpGF0MzPcejpPn2...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQPpBnSCMQKO2OmwOHtlw6Pt-EKk2TDpepZdMqpGF0MzPcejpPn2panRznIPOySo-V8YBwPxYWzQri8RGDzSzdK3mZSty6GgA6F&google_hm=QlMuYWIwYS02MG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQPpBnSCMQKO2OmwOHtlw6Pt-EKk2TDpepZdMqpGF0MzPcejpPn2panRznIPOySo-V8YBwPxYWzQri8RGDzSzdK3mZSty6GgA6F&google_hm=QlMuYWIwYS02MGRlLTRjNzQtOWYzNw==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.80.2 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQPpBnSCMQKO2OmwOHtlw6Pt-EKk2TDpepZdMqpGF0MzPcejpPn2panRznIPOySo-V8YBwPxYWzQri8RGDzSzdK3mZSty6GgA6F&google_hm=QlMuYWIwYS02MGRlLTRjNzQtOWYzNw==
Date
Thu, 24 Aug 2023 19:16:17 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame FBE2 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Krrp4YrXSs_Lhzwm6B-Yx3R8HGryY3L9OKwL5EyTnWGNHGvQmGpDiIBywcSuhFnT9PIGs8jg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
bql.php
akl-navvy.media.net/ Frame 974D 		15 B
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://akl-navvy.media.net/bql.php?vgd_len=7766&&vgd_canary=0&vgd_l2type=scs_newfl&fp=3ekD0oCdsiXX8QYfcVw1TCcuHWJCJZYwivvXAHujblpN1HdYMZOXFNXEelPUVRuGHO4BAwKh0C99P-PadrEwIqtyCrsyCO-JfK78Zt1JlgcJr-SzWYy0tzAWRQUjjPqCELqH_25dLdoxQ3pEUE0VGA%3D%3D&cme=QMoBjJIXESddCw4ckYBQU9UlhhLqpEVqyM_qlMngna83-BJbvVA-B5Ka2SIBD8ooOpfEyyRoDtl7I4A3KGq9AJsh7MCUJj0s1h3Q4042ojkUcaG790LMQWSgDHKO6Hi8b6oLeKhyswTqOD4RUevIJQCmzjLiLxRwgMdB3qmRgOTcfyLEvE03KOWS6yTbvFFbG-ARsmmYpDsD8ZXs38Q4dbm46gpFxTc4SR9q06LyU2enEegJohd-olSmIxWmlQeOuCoNGJ0evw9fDYndtGrax58zajzCwBwb7W6hnM78F6gcFeDRWhqH-m8MEQjGhBbTlY6s9U7UzNT9V-jjfWr2_Q%3D%3D%7C%7CT714T4T1vOp1E-H766UiEi5DXcQy5i9uE4RwKI8IY_N0B8BqJr1mQhfk_mSz82qZKty7FcR7BbO82YALVlYRRbgC1ImdfHzNmklER9QyjxYtWgxxbajW-yS1FMkk1nRnULF3q443d0OcmdZ-fy05aTFCrsKqml8Pt67XN5GDPUH59zGMgwiT15r5d7lt_uNv4wVwro0OM_D86AoifrRPXZs08XYnDVt0d758EpHv-0fUno2VYJEJFHQBnMYF4v-xkIOgAZyBR7kWE6-gyCXtzd9nOtHoMJcu%7Cu8A6SM53vAc88tkTweBctUNP9BVFiVwB%7CYWgpX-5PZ_0ljBYcULLdDuSZDZcfMrOE%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD7NsYqeOdydfnAIVtTlYKEAbyRLYt9F2yT1Z6NjgVIoeuVmZJKbuPkh2kmCpyazwo3ZLWJ8Rz1bxsGd5H5d6IoO%7C&subBdr=196&bdrid=294&ksu=355&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Global+PEO+Service+Providers&kwt[]=391&kbc[]=1262942061&kwp[]=1&kid[]=352262035&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1597%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0003%7C8%3D082405%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.3145%7C14%3D082414%7C15%3D0%7Cr%3D1%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.564&ktd[]=4503874522251520&kwd[]=Buy+Tickets+Online&kwt[]=391&kbc[]=1262905965&kwp[]=2&kid[]=4671869&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.6828%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0007%7C8%3D082405%7C9%3D0%7C11%3D0%7C26%3D127712%7C27%3D4921%7C13%3D0.1347%7C14%3D082414%7C15%3D0%7Cr%3D2%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.564&ktd[]=4503874539028736&kwd[]=7%25+Interest+Bank+Savings+Account&kwt[]=391&kbc[]=1262905965&kwp[]=3&kid[]=351038714&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.2189%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0003%7C8%3D082405%7C9%3D0%7C11%3D0%7C26%3D99644%7C27%3D1591%7C13%3D0.2566%7C14%3D082414%7C15%3D0%7Cr%3D3%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.564&ktd[]=274894881024&kwd[]=10+Best+PEO+Services&kwt[]=391&kbc[]=1262942061&kwp[]=4&kid[]=352262032&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1271%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0004%7C8%3D082405%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.2004%7C14%3D082414%7C15%3D0%7Cr%3D4%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.564&ktd[]=4503874522251520&kwd[]=Free+Dental+Implants+for+Seniors&kwt[]=391&kbc[]=1262905965&kwp[]=5&kid[]=329795848&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.2655%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0004%7C8%3D082405%7C9%3D0%7C11%3D0%7C26%3D40841%7C27%3D491%7C13%3D0.1806%7C14%3D082414%7C15%3D0%7Cr%3D5%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.564&ktd[]=4503874522251520&kwd[]=Upcoming+2023+Concert+Tickets&kwt[]=391&kbc[]=1262905965&kwp[]=6&kid[]=351221944&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.5380%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0007%7C8%3D082405%7C9%3D0%7C11%3D0%7C26%3D63909%7C27%3D1583%7C13%3D0.0951%7C14%3D082414%7C15%3D0%7Cr%3D6%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.564&ktd[]=274894881024&kwd[]=10+Best+Toilet+Bowl+Cleaners&kwt[]=391&kbc[]=1262905965&kwp[]=7&kid[]=351074170&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1974%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0003%7C8%3D082405%7C9%3D0%7C11%3D0%7C26%3D432%7C27%3D16%7C13%3D0.2193%7C14%3D082414%7C15%3D0%7Cr%3D7%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.564&ktd[]=274894881024&kwd[]=Master+Bathroom+Remodel&kwt[]=391&kbc[]=1262905965&kwp[]=8&kid[]=18653751&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.3225%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0004%7C8%3D082405%7C9%3D0%7C11%3D0%7C26%3D112410%7C27%3D695%7C13%3D0.1743%7C14%3D082414%7C15%3D0%7Cr%3D8%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.564&ktd[]=4503874539028736&kwd[]=Make+an+Appointment+for+a+Passport&kwt[]=391&kbc[]=1262905965&kwp[]=9&kid[]=351066980&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.7030%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0005%7C8%3D082405%7C9%3D0%7C11%3D0%7C26%3D568%7C27%3D4%7C13%3D0.1273%7C14%3D082414%7C15%3D0%7Cr%3D9%