Submitted URL: http://www.vivendobauru.com.br/
Effective URL: https://www.vivendobauru.com.br/
Submission: On August 26 via manual from CA — Scanned from NL

Summary

This website contacted 34 IPs in 8 countries across 23 domains to perform 81 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.vivendobauru.com.br.
TLS certificate: Issued by E1 on August 8th 2022. Valid for: 3 months.
This is the only time www.vivendobauru.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 185.177.92.147 39572 (ADVANCEDH...)
1 2600:9000:206... 16509 (AMAZON-02)
2 2600:9000:206... 16509 (AMAZON-02)
1 4 2a02:6b8::1:119 208722 (GLOBAL_DC)
6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 147.75.85.234 54825 (PACKET)
2 185.184.8.90 204995 (RTB-HOUSE...)
2 178.250.0.165 44788 (ASN-CRITE...)
4 212.77.99.29 12827 (WIRTUALNA...)
4 51.89.9.251 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:ff0:1234... 41494 (INTERLAN)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 178.250.2.146 44788 (ASN-CRITE...)
1 35.71.131.137 16509 (AMAZON-02)
2 212.77.98.32 12827 (WIRTUALNA...)
81 34
Apex Domain
Subdomains
Transfer
14 googlesyndication.com
89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
76 KB
11 vivendobauru.com.br
www.vivendobauru.com.br
159 KB
9 gstatic.com
www.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
csi.gstatic.com
fonts.gstatic.com
148 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 759
gum.criteo.com — Cisco Umbrella Rank: 407
mug.criteo.com — Cisco Umbrella Rank: 2790
10 KB
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
193 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
740 B
4 wp.pl
ssp.wp.pl — Cisco Umbrella Rank: 7896
1014 B
4 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3880
72 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
2 KB
3 optad360.io
cmp.optad360.io — Cisco Umbrella Rank: 47240
get.optad360.io — Cisco Umbrella Rank: 27697
587 KB
2 wpcdn.pl
std.wpcdn.pl — Cisco Umbrella Rank: 8352
32 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 655
56 KB
2 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6497
370 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1232
441 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2218
24 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 371
396 B
1 googlevideo.com
rr6---sn-pouxga5o-vu2s.googlevideo.com — Cisco Umbrella Rank: 646312
691 KB
1 ytimg.com
i1.ytimg.com — Cisco Umbrella Rank: 1443
17 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194
44 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
1 KB
1 google.nl
adservice.google.nl — Cisco Umbrella Rank: 14414
792 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 422
2 KB
1 di10.biz
di10.biz
15 KB
81 23
Domain Requested by
11 www.vivendobauru.com.br 1 redirects www.vivendobauru.com.br
7 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
6 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
4 gum.criteo.com 2 redirects static.criteo.net
4 onetag-sys.com get.optad360.io
4 ssp.wp.pl get.optad360.io
4 mc.yandex.ru 1 redirects www.vivendobauru.com.br
3 mug.criteo.com
3 www.gstatic.com 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
2 std.wpcdn.pl ssp.wp.pl
2 static.criteo.net get.optad360.io
static.criteo.net
2 csi.gstatic.com www.gstatic.com
2 www.google.com tpc.googlesyndication.com
89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
2 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 bidder.criteo.com get.optad360.io
2 prebid-eu.creativecdn.com get.optad360.io
2 prebid.a-mo.net get.optad360.io
2 script.4dex.io get.optad360.io
script.4dex.io
2 get.optad360.io www.vivendobauru.com.br
get.optad360.io
1 match.adsrvr.org get.optad360.io
1 fonts.gstatic.com fonts.googleapis.com
1 rr6---sn-pouxga5o-vu2s.googlevideo.com 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
1 i1.ytimg.com 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
1 encrypted-tbn3.gstatic.com 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
1 encrypted-tbn1.gstatic.com 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
1 encrypted-tbn2.gstatic.com 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
1 www.googletagservices.com 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
1 fonts.googleapis.com 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.nl securepubads.g.doubleclick.net
1 cdn.jsdelivr.net get.optad360.io
1 cmp.optad360.io www.vivendobauru.com.br
1 di10.biz www.vivendobauru.com.br
81 34

This site contains links to these domains. Also see Links.

Domain
www.optad360.com
themezee.com
Subject Issuer Validity Valid
*.vivendobauru.com.br
E1
2022-08-08 -
2022-11-06
3 months crt.sh
0.di09.biz
R3
2022-08-02 -
2022-10-31
3 months crt.sh
*.optad360.io
Amazon
2021-11-17 -
2022-12-15
a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2022-05-21 -
2022-10-31
5 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-02 -
2023-06-01
a year crt.sh
*.a-mo.net
R3
2022-07-04 -
2022-10-02
3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-17 -
2023-04-12
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-15 -
2022-09-18
3 months crt.sh
*.wp.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-10 -
2023-03-15
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
*.google.nl
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.google.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
www.google.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.googlevideo.com
GTS CA 1C3
2022-08-16 -
2022-10-25
2 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-21 -
2022-09-23
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.wpcdn.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-05-13 -
2023-05-15
a year crt.sh

This page contains 11 frames:

Primary Page: https://www.vivendobauru.com.br/
Frame ID: E43DF3C6E5B06713400DCCA7E1441771
Requests: 44 HTTP requests in this frame

Frame: https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E9AF1E03BF92F84B69910566704BFC71
Requests: 1 HTTP requests in this frame

Frame: https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9FA81B1909A9EE0E84462497DC2463E5
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A386BEE4D6C4B3D35F35AC8307A4B06B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4DE45E0B54085776848E07A5FC279BEC
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.vivendobauru.com.br
Frame ID: 3088E4542F9ACDD2668C38F526FFDBC4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Frame ID: 348FBA87CFDBFA00B662CE2E03D0BFAC
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: A20B0EE4BB4A0D35EDCFE486CECBE300
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1661543109102&gdpr=0
Frame ID: 2B9D7DABA898A1910B8FC6560828468B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1661543109103&gdpr=0
Frame ID: 32183CBAD482BBF18E306A57032B178D
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: D3C1A6E9FAB4AAF9AE05C278F11CC966
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

vivendobauru.com.br - Biblioteca de respostas a perguntas

Page URL History Show full URLs

  1. http://www.vivendobauru.com.br/ HTTP 301
    https://www.vivendobauru.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

81
Requests

96 %
HTTPS

73 %
IPv6

23
Domains

34
Subdomains

34
IPs

8
Countries

2128 kB
Transfer

3585 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.vivendobauru.com.br/ HTTP 301
    https://www.vivendobauru.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://mc.yandex.ru/watch/87548442?wmode=7&page-url=https%3A%2F%2Fwww.vivendobauru.com.br%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A302%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A323487656819%3Ahid%3A658789452%3Az%3A0%3Ai%3A20220826194508%3Aet%3A1661543109%3Ac%3A1%3Arn%3A931335481%3Arqn%3A1%3Au%3A166154310962400551%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661543108189%3Ads%3A0%2C57%2C75%2C1%2C85%2C0%2C%2C71%2C0%2C%2C%2C%2C290%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661543109%3At%3Avivendobauru.com.br%20-%20Biblioteca%20de%20respostas%20a%20perguntas&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/87548442/1?wmode=7&page-url=https%3A%2F%2Fwww.vivendobauru.com.br%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A302%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A323487656819%3Ahid%3A658789452%3Az%3A0%3Ai%3A20220826194508%3Aet%3A1661543109%3Ac%3A1%3Arn%3A931335481%3Arqn%3A1%3Au%3A166154310962400551%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661543108189%3Ads%3A0%2C57%2C75%2C1%2C85%2C0%2C%2C71%2C0%2C%2C%2C%2C290%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661543109%3At%3Avivendobauru.com.br%20-%20Biblioteca%20de%20respostas%20a%20perguntas&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Request Chain 67
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=vivendobauru.com.br&sn=ChromeSyncframe&so=0&topUrl=www.vivendobauru.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=mrDCGXxiaTY4dHhiQm91OStmVzBNSDA1OFMyT240MGdpcEVHUDdzaEJxMEIxcTcyMlNwMDl5ZWJ3Z1QyZmNRWEhWUk9tSHlJell1T2FmR0tjS3A5N3cvcllLb0VwcjZ4MUJCZUM5MVhVUGVlQTFySzBIdkxVbDVOVWh3NDVra2g1TzcvNVZJaUhhY1E3RUU0UjM4eWVGdHlWcjA3dS9BNlc1bDNVNTBoWEdQT2M5d2M1TkhoNVNzVndVVVIwckpETGh6MzFWUlVDWG9adWZlQmY5OTEyYk05Tnkva0pPeW92NSttcGNqYnhsbDF6YUxTTGFVM0RJeXhQbVo4MkJQejBPVHJZVGFFVXpWeklCVXFUQ2c3RlBCUHlxcG1xb25RYng1T0pMQTk1akFXTFl3bz18&cppv=2
Request Chain 72
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.vivendobauru.com.br%2F&domain=www.vivendobauru.com.br&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=mUfjcXwxUGk2aC9iQ0FYV05oNFRNNW11UjV4WXZZUUNVakg4RWMrWHVRMnIrb2Urb0V2NmgzRDlqSWtwSFNGck5YWENEYUxkaVVCa2pyM0lrVnQ1WFFaTkdoR0RESkpOalZrRHVPTnR5M0FNS0s4SDZnZTZKaWZ3VEJRQmEvcit0VmNtdEFPd2RyQWNLZHd1ZkJ6VnQzejBRdGNybkZMN3JuZzVOSFBQZUNFYTFRRzRSU1JmaUErVDdlQnJzdlZZU085UXhwdysrZjBIWGlpRzR6a0hSVnM4WURJdEpEdGJjTjUxRnJQdmtseVNyQVpnazNOb1pFMGJZZlpuMWZJdG1VdDhtTXZESENISDI1aTRKeU9YQldjYjNiMUx0bm9pV2hlZjVFVG54K0pJOG5NWT18&cppv=2