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.564&ktd[]=4503874522251520&v=1&geo=40.8%7C-73.97&dlper=20&lper=100&lpid=&tsid=2&hint=&cc=US&wsip=170774786&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%2271YE1%22%2C%22QQ8E%22%3A%22f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQQN%22%3A%22sT%22%7D&cid=8CU5RJ1PV&vi=1692904576157566655&vsid=3359061761523562&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=1000&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=0&vgd_tsce=L235-S235&vgd_l3_sc=FL&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUB35KNQ&vgd_hb_audit_2=554689678&vgd_katid=808058480&vgd_katbid=-21&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_kals=ttype%3D10019%7C%7Cpt%3D1%7C%7Clmid%3Dna%7C%7Cctr%3D0.25%7C%7Crpc%3D0%7C%7Cttd%3D8&vgd_kalog=SID%3D8%7C%7CHID%3D0%7C%7CMPTD%3D640%7C%7CSI%3D3310%7C%7CTPTD%3D150457597801156056580%7C%7CMI%3D3312%7C%7CTLID%3D6%7C%7CUUID%3D2IakVHiL5VZdTDhpXC%7C%7CCI%3D3312&vgd_pdtid=1&vgd_nrrv=13350&vgd_nrrmf=1000c80a&vgd_nrrsf=scrr&vgd_cty=new+york&vgd_ifrmode=14&sttm=1692904576242&upk=1692904576.18035&hvsid=00001692904576242006462152351422&verid=3111299&sbdrId=196&tsrc=autotemplate&kafm_ull_cache=00&vgd_l1rakh=1692904576179831431&vgd_ecrid=8032948058480&vgd_isiolc=1&kbbq=%26asn%3D9009&vgd_mcf=70160&vgd_vstrid=3359061761523562&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.fh~eBMJ-Nv9.iu~e8QMQOvXhi~xLjMLEQMGvW.9h~OmYMGv9.iW~ONfvu~QNOvkj~L1Jv9%2C9~eM1Qzvi99i~OmYMjvf9~ejfLMQOvf9fA9WfH9F~8xLjMGvhuH.FH~xLjM7UNv9~xLjMLf1MGv9~Q7OvuAuH9i99AH~c0v.*eJL8.*~L17v9.999%2C9~j1Q7v~Nemyvf.9f~e8QMxLjMGv9.XH~ejfLM8MQOvf9fA9WfH9A~8Ev3mOqUEkzi5U8k1H03YQ4c~kGGv9~e8QMxLjMjv9~L88Ex1vAX%2CAX~J7vuF~LNvu~L8Qx8Ov9%2C9~ejfLM8MGv9.9u~LEQMQOvf9fA9WfHuf~e8QMGvhih.XA~L1Oev9.999%2C9~xLjMGvu.H~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvu9~QjevfW.FX~yN17vou~GGvuiF~eev9~NejfLMQOvXWf~LkevHf.Wf~jfLMGvu999~JLEYv9.fh~ejfLMxLjMUNv949~GYvu~LUJv9%2C9~L1OEv9.999%2C9~1AEMGvX.ui%2CWh.uX~Q8OvFffhXuHXX~QOvu~x8OvfV1ZE7L7jJ6aqieqey~xLjMLEQMUNv9~NejfLMGvf.9f~G7OvA9WWHFFFHuiWAAuFWu9FXWuAA9huWf99FAuFXHWfAFu9HiA99fhHfHXhuuh99AfhWH9hFfXAiAHHffAXfuF9hXXfiXh9iHhFFWAhhF9~eBxv9.iu~OfEMjvu9~Nejfvf.9f~AENkviiW.XH~x8Yv9~LU7v9.999%2C9~OYYMQ7Lyvw1LYmz5~OfEMGvu~myOfEMGv9.iW~QQvIK~NNvPb~x8Bvou~NJv9~LEQMGvWh.uX~xLjMQLEQMGvW.9h~LNevHf.Wf~%3DVvfiWi~LUBEv9.999%2C9~UGMxNvof~z7Qvf~UGMNNUQvof~c0fv.*eJL8.*~N7v71YE1~GQQMC_pvIK%2CIK~LUBOv9.999%2C9~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~0sv9~8Q8kv9~xLjMLENMGv9~G8Ov9.fh~ONvW~xLjMLEQMLev9~ejfLMGvA.Wi~NGOEv9.uXu~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvuAuH9i99AH~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.iu~EmQvu~1NM75EJvu~1OGjUvuAuH9i99AH~1YEvu~myG8Ov9.fh9~GkjLv9.9u9~Qx8Ov%3DK4b40REoiuAeqAP0%2FGsEgkoHJm~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~QmGEv9.uH~-8OvKrtoExGoh99FffX99uAi9h9h~w7Yjvu~ONx7vHX~OmyGv9ou~8GNvu~zQlvf~7yQvuf9-F99%7CuF9-F99~GQGv9~GQEv9~7Y-vfXu&vgd_bhv_kbb=1&vgd_cfud=220919&vgd_scsver=171&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=0_0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=528&vgd_ect=4g&vgd_l1cdv=1059&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=1000&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D&vgd_uspa=0&vgd_sc=FL&vgd_l1rhst=contextual.media.net&hvsid=00001692904576242006462152351422&rc=0&rand=1692904576768&acid=0b79412cb88f4d26aedbb50013559fd9&matm=1692904576768&vgd_ltimesrc=1&vgd_ltime=1011&vgd_rtime=984&vgd_etm=20&vgd_l1hcsd=Og4dd%7C5614&vgd_l1ch=1&vgd_lhl=1120&vgd_pgid=p01678499023t202308241916&vgd_csip=rtb-appnexus-6d4778956-xlcj8.SC&vgd_sbSup=0&vgd_nrrs=13350&vgd_cdv=1058&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_eadm=1&vgd_matchstr=hr%3D0%7C&vgd_end=2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2832&&kkdd=A*%7Ch%7CH*39nAu&.d=aJuYuT7gEJagEgJJJgg&xU-f=T&V_-v=T&*U.=aTgu&X_*L=BY5g&*dU=imjgl~akI&*-*U=y5Lu(W0QCaP2jexQ!DUydK%3D%3D&*fdU=JYYEga7gg&_dCL=aJTQJTT&**=jc&_*=rB&*y2V=t3lsF0o&-dU=ikF~70YiA&X-dU=PsrgAaP&yXX-_=a&fff=XClOyB*GOBuRpYphn2.*iDJ*xL_Vbbj86o~OCyOr~GOgdfUEnLvqLF(d.IGjUX9V2Uob-Xp-.n7PQC(T5x4DyK%3D%3D&2_L=g&GK=a&6xU=7&vUXa=imjn5gh0e&vUXY=gg7JiuJEi&(UvXv=_UY%3D26GGZd6fGRG%3DaTZpxLf-V%3DTwYEZ.KRLQ*%3DTwuaZ.d_R_U%3DgEuZ6fGRf-_R(%3DiwTEZUpVR(%3DTwuiZU*Y%3DaZ_*U%3DDGZfvL%3DT%2CTZ.Rv_2%3DuTTuZUpVRG%3DYTZ.GYfR_U%3DYTY5TiY7TJZd6fGR(%3DEa7wJ7Z6fGRX)*%3DTZ6fGRfYvR(%3DTZ_XU%3Da5a7TuTT57Zsk%3Dw1.Lfdw1ZfvX%3DTwTTT%2CTZGv_X%3DZ*.px%3DYwTYZ.d_R6fGR(%3DTwg7Z.GYfRdR_U%3DYTY5TiY7T5Zd-%3DopUt)-D2uW)dDv7koV_9sZD((%3DTZ.d_R6fGRG%3DTZfdd-6v%3D5g%2C5gZLX%3DaJZf*%3DaZfd_6dU%3DT%2CTZ.GYfRdR(%3DTwTaZf-_R_U%3DYTY5TiY7aYZ.d_R(%3DEuEwg5ZfvU.%3DTwTTT%2CTZ6fGR(%3Daw7Z.GYfR6fGR(%3DTZ.GYfR6fGR.d%3Da9OaJZ6fGRX.d%3DTZ6fGRG%3DaTZ_G.%3DYiwJgZx*vX%3DOaZ((%3DauJZ..%3DTZ*.GYfR_U%3DgiYZfD.%3D7YwiYZGYfR(%3DaTTTZLf-V%3DTwYEZ.GYfR6fGR)*%3DT9TZ(V%3DaZf)L%3DT%2CTZfvU-%3DTwTTT%2CTZv5-R(%3Dgwau%2CiEwagZ_dU%3DJYYEga7ggZ_U%3DaZ6dU%3DYNvA-XfXGL~Ftu.t.xZ6fGRf-_R)*%3DTZ*.GYfR(%3DYwTYZ(XU%3D5Tii7JJJ7aui55aJiaTJgia55TEaiYTTJ5aJg7iY5JaT7u5TTYE7Y7gEaaETT5YEi7TEJYg5u577YY5gYaJTEggYugETu7EJJi5EEJTZ.K6%3DTwuaZUY-RG%3DaTZ*.GY%3DYwTYZ5-*D%3Duuiwg7Z6dV%3DTZf)X%3DTwTTT%2CTZUVVR_Xfx%3DyvfVp2WZUY-R(%3DaZpxUY-R(%3DTwuiZ__%3D03Z**%3DjcZ6dK%3DOaZ*L%3DTZf-_R(%3DiEwagZ6fGR_f-_R(%3DiwTEZf*.%3D7YwiYZmN%3DYuiuZf)K-%3DTwTTT%2CTZ)(R6*%3DOYZ2X_%3DYZ)(R**)_%3DOYZskY%3Dw1.Lfdw1Z*X%3DXvV-vZ(__RhP8%3D03%2C03Zf)KU%3DTwTTT%2CTZ(v_d_Y%3DauJZ(v_d_a%3DauJZd_lLD%3DTZkr%3DTZd_dD%3DTZ6fGRf-*R(%3DTZ(dU%3DTwYEZU*%3DiZ6fGRf-_Rf.