81 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.vivendobauru.com.br/
Redirect Chain
  • http://www.vivendobauru.com.br/
  • https://www.vivendobauru.com.br/
41 KB
7 KB
Document
General
Full URL
https://www.vivendobauru.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1686090e2b5f4a5892f208198670fd0672f0449c0e130169e2052f6b56413174

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
740f10eb2944b894-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 26 Aug 2022 19:45:08 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nam8H31MPu2ZeccWci9J9QKF5U34L1kRElXdmRET3GzeCJRj5FNaubnhi730ZKtQvMLWtcOK5mRscidz889jp9b4YBmXVb38w2qYgsjDHgnu9pJgOAgrudYy7k1MvIBYEFta%2BcfbxyGAT%2FS0%2B3Jc4RO4zgyBJg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Cookie

Redirect headers

CF-RAY
740f10ea8f1841a8-AMS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 26 Aug 2022 19:45:08 GMT
Expires
Fri, 26 Aug 2022 20:45:08 GMT
Location
https://www.vivendobauru.com.br/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWidj%2Fk67WjCKa4P8R%2FZCIAo9C60VjaAWc%2FBT8NPFCEXdprcdX1hCSWjXoe3qss2jO4oYbI3GcYrFhNlzrDk3lfutNd%2FmHu%2BfjVMhNSKokylJ9ClJOBz%2B8SPsQl6ys5wJLKvGXI4yoiEeJl%2FCeJiLDStdQMbVA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
30a1ed848514797b7b0c406216873522.css
www.vivendobauru.com.br/wp-content/fonts/
9 KB
1 KB
Stylesheet
General
Full URL
https://www.vivendobauru.com.br/wp-content/fonts/30a1ed848514797b7b0c406216873522.css?ver=20201110
Requested by
Host: www.vivendobauru.com.br
URL: https://www.vivendobauru.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d61e629c4fb08e8034550d028523cf4544bfe6ad6f8eaba617c14c2f02d1e61

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1407793
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 07 Apr 2022 12:45:31 GMT
server
cloudflare
etag
W/"624edceb-22af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWcVcPK8AdA%2B5N9tH8NJEO1qwRFS0dmSV3I4KCZ9Pj1eJWygY%2FkrA8ubWDKL%2BCYEysq66iy3dkgMEyHq5cw1JPxZKPMu9vRLabC5Fv6ghAb5AnRDbngneEMbAB9qvYkuXedf1VONFCLdeZHgaBJllEkX8j555Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
740f10ebaa62b894-AMS
expires
Thu, 10 Aug 2023 12:41:55 GMT
style.min.css
www.vivendobauru.com.br/wp-includes/css/dist/block-library/
81 KB
12 KB
Stylesheet
General
Full URL
https://www.vivendobauru.com.br/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by
Host: www.vivendobauru.com.br
URL: https://www.vivendobauru.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1407793
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 07 Apr 2022 12:46:30 GMT
server
cloudflare
etag
W/"624edd26-145db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sP5MD9XvNknz2pub3XjDxFd54n5FCBf0oIMSuENt2dImSRgxpjGusI%2FNQpsR7U3y3O5wC0hetV7bL%2Fv%2BQ6LU8VDg14y2%2BsQXcXpR60gMKcxu837AoPQvzSsCJWM3amreG1zKes1zDEiFVwBSfaCL7Wjj54jrBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
740f10ebaa66b894-AMS
expires
Thu, 10 Aug 2023 12:41:55 GMT
style.css
www.vivendobauru.com.br/wp-content/themes/dynamico/
89 KB
15 KB
Stylesheet
General
Full URL
https://www.vivendobauru.com.br/wp-content/themes/dynamico/style.css?ver=1.0.7
Requested by
Host: www.vivendobauru.com.br
URL: https://www.vivendobauru.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2acaf3a9e50a42005c8b2c5601c7a6abcbf143002b40edc38a6d572faf7a769