%3DTZ.GYfR(%3D5wiuZ*(U-%3DTwagaZ_U%3DaZdXW-LRdU%3DaEZ_LGGLfRXvxRdU%3Da5a7TuTT57Z_6--GWRXvxRdU%3DZULXL*XLURXvxRdU%3DZ.dLKv(dGdXW%3DTwuaZ-p_%3DaZv*RXW-L%3DaZvU(G)%3Da5a7TuTT57ZvV-%3DaZpx(dU%3DTwYETZ(DGf%3DTwTaTZ_6dU%3Dm39c9kn-Oua5.t5jkI(r-eDO7LpZUX*%3DLv_XR_*ZUVVRLf-V%3DDvG_LZUVV%3DyvfVp2WZ(U-*v-U%3DTZUvGx%3DULDv6GXZ_p(-%3DTwa7ZQdU%3D3q!O-6(OETTJYYgTTa5uTETEZyXVG%3DaZU*6X%3D7gZUpx(%3DTOaZd(*%3DaZ2_C%3DYZXx_%3DaYTQJTT%7CaJTQJTTZ(_(%3DTZ(_-%3DTZXVQ%3DYga&2X.=T&VVV=6!p_0DNq49)%3D&dK=T&d2NDf=a&(UfNU=Yu7&(dU=55Euug&V*D=ETaJT&WU_-f=a&(vL=n7vxvLCnQ0&)vX-fL=a&)v_X_=X_XW-L%3DOaT7Ti%7C%7Cx(dU%3DOa&)vX(dU=OYa&)vXdU=iTiTgi7iT&)v-*=E&)vG_=XXW-L%3DaTTau%7C%7C-X%3Da%7C%7CGVdU%3D2v%7C%7C*Xf%3DTwYg%7C%7Cf-*%3DT%7C%7CXXU%3Di&)vXv=vXp2&)vGpx=cNq%3Di%7C%7CtNq%3DT%7C%7CskPq%3DJ7T%7C%7CcN%3D55aT%7C%7CPkPq%3DagT7gEguEiTaagJTgJgiT%7C%7CsN%3D55aY%7C%7CPBNq%3DJ%7C%7CjjNq%3DYNv)ItdBgIbUPqy-!m%7C%7CmN%3D55aY&d_dU=Y&-xdU=-TaJEi7uuTY5XYTY5TiY7auaJ&__GU=%7B%22__d-%22%3A%22YTTa%3ATggT%3AaUTg%3ATTTT%3ATTTT%3ATTTT%3ATTTT%3ATTTT%22%2C%22__**%22%3A%22jc%22%2C%22___*%22%3A%22rB%22%2C%22__*XW%22%3A%22XvV-v%22%7D&yXVG_f*=a&ure=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.55.127 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.55.160.34.bc.googleusercontent.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:17 GMT
via
1.1 google
strict-transport-security
max-age=63072000
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform-Version
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Thu, 24 Aug 2023 08:44:45 GMT
generate_204
tpc.googlesyndication.com/ Frame BAEF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Q15l2A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
adview
googleads.g.doubleclick.net/pagead/ Frame 5A53 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C_HYIfqznZNbjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE5gFP0EIiS9QVx_QyWJht4w_K5ytyNAF-6GVHFBZIbsYrg5wtIpxzeaUBMn_AnkzcsVG5hQ0JxopA6QmMdneuURZZe10_vjSYmoPjbbzkfsHdECQSvQV9lPH-ASVp1eSZ18bKKavngIrpGeHnkMvaWl0djnSzBOW6lBhCgTsYCuXQgFujxjxeBZgzP5BO2CVKYjwiGp-G0ez08Yx9ZVcKW-9VvLqyf_gz9J1d8eNqw2K0vFJM_aDfrfg4VJT9kYajtQQPnec4rdoaaVhqAuZaxzuaTwh99h4jXdljnOCeZmWHxq8VBHdQBIAG_sGh2NyD3508oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03MDA2MjI1MDAxMzkwNzA3GAA&sigh=3t7KmicfUv4&uach_m=[UACH]&cid=CAQSKQBpAlJWAyQky98oSRpei8-TnuxGRbVTx9eM84vLv3gwTMiNaSx02JdYGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 24 Aug 2023 19:16:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.va.us.criteo.com/google/auction/ Frame 5A53 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kPrAF836RO0HfOIinRcCAAAATPyl6fXAbUsQfqznZI4qz5iRP0vqQ8AAABIAAAoKQVFVQkNnRUJDZw&wp=ZOesfgALcdYE0b1jAAaOkfiZbXHLgOCyRWnN7Q&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:17 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
159510
server
Kestrel
content-length
0
truncated
/ Frame 345D 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b32d11f901337dd1d10da37450eaa8f27a04046b0acee42a0133009395b1da25

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 345D 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CGQUHfqznZNXjLeP6xtYPkZ2asAO-ioKIcufmgvyhDsCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTcwMDYyMjUwMDEzOTA3MDfIAQmoAwHIAwKqBOMBT9ClIrQ5HJbyqsr2ahuQOPUcWdopbQada0K-vgALLDSndAouNfFYHmAANwyDm5XYPysdauQH3zUqk7j3yyXpjToNFLH6Pk2gLoXB8Cl9hIC4LRf6eiPoaX-p2GKhWxCRXc1ongO8OpjApn5iwINDVZBq7Uho8cCGW3QXmnRkGqVkoVfYSUzyY9x-73O7wHUDMbTTnOlh_-fykFUItVgjKnnigiF6Jbt0Ety5cPsca-CguBIOtacEatRDIism6LmwqE-FsudXb3eDqBcOsVBiFp5T0JiXVydjtZNFaT5RECW5ln-ABre1pteX1IqSSqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzAwNjIyNTAwMTM5MDcwNxgA&sigh=N_z55EAUgD8&uach_m=[UACH]&cid=CAQSKQBpAlJWAyQky98oSRpei8-TnuxGRbVTx9eM84vLv3gwTMiNaSx02JdYGAE&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 24 Aug 2023 19:16:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
log
hblg.media.net/ Frame 345D 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwaELwQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAATjI1MDMzMDA1MzQ2ODQ4XzM0NjkzNTY3MF81NTQ2ODk2NzgyMjk0MUAwYjc5NDEyY2I4OGY0ZDI2YWVkYmI1MDAxMzU1OWZkOcwESOF6FK5H0T-cB3JodHRwczovL2lyYWlkZXNvdXNhLmNvbS5ici9sb2dzL1dlbGxzdjIvVXBkYXRlL3ZlcmlmeS5waHAEVVMA6AFNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xMTAgU2FmYXJpLzUzNy4zNiRpcmFpZGVzb3VzYS5jb20uYnISOENVQjM1S05RCA4xNjB4NjAwCjAuMTUxDmVhc3Rfc2MGQURYCAhudXJsAAAAAAAAwFZA-r7Oj8ViAjEAAAAAAADwvz5ydGItYXBwbmV4dXMtNmQ0Nzc4OTU2LXhsY2o4LlNDGjgwMzI5NDgwNTg0ODACEDUzNDIwMTUyAmQC&cbvp=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.172.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-172-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:17 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 24 Aug 2023 19:16:17 GMT
log
qsearch-a.akamaihd.net/ Frame 345D 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=0b79412cb88f4d26aedbb50013559fd9&algo=default&bdp=0.2700&bidfp=0.0100&capd=0&cc=US&cid=8CUB35KNQ&crid=554689678&ct=tampa&dc=east_sc&dfpbd=0.1512&dn=iraidesousa.com.br&iwb=1&ogcbdp=0.2700&other_bids=0.14%7C0.27&other_prv=462%7C294&pbshr=100.0000&prdp=0.1512&requrl=iraidesousa.com.br%2Flogs%2Fwellsv2%2Fupdate%2Fverify.php%2F&sat=1&sc=FL&sc_pvid=294&send_erpm=true&server=1&size=160x600&strg=harmony&totalTime=3543480&ugd=4&ver=9.6.1&cliIP=0&time_stamp=2023-08-24%2019%3A16%3A14&seat=BID_API&itype=adx&req_id=cVgHPDfN-BgDtF5NN9D2ag&dfp_bucket=0.1&level_base=0&bdp_bucket=0.25&app_type=adx_test&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F116.0.5845.110%20Safari%2F537.36&br_ver=116.0.5845.110&o_ver=NT%2010.0&second_bid=0.14&second_bidder=462&model_key=generic_adx_1-cid_1&ogerpm=0.2700&ogerpm_used=false&rawbid=0.2700&totalTimeBucket=3&as_cache=1&sub_bidder=196&current_day=4.0&current_hour=18&cut=44&floor_bucket=0.00&model_version=202308231137_generic_adx_1-cid_1&erpm_bucket=0.25&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=1&viewability=0.9100&pvid_seat=294_BID_API&ckfl=0&mnckfl=0&sd=1&predicted_wr=67.8062&bdp_wider_bucket=1&adblk=1314090034&dim10=false&dmm_m9=0.0000&log_less=false&cut_bkt=45&advurl=search.yahoo.com%2F&dmm_d10=0.0000&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&e_rpm=0.0000&bdr_typ=1&url_l1=logs&url_l2=wellsv2&clisp=rtb-appnexus-6d4778956-xlcj8.SC&dmm_m1=2023-08-24%2019%3A16%3A14.911530173&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss_d1=0&ss_d2=0&dmm_m22=0.2700&adtyp=0&gpid_sent=false&pst=EMS&bcrid=8032948058480&erpm_mult=1.000000&zone=d&rc=-1&sfm_key=mowx_17_294&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=17&wsip=mowx-lite-6bc87c4bfb-hshjc&rel_cut_bkt=45&djvm=9.5.8&cbvp=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.182.27 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Aug 2023 19:16:17 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 24 Aug 2023 19:16:17 GMT
truncated
/ Frame 974D 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 974D 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 974D 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a60290dcbc400e75afedd2983ac8df0b99c0e981220970c90f979bf6c6543dbb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 974D 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
OpenSans_Bold.woff
contextual.media.net/__media__/fonts/OpenSans_Bold/ Frame 974D 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/OpenSans_Bold/OpenSans_Bold.woff
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2832&&kkdd=A*%7Ch%7CH*39nAu&.d=aJuYuT7gEJagEgJJJgg&xU-f=T&V_-v=T&*U.=aTgu&X_*L=BY5g&*dU=imjgl~akI&*-*U=y5Lu(W0QCaP2jexQ!DUydK%3D%3D&*fdU=JYYEga7gg&_dCL=aJTQJTT&**=jc&_*=rB&*y2V=t3lsF0o&-dU=ikF~70YiA&X-dU=PsrgAaP&yXX-_=a&fff=XClOyB*GOBuRpYphn2.*iDJ*xL_Vbbj86o~OCyOr~GOgdfUEnLvqLF(d.IGjUX9V2Uob-Xp-.n7PQC(T5x4DyK%3D%3D&2_L=g&GK=a&6xU=7&vUXa=imjn5gh0e&vUXY=gg7JiuJEi&(UvXv=_UY%3D26GGZd6fGRG%3DaTZpxLf-V%3DTwYEZ.KRLQ*%3DTwuaZ.d_R_U%3DgEuZ6fGRf-_R(%3DiwTEZUpVR(%3DTwuiZU*Y%3DaZ_*U%3DDGZfvL%3DT%2CTZ.Rv_2%3DuTTuZUpVRG%3DYTZ.GYfR_U%3DYTY5TiY7TJZd6fGR(%3DEa7wJ7Z6fGRX)*%3DTZ6fGRfYvR(%3DTZ_XU%3Da5a7TuTT57Zsk%3Dw1.Lfdw1ZfvX%3DTwTTT%2CTZGv_X%3DZ*.px%3DYwTYZ.d_R6fGR(%3DTwg7Z.GYfRdR_U%3DYTY5TiY7T5Zd-%3DopUt)-D2uW)dDv7koV_9sZD((%3DTZ.d_R6fGRG%3DTZfdd-6v%3D5g%2C5gZLX%3DaJZf*%3DaZfd_6dU%3DT%2CTZ.GYfRdR(%3DTwTaZf-_R_U%3DYTY5TiY7aYZ.d_R(%3DEuEwg5ZfvU.%3DTwTTT%2CTZ6fGR(%3Daw7Z.GYfR6fGR(%3DTZ.GYfR6fGR.d%3Da9OaJZ6fGRX.d%3DTZ6fGRG%3DaTZ_G.%3DYiwJgZx*vX%3DOaZ((%3DauJZ..%3DTZ*.GYfR_U%3DgiYZfD.%3D7YwiYZGYfR(%3DaTTTZLf-V%3DTwYEZ.GYfR6fGR)*%3DT9TZ(V%3DaZf)L%3DT%2CTZfvU-%3DTwTTT%2CTZv5-R(%3Dgwau%2CiEwagZ_dU%3DJYYEga7ggZ_U%3DaZ6dU%3DYNvA-XfXGL~Ftu.t.xZ6fGRf-_R)*%3DTZ*.GYfR(%3DYwTYZ(XU%3D5Tii7JJJ7aui55aJiaTJgia55TEaiYTTJ5aJg7iY5JaT7u5TTYE7Y7gEaaETT5YEi7TEJYg5u577YY5gYaJTEggYugETu7EJJi5EEJTZ.K6%3DTwuaZUY-RG%3DaTZ*.GY%3DYwTYZ5-*D%3Duuiwg7Z6dV%3DTZf)X%3DTwTTT%2CTZUVVR_Xfx%3DyvfVp2WZUY-R(%3DaZpxUY-R(%3DTwuiZ__%3D03Z**%3DjcZ6dK%3DOaZ*L%3DTZf-_R(%3DiEwagZ6fGR_f-_R(%3DiwTEZf*.%3D7YwiYZmN%3DYuiuZf)K-%3DTwTTT%2CTZ)(R6*%3DOYZ2X_%3DYZ)(R**)_%3DOYZskY%3Dw1.Lfdw1Z*X%3DXvV-vZ(__RhP8%3D03%2C03Zf)KU%3DTwTTT%2CTZ(v_d_Y%3DauJZ(v_d_a%3DauJZd_lLD%3DTZkr%3DTZd_dD%3DTZ6fGRf-*R(%3DTZ(dU%3DTwYEZU*%3DiZ6fGRf-_Rf.%3DTZ.GYfR(%3D5wiuZ*(U-%3DTwagaZ_U%3DaZdXW-LRdU%3DaEZ_LGGLfRXvxRdU%3Da5a7TuTT57Z_6--GWRXvxRdU%3DZULXL*XLURXvxRdU%3DZ.dLKv(dGdXW%3DTwuaZ-p_%3DaZv*RXW-L%3DaZvU(G)%3Da5a7TuTT57ZvV-%3DaZpx(dU%3DTwYETZ(DGf%3DTwTaTZ_6dU%3Dm39c9kn-Oua5.t5jkI(r-eDO7LpZUX*%3DLv_XR_*ZUVVRLf-V%3DDvG_LZUVV%3DyvfVp2WZ(U-*v-U%3DTZUvGx%3DULDv6GXZ_p(-%3DTwa7ZQdU%3D3q!O-6(OETTJYYgTTa5uTETEZyXVG%3DaZU*6X%3D7gZUpx(%3DTOaZd(*%3DaZ2_C%3DYZXx_%3DaYTQJTT%7CaJTQJTTZ(_(%3DTZ(_-%3DTZXVQ%3DYga&2X.=T&VVV=6!p_0DNq49)%3D&dK=T&d2NDf=a&(UfNU=Yu7&(dU=55Euug&V*D=ETaJT&WU_-f=a&(vL=n7vxvLCnQ0&)vX-fL=a&)v_X_=X_XW-L%3DOaT7Ti%7C%7Cx(dU%3DOa&)vX(dU=OYa&)vXdU=iTiTgi7iT&)v-*=E&)vG_=XXW-L%3DaTTau%7C%7C-X%3Da%7C%7CGVdU%3D2v%7C%7C*Xf%3DTwYg%7C%7Cf-*%3DT%7C%7CXXU%3Di&)vXv=vXp2&)vGpx=cNq%3Di%7C%7CtNq%3DT%7C%7CskPq%3DJ7T%7C%7CcN%3D55aT%7C%7CPkPq%3DagT7gEguEiTaagJTgJgiT%7C%7CsN%3D55aY%7C%7CPBNq%3DJ%7C%7CjjNq%3DYNv)ItdBgIbUPqy-!m%7C%7CmN%3D55aY&d_dU=Y&-xdU=-TaJEi7uuTY5XYTY5TiY7auaJ&__GU=%7B%22__d-%22%3A%22YTTa%3ATggT%3AaUTg%3ATTTT%3ATTTT%3ATTTT%3ATTTT%3ATTTT%22%2C%22__**%22%3A%22jc%22%2C%22___*%22%3A%22rB%22%2C%22__*XW%22%3A%22XvV-v%22%7D&yXVG_f*=a&ure=1
Origin
https://contextual.media.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:17 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
25720
expires
Fri, 25 Aug 2023 19:16:17 GMT
OpenSans_Semibold.woff
contextual.media.net/__media__/fonts/OpenSans_Semibold/ Frame 974D 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/OpenSans_Semibold/OpenSans_Semibold.woff