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1407793
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 13 Feb 2022 16:16:26 GMT
server
cloudflare
etag
W/"62092eda-163a9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ykdRH4EAw1Xr8LapQOakXtmv4%2FOuN6870lu%2BtqCi3akq0zp14V2oKnwNztRfns9DUde6uWQt7vm5plOunkZNI5rJEglqi8HVyhrEPSzagnVzBJ1%2FQPQQdZg%2FkSxEWCDgjOjI3iH2s4hhSGT8DES3NXlRwF%2BEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
740f10ebaa6db894-AMS
expires
Thu, 10 Aug 2023 12:41:55 GMT
svgxuse.min.js
www.vivendobauru.com.br/wp-content/themes/dynamico/assets/js/
3 KB
2 KB
Script
General
Full URL
https://www.vivendobauru.com.br/wp-content/themes/dynamico/assets/js/svgxuse.min.js?ver=1.2.6
Requested by
Host: www.vivendobauru.com.br
URL: https://www.vivendobauru.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb16e51480f1812bba39f47a4dd2e154767356b870f1e5e2564f0f462f40098f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1407793
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 13 Feb 2022 16:16:26 GMT
server
cloudflare
etag
W/"62092eda-b6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MoJ9eOap2Aw2VvzXJbmpHX1Vrp458Hz8qX8qx70P10CfqW%2FkJBf365acV63UuuEhv57s%2FV80jrmH1hD%2Bind0das7TEhJH616F2gYTZcBzJksvDkTmH4PD4TVKPz6y93p1KKZxsG132%2BBDl%2BKmsP8rXKbDDcENw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
740f10ebaa6fb894-AMS
expires
Thu, 10 Aug 2023 12:41:55 GMT
/
di10.biz/
14 KB
15 KB
Script
General
Full URL
https://di10.biz/?te=myyteodbgm5ha3ddf43domru
Requested by
Host: www.vivendobauru.com.br
URL: https://www.vivendobauru.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.92.147 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-92-147.ah-server.com
Software
nginx /
Resource Hash
1e994421dd7e49d9978e8e3f2ccbb26178146a72ec77740ac9a022144993c4b5
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 26 Aug 2022 19:45:08 GMT
server
nginx
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
74fb6603-59ee-477b-bb37-933fd8e64933.min.js
cmp.optad360.io/items/
497 B
851 B
Script
General
Full URL
https://cmp.optad360.io/items/74fb6603-59ee-477b-bb37-933fd8e64933.min.js
Requested by
Host: www.vivendobauru.com.br
URL: https://www.vivendobauru.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c200:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 01:15:34 GMT
via
1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 08:54:56 GMT
server
AmazonS3
age
66575
etag
"7acdc116a0830ba0aef5e087010246ba"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
497
x-amz-cf-id
1bsNVT2sOY4TJrp30-YlBEBGv9qQjQPkmQI6pdnDT0sCkhv_-5y5Fw==
plugin.min.js
get.optad360.io/sf/46e3fc0a-f5b7-4ef0-a428-4acfd3789e04/
273 KB
58 KB
Script
General
Full URL
https://get.optad360.io/sf/46e3fc0a-f5b7-4ef0-a428-4acfd3789e04/plugin.min.js
Requested by
Host: www.vivendobauru.com.br
URL: https://www.vivendobauru.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9200:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e83c57242b8a8653e9950fc3d2b4ce5a541b86c2aafcbfa222977a06a5201538

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:09 GMT
content-encoding
gzip
last-modified
Mon, 20 Jun 2022 15:00:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"c2ffc10288ef5e76fc1cbe9deff656ff"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-id
84_LbTJIRk1_Iq72hYlA2SFePYwHIBcEBcmJSDnBQ1lKRh0wk75c5w==
wp-emoji-release.min.js
www.vivendobauru.com.br/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://www.vivendobauru.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by
Host: www.vivendobauru.com.br
URL: https://www.vivendobauru.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1407793
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 12 Feb 2022 15:15:02 GMT
server
cloudflare
etag
W/"6207cef6-4705"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyPgrnhUp6GlkWsavY8v6b2ejcsXT3RhlWA49kLWyulddWnPcJwqPRmueRf8RBb%2BnR%2FnfFZs%2BVL%2Faw%2FcQIPnDkde4PHpb%2B2tuPhUhLM2z1PymNf%2Fgk%2BeUe0irbde4ff9lxOm4o3Xyfwe2gPq%2BqhXwAVsI%2BoDww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
740f10ebfb00b894-AMS
expires
Thu, 10 Aug 2023 12:41:55 GMT
4iCs6KVjbNBYlgoKfw72.woff2
www.vivendobauru.com.br/wp-content/fonts/ubuntu/
34 KB
35 KB
Font
General
Full URL
https://www.vivendobauru.com.br/wp-content/fonts/ubuntu/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: www.vivendobauru.com.br
URL: https://www.vivendobauru.com.br/wp-content/fonts/30a1ed848514797b7b0c406216873522.css?ver=20201110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Request headers

Referer
https://www.vivendobauru.com.br/wp-content/fonts/30a1ed848514797b7b0c406216873522.css?ver=20201110
Origin
https://www.vivendobauru.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:08 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 13 Feb 2022 16:21:24 GMT
server
cloudflare
etag
"62093004-8824"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwG44o8aubcJ%2Bugr8pD4qThoEdi7Me8PY11f%2BPy86bpblAgbST2eqirHVk9wJZxHpIcwdTsIPW3L%2B57v%2BWIX8cmLInhs4GxEgVc6uz4Wj%2FehelnjtnVsPRUSiLMxJcE8Odwfosb%2BJ2gj2a%2F4Hbmw3G9DGFhpIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
740f10ebfb0fb894-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34852
_Xmr-H4zszafZw3A-KPSZut9wQiR.woff2
www.vivendobauru.com.br/wp-content/fonts/francois-one/
17 KB
17 KB
Font
General
Full URL
https://www.vivendobauru.com.br/wp-content/fonts/francois-one/_Xmr-H4zszafZw3A-KPSZut9wQiR.woff2
Requested by
Host: www.vivendobauru.com.br
URL: https://www.vivendobauru.com.br/wp-content/fonts/30a1ed848514797b7b0c406216873522.css?ver=20201110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0bd96d397412285e6de03d4b9a8168c61b6f6968776382dc0e7c83d269b88dd