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2832&&kkdd=A*%7Ch%7CH*39nAu&.d=aJuYuT7gEJagEgJJJgg&xU-f=T&V_-v=T&*U.=aTgu&X_*L=BY5g&*dU=imjgl~akI&*-*U=y5Lu(W0QCaP2jexQ!DUydK%3D%3D&*fdU=JYYEga7gg&_dCL=aJTQJTT&**=jc&_*=rB&*y2V=t3lsF0o&-dU=ikF~70YiA&X-dU=PsrgAaP&yXX-_=a&fff=XClOyB*GOBuRpYphn2.*iDJ*xL_Vbbj86o~OCyOr~GOgdfUEnLvqLF(d.IGjUX9V2Uob-Xp-.n7PQC(T5x4DyK%3D%3D&2_L=g&GK=a&6xU=7&vUXa=imjn5gh0e&vUXY=gg7JiuJEi&(UvXv=_UY%3D26GGZd6fGRG%3DaTZpxLf-V%3DTwYEZ.KRLQ*%3DTwuaZ.d_R_U%3DgEuZ6fGRf-_R(%3DiwTEZUpVR(%3DTwuiZU*Y%3DaZ_*U%3DDGZfvL%3DT%2CTZ.Rv_2%3DuTTuZUpVRG%3DYTZ.GYfR_U%3DYTY5TiY7TJZd6fGR(%3DEa7wJ7Z6fGRX)*%3DTZ6fGRfYvR(%3DTZ_XU%3Da5a7TuTT57Zsk%3Dw1.Lfdw1ZfvX%3DTwTTT%2CTZGv_X%3DZ*.px%3DYwTYZ.d_R6fGR(%3DTwg7Z.GYfRdR_U%3DYTY5TiY7T5Zd-%3DopUt)-D2uW)dDv7koV_9sZD((%3DTZ.d_R6fGRG%3DTZfdd-6v%3D5g%2C5gZLX%3DaJZf*%3DaZfd_6dU%3DT%2CTZ.GYfRdR(%3DTwTaZf-_R_U%3DYTY5TiY7aYZ.d_R(%3DEuEwg5ZfvU.%3DTwTTT%2CTZ6fGR(%3Daw7Z.GYfR6fGR(%3DTZ.GYfR6fGR.d%3Da9OaJZ6fGRX.d%3DTZ6fGRG%3DaTZ_G.%3DYiwJgZx*vX%3DOaZ((%3DauJZ..%3DTZ*.GYfR_U%3DgiYZfD.%3D7YwiYZGYfR(%3DaTTTZLf-V%3DTwYEZ.GYfR6fGR)*%3DT9TZ(V%3DaZf)L%3DT%2CTZfvU-%3DTwTTT%2CTZv5-R(%3Dgwau%2CiEwagZ_dU%3DJYYEga7ggZ_U%3DaZ6dU%3DYNvA-XfXGL~Ftu.t.xZ6fGRf-_R)*%3DTZ*.GYfR(%3DYwTYZ(XU%3D5Tii7JJJ7aui55aJiaTJgia55TEaiYTTJ5aJg7iY5JaT7u5TTYE7Y7gEaaETT5YEi7TEJYg5u577YY5gYaJTEggYugETu7EJJi5EEJTZ.K6%3DTwuaZUY-RG%3DaTZ*.GY%3DYwTYZ5-*D%3Duuiwg7Z6dV%3DTZf)X%3DTwTTT%2CTZUVVR_Xfx%3DyvfVp2WZUY-R(%3DaZpxUY-R(%3DTwuiZ__%3D03Z**%3DjcZ6dK%3DOaZ*L%3DTZf-_R(%3DiEwagZ6fGR_f-_R(%3DiwTEZf*.%3D7YwiYZmN%3DYuiuZf)K-%3DTwTTT%2CTZ)(R6*%3DOYZ2X_%3DYZ)(R**)_%3DOYZskY%3Dw1.Lfdw1Z*X%3DXvV-vZ(__RhP8%3D03%2C03Zf)KU%3DTwTTT%2CTZ(v_d_Y%3DauJZ(v_d_a%3DauJZd_lLD%3DTZkr%3DTZd_dD%3DTZ6fGRf-*R(%3DTZ(dU%3DTwYEZU*%3DiZ6fGRf-_Rf.%3DTZ.GYfR(%3D5wiuZ*(U-%3DTwagaZ_U%3DaZdXW-LRdU%3DaEZ_LGGLfRXvxRdU%3Da5a7TuTT57Z_6--GWRXvxRdU%3DZULXL*XLURXvxRdU%3DZ.dLKv(dGdXW%3DTwuaZ-p_%3DaZv*RXW-L%3DaZvU(G)%3Da5a7TuTT57ZvV-%3DaZpx(dU%3DTwYETZ(DGf%3DTwTaTZ_6dU%3Dm39c9kn-Oua5.t5jkI(r-eDO7LpZUX*%3DLv_XR_*ZUVVRLf-V%3DDvG_LZUVV%3DyvfVp2WZ(U-*v-U%3DTZUvGx%3DULDv6GXZ_p(-%3DTwa7ZQdU%3D3q!O-6(OETTJYYgTTa5uTETEZyXVG%3DaZU*6X%3D7gZUpx(%3DTOaZd(*%3DaZ2_C%3DYZXx_%3DaYTQJTT%7CaJTQJTTZ(_(%3DTZ(_-%3DTZXVQ%3DYga&2X.=T&VVV=6!p_0DNq49)%3D&dK=T&d2NDf=a&(UfNU=Yu7&(dU=55Euug&V*D=ETaJT&WU_-f=a&(vL=n7vxvLCnQ0&)vX-fL=a&)v_X_=X_XW-L%3DOaT7Ti%7C%7Cx(dU%3DOa&)vX(dU=OYa&)vXdU=iTiTgi7iT&)v-*=E&)vG_=XXW-L%3DaTTau%7C%7C-X%3Da%7C%7CGVdU%3D2v%7C%7C*Xf%3DTwYg%7C%7Cf-*%3DT%7C%7CXXU%3Di&)vXv=vXp2&)vGpx=cNq%3Di%7C%7CtNq%3DT%7C%7CskPq%3DJ7T%7C%7CcN%3D55aT%7C%7CPkPq%3DagT7gEguEiTaagJTgJgiT%7C%7CsN%3D55aY%7C%7CPBNq%3DJ%7C%7CjjNq%3DYNv)ItdBgIbUPqy-!m%7C%7CmN%3D55aY&d_dU=Y&-xdU=-TaJEi7uuTY5XYTY5TiY7auaJ&__GU=%7B%22__d-%22%3A%22YTTa%3ATggT%3AaUTg%3ATTTT%3ATTTT%3ATTTT%3ATTTT%3ATTTT%22%2C%22__**%22%3A%22jc%22%2C%22___*%22%3A%22rB%22%2C%22__*XW%22%3A%22XvV-v%22%7D&yXVG_f*=a&ure=1
Origin
https://contextual.media.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:16:17 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
21704
expires
Fri, 25 Aug 2023 19:16:17 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5A53 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSk1i8f8zGKlGT3CjPz2I1YcRmYLencYaOunA72tQ4KOZNCSHdcGv17aqVshBuzxK1XDOaMi0ohQFG0D-QRQxOMcKLZWzUXvJrLv4&sig=Cg0ArKJSzDItAi0_Qr3TEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=723,1000,1000,1000,1000&tos=723,277,0,0,0&v=20230823&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1314090031&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692904575457&rpt=998&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230823&jk=3457457031583752&bg=!e3ileDfNAAYkVgHwBFY7ADQBe5WfODgLvSngmNmlN9GJt2AH-6-DTsdInJ6COAodS6IcYJ8_5KIAJqVYIDj1QsWTTQeRAgAAA5JSAAAADGgBB5kCs3QCB6_-YRtWYOcUTLc2PkogWzdZUbp2Wbe-SF1dC7Gr4Kp7f1Ip1498kaEF2Nf4ERUjrwTu1JXkWbemjbP33CE8BZv2fSxQoi3_9UN4xTsUGydeAmSaqTH_7ZlhiyESyL-4ofyDWZpyinyUrxyGWK78OXLX1DDor066bfgeQb3emlTxCckL5am5tbc3HoXRUpMfBP7_QiI8yfcNylNG2T7Tqkrz0ntRPSVV1P_nmoxh2fo5e3pohaUzsvndZ20Z1Ibc50UVwIZnNDURqXhcZTT6oaxr3wVwOLV--HaTOYsUqJM5KY5DrdTy5OTH2NwHRjzTjPOJGpDT02ttZydr38Fpt8f82bBS21zAz8l84httmWGLOMkGTO-OPm7VREnx__WTtfGuJEr2RssW0FJmfvB9xMBSPTocqrtPw9YxfxHjkBe75ZB_loZ5Ql_LKKMzTYbkVX5_P9iyTlRijo1BC9a3XqNq5VQks80jt1NjozvV4DNpVzyYjWjtIhjGbCpKUaX9BEIOZnvDLK8yERZzF31FxcNHrznprJu3C4lNge_dHRySIeZGKA5-1RbdH9OEQS8FwdP_ZfKwJze9UH2fyYTRZqI4IEXu2lg192V66dXX6go7W_f3hf4z_QI8sPA4aSH-pwsRuwitKYEfR2tBHnH_xddFEy8zfJEojIQSo5cWsEuso0oC0Yp_u_dSWwtPQEH-Mbi0djxUuEYl0BLs4hckfkeWMZRGmrnLafzTmkpFXcvxwqcBELHB6wA13uRdGlyKPJJP47xlhcNyNkTx2HQeB26yufLejIg3K7iM24Vlhb9J1qoCNeFjRfEMZQLUVz151zVJRnPgsiZ-tqJJMxiN_OhCYQ2GGHSGcLugZnjxYTgrGan4MK6W3UKo-Gcv-l-uJOngtIVaB7fjWRgxMgr4bM0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iraidesousa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers
all
csm.us.criteo.net/ Frame 9DE8 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=3tFun3GfkQx2PfVP8HFDsUnLvNdZfxcz4Z8aS2zTZb7h7O3WNMEygrFANqsFlvIdNvBWK-NcKK9Lv7f6MuYIlBXxGXfY3fZAQka4hfPG5dJl54pVGwkxrgdNc3c3XJxyo0LiH0P7VTcG4VwGoi3aFnvG9QvTymcy4v24Ua2hoidF9W5KFgjUVWVx6vuGWzuNccNPCktUQdAb_jJEN7XArgMYYF8knNOavBl6WX9GLTLVUXQJIQ2J5lZu92KvOVCLbKq9BA&sds=2&rev=88100&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOesfgALcdYE0b1jAAaOkfiZbXHLgOCyRWnN7Q&u=%7CDUwFaF9B2YfRSNMt%2FmyITQCrLJApoXBInEyOaus0i%2BI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkpnon-rZw824BHZdc-ZE1BYy6Co5_rQm5BXHtIz5S66DJIQFa_b46W9ZRqqnZG13EG0AXn1N-fkb7_G5e3HoWce09Js6Qs7_0r6cF90IeX5HMU96YNrNReKtNeWZyUsdg6e2XuW8uKRQOhHTAeKHGXm2VRYbFEjkK_YrQPk3sp34lHyeEvDQOfAWAd2ravZm9RZpHxS7QrmEqjWjzO8fx8M1Hqz4EnXS7GvfwuV93Tw5R0G4pSob6z5eNhimHdRb6OWyTyRTJC3plW4JIZOycxf77LEX-LHLz77XdrsMf3lHNVYp0inrmp6Erw88GQW8-DK6ZqZzgscwHZUkYTDgmvlxArUGgDbhqssD62UGOWDzwvOpeydZELnOjmIOioIfD4CmSu2MCzK8NDP7Vs-9kEVbksQdzgT-XvKxoEucyr8t5SLojZDWbZePuoAi_M-jOY98P_b6vYmiJY3aABKXp1KgQbdE6Mmq-20S1NT0QMGiltLVTZa-F7s0bG5kDS1WRg6rK6nwI1vFA09n_0n3CvnUgezTh8QwMiysXdBlWB7mImBqglR6PB8Z4MdGVgSNq8kIMJpIP5XvCKy0viyipfoEPU5L71J-myAb882ERE_4VyjeActw3m4mniKSwCzVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC46kfqznZNbjLeP6xtYPkZ2asAOcge-wXNqkqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzAwNjIyNTAwMTM5MDcwN8gBCagDAcgDAqoE6QFP0EIiS9QVx_QyWJht4w_K5ytyNAF-6GVHFBZIbsYrg5wtIpxzeaUBMn_AnkzcsVG5hQ0JxopA6QmMdneuURZZe10_vjSYmoPjbbzkfsHdECQSvQV9lPH-ASVp1eSZ18bKKavngIrpGeHnkMvaWl0djnSzBOW6lBhCgTsYCuXQgFujxjxeBZgzP5BO2CVKYjwiGp-G0ez08Yx9ZVcKW-9VvLqyf_gz9J1d8eNqw2K0vFJM_aDfrfg4VJT9kYajtQQP3-UYP3Ho4Fipi4vWLEETjL9B3hcNRR34b5oXr9uZ6re80uZQxwibIoAG_sGh2NyD3508oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_30J-szFxU1w_8KyERk-zUkQn25jQ%26client%3Dca-pub-7006225001390707%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 24 Aug 2023 19:16:17 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
bqi.php
lg3.media.net/ Frame 345D 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2458&lf=3&&vgd_hb_audit_1=8CUB35KNQ&vgd_hb_audit_2=554689678&vgd_tsce=L235&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_bid=337995&vgd_cdv=1059&vgd_cage=0&vgd_rensize=160_600&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.fh~eBMJ-Nv9.iu~e8QMQOvXhi~xLjMLEQMGvW.9h~OmYMGv9.iW~ONfvu~QNOvkj~L1Jv9%2C9~eM1Qzvi99i~OmYMjvf9~ejfLMQOvf9fA9WfH9F~8xLjMGvhuH.FH~xLjM7UNv9~xLjMLf1MGv9~Q7OvuAuH9i99AH~c0v.*eJL8.*~L17v9.999%2C9~j1Q7v~Nemyvf.9f~e8QMxLjMGv9.XH~ejfLM8MQOvf9fA9WfH9A~8Ev3mOqUEkzi5U8k1H03YQ4c~kGGv9~e8QMxLjMjv9~L88Ex1vAX%2CAX~J7vuF~LNvu~L8Qx8Ov9%2C9~ejfLM8MGv9.9u~LEQMQOvf9fA9WfHuf~e8QMGvhih.XA~L1Oev9.999%2C9~xLjMGvu.H~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvu9~QjevfW.FX~yN17vou~GGvuiF~eev9~NejfLMQOvXWf~LkevHf.Wf~jfLMGvu999~JLEYv9.fh~ejfLMxLjMUNv949~GYvu~LUJv9%2C9~L1OEv9.999%2C9~1AEMGvX.ui%2CWh.uX~Q8OvFffhXuHXX~QOvu~x8OvfV1ZE7L7jJ6aqieqey~xLjMLEQMUNv9~NejfLMGvf.9f~G7OvA9WWHFFFHuiWAAuFWu9FXWuAA9huWf99FAuFXHWfAFu9HiA99fhHfHXhuuh99AfhWH9hFfXAiAHHffAXfuF9hXXfiXh9iHhFFWAhhF9~eBxv9.iu~OfEMjvu9~Nejfvf.9f~AENkviiW.XH~x8Yv9~LU7v9.999%2C9~OYYMQ7Lyvw1LYmz5~OfEMGvu~myOfEMGv9.iW~QQvIK~NNvPb~x8Bvou~NJv9~LEQMGvWh.uX~xLjMQLEQMGvW.9h~LNevHf.Wf~%3DVvfiWi~LUBEv9.999%2C9~UGMxNvof~z7Qvf~UGMNNUQvof~c0fv.*eJL8.*~N7v71YE1~GQQMC_pvIK%2CIK~LUBOv9.999%2C9~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~0sv9~8Q8kv9~xLjMLENMGv9~G8Ov9.fh~ONvW~xLjMLEQMLev9~ejfLMGvA.Wi~NGOEv9.uXu~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvuAuH9i99AH~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.iu~EmQvu~1NM75EJvu~1OGjUvuAuH9i99AH~1YEvu~myG8Ov9.fh9~GkjLv9.9u9~Qx8Ov%3DK4b40REoiuAeqAP0%2FGsEgkoHJm~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~QmGEv9.uH~-8OvKrtoExGoh99FffX99uAi9h9h~w7Yjvu~ONx7vHX~OmyGv9ou~8GNvu~zQlvf~7yQvuf9-F99%7CuF9-F99~GQGv9~GQEv9~7Y-vfXu&vgd_lbt=1000&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU5RJ1PV&crid=622751455&rrr=tzR-hLcl-L9_o2oKBnvc8f6cgesmZZUWuYJ-zh-FJl-5ird7BeaDeObivVlUdtEmndYZptopvB4Txzb03gqfhw%3D%3D&requrl=https%3A%2F%2Firaidesousa.com.br%2F&vi=1692904576157566655&ugd=4&cc=US&sc=FL&bdrid=294&subBdr=196&startTime=1692904576227&l1ch=1&l1hcsd=l1!Og4dd|5614&mmm=uXosNfIDqEk=&buid=337995&sttm=1692904576242&upk=1692904576.18035&hvsid=00001692904576242006462152351422&acid=0b79412cb88f4d26aedbb50013559fd9&verid=3111299&infr=1&twna=1&dma=528&stime=1692904575805&tsrc=autotemplate&kafm_ull_cache=00&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1692904576179831431&vgd_sc=FL&vgd_ecrid=8032948058480&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p01678499023t202308241916&vgd_pgids=1&vgd_end=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.172.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-172-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 24 Aug 2023 19:16:18 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Thu, 24 Aug 2023 19:16:18 GMT
log
hblg.media.net/ Frame 345D 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=Ae4FMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwARAMGI3OTQxMmNiODhmNGQyNmFlZGJiNTAwMTM1NTlmZDmckv-QBMwEBFVTJGlyYWlkZXNvdXNhLmNvbS5ichI4Q1VCMzVLTlEADjE2MHg2MDAOZWFzdF9zYwQyMwZBRFgSOFBSMTEzSkdDDkJJRF9BUEkAAAIwPnJ0Yi1hcHBuZXh1cy02ZDQ3Nzg5NTYteGxjajguU0MaODAzMjk0ODA1ODQ4MAIwACIAEEVYQ0hBTkdFAgJk&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.172.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-172-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:18 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 24 Aug 2023 19:16:18 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 345D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-F8-9t41VRfFKw2FQ8Ld3xnMkhjWT2VP54f80KChercDQt3S-5fo8jM52NF_VNHtuR2IzuBoFHjAewvTaO2dcA0TFjs8xh0VOvyCf&sig=Cg0ArKJSzAOirt4TOao_EAE&id=lidar2&mcvt=1000&p=0,0,604,160&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230823&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=1314090034&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692904575778&rpt=817&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 19:16:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture string| gtm4wp_datalayer_name object| dataLayer object| _wpemojiSettings function| advanced_ads_ready object| advanced_ads_ready_queue function| $ function| jQuery function| Cookies object| pysOptions function| pys_generate_token function| getBundlePriceOnSingleProduct function| getPixelBySlag function| getUrlParameter object| pys function| gtag function| fbq function| _fbq object| dataLayer_content object| runtime object| regeneratorRuntime object| wp function| sprintf function| vsprintf object| prestoComponents object| prestoPlayer object| twentytwenty function| twentytwentyDomReady function| twentytwentyToggleAttribute function| twentytwentyMenuToggle function| twentytwentyFindParents object| advancedMatching number| timeoutDelay object| twemoji object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| GooglebQhCsO string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| google_llp object| GoogleGcLKhOms object| googletag object| google_image_requests