Request headers

Referer
https://www.vivendobauru.com.br/wp-content/fonts/30a1ed848514797b7b0c406216873522.css?ver=20201110
Origin
https://www.vivendobauru.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5415
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16912
last-modified
Sun, 13 Feb 2022 16:21:23 GMT
server
cloudflare
etag
"62093003-4210"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSrUkZk8NbNydy29UnEJZ5wSWyEEkNcvqPXD185Usj%2FfbG57RFURJE1yAqI4l1E2eZavQjlaK1AzIjvdDsW0YmYGFocraxCfAPCsP%2Bfxt%2BaFh3iPK0g1cGTJex5R%2FyS8POy%2FjJFTAphtX%2B8GcxG5n8wANZG3Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
740f10ebfb11b894-AMS
4iCu6KVjbNBYlgoKej70l0k.woff2
www.vivendobauru.com.br/wp-content/fonts/ubuntu/
36 KB
36 KB
Font
General
Full URL
https://www.vivendobauru.com.br/wp-content/fonts/ubuntu/4iCu6KVjbNBYlgoKej70l0k.woff2
Requested by
Host: www.vivendobauru.com.br
URL: https://www.vivendobauru.com.br/wp-content/fonts/30a1ed848514797b7b0c406216873522.css?ver=20201110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af186659e415490e7eee1bd3c8d511771dbd3e03ddbebf6b6a5096ac8ba29449

Request headers

Referer
https://www.vivendobauru.com.br/wp-content/fonts/30a1ed848514797b7b0c406216873522.css?ver=20201110
Origin
https://www.vivendobauru.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:08 GMT
cf-cache-status
MISS
last-modified
Sun, 13 Feb 2022 16:21:24 GMT
server
cloudflare
etag
"62093004-8ed4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sCKds6Fuz2YhqX47pegH4iKbMZV9JjRi7SRL6HUe5a657hA4AG4UAF9PfoA5U%2BpM159v%2B2DogqCQ1Ak2FulvFdWomImUph2xKjqfoZKCWKCBF7SaQbPoGezm%2BnpzFiCvB5urG2rFoUfPAPpg8CiWkZnUyiB5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
740f10ebfb13b894-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36564
tag.js
mc.yandex.ru/metrika/
205 KB
71 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.vivendobauru.com.br
URL: https://www.vivendobauru.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
4325463d5c17aebbc147fb20c300203304a6d06cbe4d8bfbff402ef6a9a5c8cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:08 GMT
content-encoding
br
last-modified
Thu, 25 Aug 2022 15:41:08 GMT
etag
"63076de4-11931"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
71985
expires
Fri, 26 Aug 2022 20:45:08 GMT
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
www.vivendobauru.com.br/wp-content/fonts/ubuntu/
29 KB
30 KB
Font
General
Full URL
https://www.vivendobauru.com.br/wp-content/fonts/ubuntu/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: www.vivendobauru.com.br
URL: https://www.vivendobauru.com.br/wp-content/fonts/30a1ed848514797b7b0c406216873522.css?ver=20201110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Request headers