53 Cookies

Domain/Path Name / Value
iraidesousa.com.br/ Name: pbid
Value: d1127deab2293f9243b46d2114bb96c0960cea336c207605f49a5a5f325de27b
iraidesousa.com.br/ Name: pys_session_limit
Value: true
iraidesousa.com.br/ Name: pys_start_session
Value: true
iraidesousa.com.br/ Name: pys_first_visit
Value: true
iraidesousa.com.br/ Name: pysTrafficSource
Value: direct
iraidesousa.com.br/ Name: pys_landing_page
Value: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
iraidesousa.com.br/ Name: last_pysTrafficSource
Value: direct
iraidesousa.com.br/ Name: last_pys_landing_page
Value: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
iraidesousa.com.br/ Name: _fbp
Value: fb.1.1692904573870.3582662995
.iraidesousa.com.br/ Name: _gcl_au
Value: 1.1.763497265.1692904574
.iraidesousa.com.br/ Name: _ga_CNJKP478XS
Value: GS1.1.1692904574.1.0.1692904574.60.0.0
.iraidesousa.com.br/ Name: _ga_L981X73TSS
Value: GS1.1.1692904574.1.0.1692904574.60.0.0
.iraidesousa.com.br/ Name: _ga
Value: GA1.3.217701084.1692904575
.iraidesousa.com.br/ Name: _gid
Value: GA1.3.1017767096.1692904575
.iraidesousa.com.br/ Name: _gat_gtag_UA_249563276_1
Value: 1
.iraidesousa.com.br/ Name: __gads
Value: ID=4066e6116228f9db-2204d39ab3e3001b:T=1692904574:RT=1692904574:S=ALNI_MZaALa8DK7WwosfGJip7tuQrFEm9A
.iraidesousa.com.br/ Name: __gpi
Value: UID=00000d8d8eed6f32:T=1692904574:RT=1692904574:S=ALNI_MYw554uAcVbBlpIFfIyohbd3TxaHQ
.doubleclick.net/ Name: IDE
Value: AHWqTUnHOEBgLWsgBOTIy45p1beRIoV7UwtapfmBFb-_1vLdrND5eqgct1FRRIHNhFg
.turn.com/ Name: uid
Value: 3092868505512734496
.acuityplatform.com/ Name: auid
Value: 818280282682
.linkedin.com/ Name: bcookie
Value: "v=2&b70a6412-5c8b-4fa8-84a1-befc396b3c0d"
.linkedin.com/ Name: lidc
Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2998:u=1:x=1:i=1692904576:t=1692990976:v=2:sig=AQFaxbBQPEOyTahtnDSGMmH-Gh7g0JOh"
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 67750caf-9931-41a3-b9e5-4bdbc6a84b35
beacon.lynx.cognitivlabs.com/ Name: ss
Value: MMe5MYbU3Q0FxTSQ7NXgTQ9FcfWqRAM93bRMRZgQS8unkK9sx0NcZbq7JnRgqBgNmUqJ%2F0qZ6792o9DgDuzSjA%3D%3D
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-35d1521b-f6b0-5fb7-7d95-65b5470920a1.HIRTD9gMs93M9a28vDFs9mEEgDOE7%2FR8YC0gtMHQy7U
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-35d1521b-f6b0-5fb7-7d95-65b5470920a1.HIRTD9gMs93M9a28vDFs9mEEgDOE7%2FR8YC0gtMHQy7U
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ANdFSG_awX7d9lWW1RwkgoSaEdkM.yHf4PAncx22XeHFj7ki2eihMdqit4jSA3UDJckjpRRw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ANdFSG_awX7d9lWW1RwkgoSaEdkM.yHf4PAncx22XeHFj7ki2eihMdqit4jSA3UDJckjpRRw
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAglnDqoqNSVMcOT8pUWkn8WcZZEjkHedCR__vb3PH7QEHwYBCCA2Z6nBjABOgT88vAPQgTJzJvh.fQ8Oa2sfnUlj7KjXCfi%2FoNFHMGCFOeRWLH2v4A4FM1s
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAglnDqoqNSVMcOT8pUWkn8WcZZEjkHedCR__vb3PH7QEHwYBCCA2Z6nBjABOgT88vAPQgTJzJvh.fQ8Oa2sfnUlj7KjXCfi%2FoNFHMGCFOeRWLH2v4A4FM1s
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRQofHSSWmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUUKHx0klo90aGlyZFBhcnR5VXNlcklkWkNBRVNFUF9pd1g1TGVjTVp3NlRzQWpVaEhFY/v7hnZlcnNpb27C+w=="
.dotomi.com/ Name: DotomiTest
Value: 3f0a39b02b7e1a17
fksnk.com/ Name: AWSALBCORS
Value: ok6Aa7E59zJrcqGRcORBxlGc9VL+tRod2pkd/iLOQDFPJ+A4BC6lasjamK1SlOGN1BOpQ41MzgTIRjNMS6Yfd1iYkXlWPzBzRKGKhgKAXN6To73OLjzg6Ch3i25h
.fksnk.com/ Name: f_001
Value: 3AEA5B71DA903CE4
.fksnk.com/ Name: g_001
Value: 1
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA129fNLj88N1jVLT640Lc1wCjNxjvIo8g3iNTSzNLI0MDE1NzMyN37FiMoHAD29-0o9AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjIxMDA2MzAwNDQxNrUwMrYwMxfiM9Q1ygxOygh0sgh1DgsDAGmGZ38lAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjIxMDA2MzAwNDQxNrUwMrYwMxfiM9Q1ygxOygh0sgh1DgsDAGmGZ38lAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA129fNLj88N1jVLT640Lc1wCjNxjvIo8gUAKRfNeh4AAAA
.quantserve.com/ Name: d
Value: EFUBCQHkKYEA
.quantserve.com/ Name: mc
Value: 64e7ac80-42bc9-d71d8-3c918
.uuidksinc.net/ Name: jcsuuid
Value: kF6n9zy7WTbXHBbs50Vs
.media.net/ Name: visitor-id
Value: 3359061761523562000V10
.media.net/ Name: data-g
Value: CAESEJ9-7_36ZW5YSGl9OV4JWoU~~6
.bidswitch.net/ Name: tuuid
Value: 5b23e42f-737d-4c87-9d72-425c424431c0
.bidswitch.net/ Name: c
Value: 1692904577
.bidswitch.net/ Name: tuuid_lu
Value: 1692904577
.mxptint.net/ Name: mxpim
Value: R35CA5_107ED0264_38434766.1.64E7AC81
.csync.loopme.me/ Name: viewer_token
Value: 079cca8f-ca21-4704-bff9-5f4dc7ad43d9
.tribalfusion.com/ Name: ANON_ID
Value: a4ntuJSZdIijSTnMSXONpaR0efYAG3k7MXf8Nh9WtvlZcU7K4DswQbESnRvBIUx9HWy89y4NEhtF2p7UhTI8c4Zc0Ia
.media.net/ Name: data-lop
Value: 079cca8f-ca21-4704-bff9-5f4dc7ad43d9~~1
ads.avct.cloud/ Name: uuid
Value: 021b4fa1-a022-44f4-883a-c6c6648ac39a
.send.microad.jp/ Name: TR
Value: a02aef0b3f0aaf7b7803e7dad1dea2e9db2aed3bccfe50b8

3 Console Messages

Source Level URL
Text
network error URL: https://iraidesousa.com.br/logs/Wellsv2/Update/verify.php
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1(Line 20)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEFtmbS3cKpox93q_6nHw1FM&google_cver=1&google_push=AXcoOmRZSAlw8fbYijB1SclJLOt5jojgPibRbToRhJJKPxehv8sywgvs3sy4m53mr7uodMKMM64OJY1keFLOZmMyCIGJrGJ1DK3Z1uc
Message:
Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
a.tribalfusion.com
ad.turn.com
ads.avct.cloud
ads.us.criteo.com
aep.mxptint.net
aid.send.microad.jp
ajax.googleapis.com
akl-navvy.media.net
analytics.google.com
beacon.lynx.cognitivlabs.com
cat.va.us.criteo.com
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
cs.media.net
csm.us.criteo.net
csync.loopme.me
dclk-match.dotomi.com
dis.criteo.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hblg.media.net
im.bluevoox.com
imageproxy.us.criteo.net
iraidesousa.com.br
lg3.media.net
pagead2.googlesyndication.com
partner.googleadservices.com
px.ads.linkedin.com
qsearch-a.akamaihd.net
r.turn.com
rtb.va.us.criteo.com
s.tribalfusion.com
s.uuidksinc.net
static.criteo.net
stats.g.doubleclick.net
sync-dmp.mobtrakk.com
sync.srv.stackadapt.com
tpc.googlesyndication.com
ums.acuityplatform.com
warp.media.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.117.182.27
142.250.80.2
142.251.40.226
18.211.192.157
192.185.177.61
199.38.167.131
202.233.84.1
23.52.163.93
23.77.172.28
2606:4700::6812:19ad
2606:ae80:1471:1a::1370
2607:f8b0:4004:c08::9d
2607:f8b0:4006:807::200a
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80f::200a
2607:f8b0:4006:80f::200e
2607:f8b0:4006:816::2004
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81f::2001
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::2003
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::2002
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::9
2620:112:f002:bbbb::21
2620:116:800b:21:1456:d0e1:7db4:a56b
2620:1ec:21::14
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:600::485
3.135.132.32
31.220.27.135
34.160.55.127
35.211.178.172
35.214.155.115
38.68.201.140
52.206.103.177
52.45.175.185
52.71.215.87
52.71.238.40
69.90.254.78
74.119.119.147
74.119.119.150
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07
1fe8620c5e443ea8949c20eb522bd89739d22b5de895494724bbb432f17078a0
20548389ff56f97ddc71b7a67cd3dbbedb0c7721c2db642b9949df68cdca9891
2356df0f2c923f55f1047118d2b7d67548f9a924f41a7d650c5ddb5fdf8edf69
23f7f399c7c27a71b7cb3a319f25502cd992ec72307ce2c2fd136b92471933c6
294f511f9b91f1c2a849ed8704c2d7e677fa566ecdb641693f452a36a5f44755
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
34468a240693cda78a94ab4ea4ddc9f605947ccbd50970afb135ebd9e8234905
353e17abf25c7dbf22619f4e4fef805bf0b968ac89af146343561746fd1b4d40
37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa
3a6e534ba6c925e8646018b5b7133e0e42fa33c8d67bd104e7b0f2521bcdf595
43a1639e9c2a26251797c2f35727aee7a8f9ba2b8468b9e7d621a88fc0915489
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51b0666e8acb6f6722ce116f670d1b0a8216515122a68333e841bff36697d32d
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5d690fc05671f14c75a2edd50d0e1b93ce5cc30e65cc208eb5515e6bfa783350
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6a3f5452d7dcf38ed3fba5d6462476445c26231c1425be79a41bf14b65a49011
6a9c7d809cf7886b0418e90771e5cb9b0d04c7fa4da523ca397698c3a4b4de86
6b704b39a9f5af802b9f557ac41a5f4ff660494f79d0bc7df96095f89bc509a1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fb04468aecb8e05d49bda01bb3f2548d43430e26cf71fc766fa59c04a972995
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73bb16d91c22da6203031bbb8abb319d861bc294248fc7c149aefdf67c3e70ab
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
798b20dc2614306e1247389c0662c71780b1e889162d07b63407fe974c7f7819
7e6ee90e5e70d01ed1d948c989a20b5382f94c6d01e12a4b1ecb5145b4ecdf3d
8631189ca38e73206e52ed06e8f0f3b2e839b9facc236b9519b9fd8d7f8d63e2
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
94627793540e9cee039c3a3ea69e2d8f08d4dea1b76ea697fe0a9a8f0ad31d38
956c08f48af5065c53950fd966240dac21c7ad14f225e9e7fb2570e53bd7e06b
972341a5962040766949a0ab1517e1e9e02137e793c80ca98994b8f8e66c1189
994ec583b9551d2a3a15e2520cd5e37249a170c046ca88108d2c3e1445f633f4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a35eb283f9c673160f8b6f352e3c12a3800843fec81f03d2942aa267dc1052c2
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a5fcb880d5f3956ab4a1a0fa69311c0d124a41c86db52cb96524d799e4bf644a
a60290dcbc400e75afedd2983ac8df0b99c0e981220970c90f979bf6c6543dbb
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ad6c6b06a15e87306e7aef2a7a3105acb6ffb927e6cf30e0d1b95ae8e3b0a75f
af56f9a97ba9853d88e0dc672d67e32e3ff2f829df312625ef64a878f8632cf2
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b32d11f901337dd1d10da37450eaa8f27a04046b0acee42a0133009395b1da25
b75edb1970d8496cecc8b67b9e78a8d9f39147c9f031c2a32e5589ba718ed2a1
b99dc75119f62db24faeee8cb147fab00d5966b561d1804334a01affc4cb79f8
bd1067b51242ae77f16016b624d12f34bd0b18cae8cae828a3db174bb1d65895
bf5e825625d9e4f1a93db56ad5e488b6c48b7406b24ac58698e05566d0340b6a
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
d2b6e8e72bc82a0b1134c4d767ec29f0b567d6d19268c19c110593e3535561ee
d53721f43880bf72af389755a24c4da9f0ad7f4f700672daa73c9a44918e1986
d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f
d94a4b3a36115b4bd8da5f452aaf76ab66217bc07499c2e838239a585cdd79cf
daafe34c8c72998c966de267fa24fb5345c04349a37a896aa553287b630e2bff
db6b3c4981004beba1b0ef887106b75b9f86ece94ac7d58fc4609fdce201033d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df6144f556b1a041f7d67bd6ce5e899d814d8357fd6da9680f46d6b3591d353d
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e03c2df7ef439d2708bbc168a21c0a00da63e5664d286120c994c39644addd03
e20207d99d72bcf152629cb030d2293727b79169b1b9445025d5ede5ba749ae9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef620b01b8627349f17be8559276b127293de81c1b8a9f6e5cce6b6e1a3c0340
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f900c92e15525208a986ca0f69cb73bb1e2c99db70c9c8d6b6041ae5255ac987
fbd62dc59a698f8af8ad6ad03ac7d01c0160e879761e68b8de1b2004f572a45f
fe820a214b804aacb3a07caad48cd948878cfbeef9089680f99e8037e5153ad6
ffe894f0b96b4663c3e50d90cc93d2a99e2d2fb8e1aa87be6a9fd8a6be9dfad4