Referer
https://www.vivendobauru.com.br/wp-content/fonts/30a1ed848514797b7b0c406216873522.css?ver=20201110
Origin
https://www.vivendobauru.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5415
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29752
last-modified
Sun, 13 Feb 2022 16:21:25 GMT
server
cloudflare
etag
"62093005-7438"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMa7E1M4k7LFkfZo6JfS0Nn4K5iAnl6PaNxK6gJRQWhVLw7V5XCgGhau0COWlhthi2a%2Bz2Zi7RaTR%2BXuBHUBz2maJaOpcSWHgIfeLvd4rOuioOd1H6hBEr2JnLw%2F6LhCQn0k%2BdlIjMoz0ujS13Q15xbbXmRotg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
740f10ec1fa9b8ba-AMS
gpt.js
securepubads.g.doubleclick.net/tag/js/
83 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/46e3fc0a-f5b7-4ef0-a428-4acfd3789e04/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
548f0eedda64e6a2d698edfec2bf0b8a9b7b1b0d9f12b117a575202ddac6d687
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28605
x-xss-protection
0
server
sffe
etag
"1315 / 82 of 1000 / last-modified: 1661512052"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Aug 2022 19:45:08 GMT
prebid6.13.0.js
get.optad360.io/sf/
527 KB
528 KB
Script
General
Full URL
https://get.optad360.io/sf/prebid6.13.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/46e3fc0a-f5b7-4ef0-a428-4acfd3789e04/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9200:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
710bf3b3a54e164c3bde1c64dd239d2e8cafb6277fecfcfff4bda901d81d377b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 22:53:49 GMT
via
1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
last-modified
Wed, 02 Mar 2022 11:37:42 GMT
server
AmazonS3
age
3185480
etag
"9880469287264dec1b2db80d6f0c4c98"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
539768
x-amz-cf-id
LK1sexN0j9uYaEywrjv73oI0DjCAukPKUOXaY0V8JpxJChttko8U8A==
1
mc.yandex.ru/watch/87548442/
Redirect Chain
  • https://mc.yandex.ru/watch/87548442?wmode=7&page-url=https%3A%2F%2Fwww.vivendobauru.com.br%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A302%3Afu%3A0%3Aen%3A...
  • https://mc.yandex.ru/watch/87548442/1?wmode=7&page-url=https%3A%2F%2Fwww.vivendobauru.com.br%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A302%3Afu%3A0%3Aen%...
331 B
413 B
XHR
General
Full URL
https://mc.yandex.ru/watch/87548442/1?wmode=7&page-url=https%3A%2F%2Fwww.vivendobauru.com.br%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A302%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A323487656819%3Ahid%3A658789452%3Az%3A0%3Ai%3A20220826194508%3Aet%3A1661543109%3Ac%3A1%3Arn%3A931335481%3Arqn%3A1%3Au%3A166154310962400551%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661543108189%3Ads%3A0%2C57%2C75%2C1%2C85%2C0%2C%2C71%2C0%2C%2C%2C%2C290%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661543109%3At%3Avivendobauru.com.br%20-%20Biblioteca%20de%20respostas%20a%20perguntas&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Requested by
Host: www.vivendobauru.com.br
URL: https://www.vivendobauru.com.br/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8902f39511563a66abb6358437ee6c4762acec8dbefd1ef53797a7b15417dfb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Aug 2022 19:45:08 GMT
x-content-type-options
nosniff
last-modified
Fri, 26-Aug-2022 19:45:08 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.vivendobauru.com.br
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Fri, 26-Aug-2022 19:45:08 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Aug 2022 19:45:08 GMT
last-modified
Fri, 26-Aug-2022 19:45:08 GMT
location
/watch/87548442/1?wmode=7&page-url=https%3A%2F%2Fwww.vivendobauru.com.br%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A302%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A323487656819%3Ahid%3A658789452%3Az%3A0%3Ai%3A20220826194508%3Aet%3A1661543109%3Ac%3A1%3Arn%3A931335481%3Arqn%3A1%3Au%3A166154310962400551%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661543108189%3Ads%3A0%2C57%2C75%2C1%2C85%2C0%2C%2C71%2C0%2C%2C%2C%2C290%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661543109%3At%3Avivendobauru.com.br%20-%20Biblioteca%20de%20respostas%20a%20perguntas&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.vivendobauru.com.br
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 26-Aug-2022 19:45:08 GMT
advert.gif
mc.yandex.ru/metrika/
43 B
136 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: www.vivendobauru.com.br
URL: https://www.vivendobauru.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:08 GMT
last-modified
Thu, 25 Aug 2022 15:42:57 GMT
etag
"63076e51-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 26 Aug 2022 20:45:08 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220826
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c03afe161b10b51214f2528481a2d43a401b5df3a5597613e4212348309b8eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.vivendobauru.com.br/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 26 Aug 2022 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
17050
x-jsd-version
1.0.1444
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19144-FRA, cache-itm18848-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"665-s3IXjRy+ej4RLkZJmAwTYJE3iCw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWGFfNzarl12LTFtSFwzKUWirPjAKLW5whrLE%2BytpIU1Ujc0%2BB4%2BsPvJn6Gr%2FVnf2qzzwEpDOYKThiYb13YtmPIyCi4scUFk4evccfEfE5LRS%2BSH333cONlr1Kh%2Fi2LlG%2Bv5J8j4RiRa5uXRudk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
740f10ef8f9ab778-AMS
access-control-expose-headers
*
localstore.js
script.4dex.io/
483 B
943 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1496194
x-amz-request-id
tx71de9a623ae143c39231a-00629f978d
x-amz-id-2
tx71de9a623ae143c39231a-00629f978d
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1B2%2FxsSax7locZMYJZLOt4ez0jKEDCJJW9mSBObZ4ujJBdzKh%2FZS2ObMLUlse6A3p4fIzSH9ysggQpuI67weDCNLcU2g8Q%2FflHjDn%2FL0IMLGRsyeDzdGhQ%2BLUo4NQktnEQA9ScXX7kYN8u3G"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1652176652152482
cf-ray
740f10efa832b8ca-AMS
c
prebid.a-mo.net/a/
0
283 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vivendobauru.com.br/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.vivendobauru.com.br
date
Fri, 26 Aug 2022 19:45:08 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
42
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
185 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vivendobauru.com.br/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.vivendobauru.com.br
date
Fri, 26 Aug 2022 19:45:09 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/
0
224 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.13.0&cb=55411327048
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.vivendobauru.com.br/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 26 Aug 2022 19:45:08 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.vivendobauru.com.br
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
/
ssp.wp.pl/bidder/
0
229 B
XHR
General
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.13.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vivendobauru.com.br/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 26 Aug 2022 19:45:09 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://www.vivendobauru.com.br
access-control-allow-credentials
true
uber-trace-id
0000000000000000f2c1f9e325b03435:d71e7bb46b19e614:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
prebid-request
onetag-sys.com/
15 B
370 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.vivendobauru.com.br/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.vivendobauru.com.br
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
185 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vivendobauru.com.br/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.vivendobauru.com.br
date
Fri, 26 Aug 2022 19:45:09 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/
0
225 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.13.0&cb=12898081223
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.vivendobauru.com.br/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 26 Aug 2022 19:45:08 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.vivendobauru.com.br
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid-request
onetag-sys.com/
15 B
370 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.vivendobauru.com.br/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.vivendobauru.com.br
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/
0
158 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vivendobauru.com.br/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.vivendobauru.com.br
date
Fri, 26 Aug 2022 19:45:09 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
60
vary
origin, Accept-Encoding
/
ssp.wp.pl/bidder/
0
56 B
XHR
General
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.13.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vivendobauru.com.br/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 26 Aug 2022 19:45:09 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://www.vivendobauru.com.br
access-control-allow-credentials
true
uber-trace-id
0000000000000000f9281183da3139b2:66f7ce9022325e0c:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
pubads_impl_2022082202.js
securepubads.g.doubleclick.net/gpt/
384 KB
131 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07572f31a00b1843fc6d9a1eb3155eaf2a46089213d6740f302cf34f83738040
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:42:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133587
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 21:21:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 26 Aug 2023 19:42:27 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
87 B
106 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.vivendobauru.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5ef40c1fb83845fa32788976916255228d0d5e3f95a7f5dd84f9457d4c59e97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Aug 2022 19:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81
x-xss-protection
0
expires
Fri, 26 Aug 2022 19:45:09 GMT
adagio.js
script.4dex.io/
72 KB
23 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
171029
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx9bbc90b2aa47495b92de5-0062a04ef1
x-amz-id-2
tx9bbc90b2aa47495b92de5-0062a04ef1
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xuyRNipFppNkuQqLz1j9vq9qtApFKE2ZbnZXu72goQr9JnTSg5dXkTBSvMWTtZJp7XKlCUVKw65nVlJOBosmsXDw%2Fd68mF4UR3BehABhkTwF7wPlM4vb3SFH5pt20rzI0i8WUeeDlKQAf7l8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
740f10f03fa0b8a6-AMS
access-control-allow-headers
Authorization
integrator.js
adservice.google.nl/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=www.vivendobauru.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Aug 2022 19:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.vivendobauru.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Aug 2022 19:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
99 KB
33 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=127967635178947&correlator=2569197072476975&eid=21065724&output=ldjh&gdfp_req=1&vrg=2022082202&ptt=17&impl=fif&iu_parts=121764058%3A22563361973%2Cvivendobauru.com.br_o3b_display_float_o3b&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=1&adks=350279326&sfv=1-0-38&fsapi=false&cust_params=pubcid%3Dcfced352-7abe-4054-a67f-1335c854f486&sc=1&cookie_enabled=1&abxe=1&dt=1661543109228&lmt=1661543109&dlt=1661543108410&idt=789&adxs=1124&adys=1479&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.vivendobauru.com.br%2F&frm=20&vis=1&psz=0x-1&msz=300x-1&fws=132&ohw=1340&ga_vid=209762925.1661543109&ga_sid=1661543109&ga_hid=938129114&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a96ae083e6d9e97d919248f91dbd238ebfc901b8b7c0e68d6c685852567d035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34211
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.vivendobauru.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
463 B
283 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=127967635178947&correlator=2569197072476975&eid=21065724&output=ldjh&gdfp_req=1&vrg=2022082202&ptt=17&impl=fif&iu_parts=121764058%3A22563361973%2Cvivendobauru.com.br_o3b_display_adi_o3b_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x300%7C970x90%7C750x300&ifi=2&adks=2316211481&sfv=1-0-38&fsapi=false&cust_params=pubcid%3Dcfced352-7abe-4054-a67f-1335c854f486&sc=1&cookie_enabled=1&abxe=1&dt=1661543109236&lmt=1661543109&dlt=1661543108410&idt=789&adxs=315&adys=183&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.vivendobauru.com.br%2F&frm=20&vis=1&psz=0x-1&msz=970x-1&fws=644&ohw=1340&ga_vid=209762925.1661543109&ga_sid=1661543109&ga_hid=938129114&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
24e24023c3a1884f356473b97dca966a8091dffee581de3916183b93a66bce25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
253
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.vivendobauru.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E9AF
6 KB
4 KB
Document
General
Full URL
https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vivendobauru.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 Aug 2022 19:45:09 GMT
expires
Sat, 26 Aug 2023 19:45:09 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082202&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea7871850f61d9fbeaa8adae980c60045d253ffea0f786911fbc134e8110a887
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Aug 2022 19:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11162
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 26 Aug 2022 19:45:09 GMT
container.html
89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9FA8
6 KB
3 KB
Document
General
Full URL
https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vivendobauru.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 Aug 2022 19:45:09 GMT
expires
Sat, 26 Aug 2023 19:45:09 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A386
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vivendobauru.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
5728
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 Aug 2022 18:09:41 GMT
expires
Sat, 26 Aug 2023 18:09:41 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4DE4
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
316ed6dcf1f70f783d3eb12316e4a3b0d5993d439e6a6ec35dd7f8df43fa1b3f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Bsu1I5vLbjnpwJ6wJgb-eA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.vivendobauru.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-Bsu1I5vLbjnpwJ6wJgb-eA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 26 Aug 2022 19:45:09 GMT
expires
Fri, 26 Aug 2022 19:45:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
11ba241b9597ec96a8a9e01db4cce1e1.js
www.gstatic.com/mysidia/ Frame 9FA8
10 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/11ba241b9597ec96a8a9e01db4cce1e1.js?tag=client_fast_engine_2019
Requested by
Host: 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
URL: https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75626d2a6383bfdad3b92c86ae0623790fbe692e880b315cd06bfaa1d249f9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 03:43:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4562
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 19:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 03:43:50 GMT
120dba6b59d2f966bd44cf141203e8a0.js
www.gstatic.com/mysidia/ Frame 9FA8
150 KB
56 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/120dba6b59d2f966bd44cf141203e8a0.js?tag=gpa/dynamic_fig_web_banner_v2
Requested by
Host: 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
URL: https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d644294233adb479cce7d6390b93dc5ae6fe97f8cad88596d5208942aee6b3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 23:01:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
161029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57108
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 19:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 23:01:20 GMT
css
fonts.googleapis.com/ Frame 9FA8
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Requested by
Host: 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
URL: https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ea2171f1cfa3fba1737d38126a0f074577b73ff01493fcf8a9d4e362bb2a232
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 19:11:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 26 Aug 2022 19:45:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Aug 2022 19:45:09 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 9FA8
2 KB
902 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
URL: https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:39:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Sep 2022 19:39:28 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 9FA8
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js
Requested by
Host: 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
URL: https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:29:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
940
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Sep 2022 19:29:29 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 9FA8
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js
Requested by
Host: 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
URL: https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:40:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
263
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Sep 2022 19:40:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9FA8
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
URL: https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 26 Aug 2022 19:45:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 9FA8
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
URL: https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:40:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
306
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Sep 2022 19:40:03 GMT
l
www.google.com/ads/measurement/ Frame 9FA8
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaToNDXZrizW35DusNiFsEqHZHG_rJtd8BdmNQ1XAfd_srKrX81K2mFvR8HlebR_BrCpQek2LJqcHu-5troicFRUWTWn8g
Requested by
Host: 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
URL: https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

e3ca5db921b3b46420ba257a4c2f6b26.js
www.gstatic.com/mysidia/ Frame 9FA8
33 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
URL: https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 22:40:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13683
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 19:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 22:40:08 GMT
oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
pagead2.googlesyndication.com/bg/ Frame A386
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 07:13:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
217898
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Aug 2023 07:13:31 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4DE4
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082202&jk=127967635178947&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

shopping
encrypted-tbn2.gstatic.com/ Frame 9FA8
19 KB
19 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQrcgZV2QFQcc_8AFPoioOTxH0tVv1ojmfsmQtnIBxzyTGHBy3WEjDhCptbKw&usqp=CAI
Requested by
Host: 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
URL: https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f77c20b6869b696fe3415200077fe4a9d1609a15023e39818992312199feb101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 12:05:49 GMT
x-content-type-options
nosniff
age
27561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19319
x-xss-protection
0
last-modified
Thu, 15 Oct 2020 15:31:49 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 26 Aug 2023 12:05:49 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 9FA8
26 KB
27 KB
Image
General
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTP0naATVPLUjm1B6CHniKY6j-CbSD93RxziGTavAEA8SzBEjEK5sbLHxw3RA&usqp=CAI
Requested by
Host: 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
URL: https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8bde6806d2fda126457fb62e4a0ef21fa264460c26b1390005fa616b4f56e31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 14:10:32 GMT
x-content-type-options
nosniff
age
20078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26631
x-xss-protection
0
last-modified
Fri, 16 Oct 2020 23:10:47 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 26 Aug 2023 14:10:32 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 9FA8
9 KB
10 KB
Image
General
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTPa3zzQHCO1m96mlH8hXF4jJzY-bGYERc8A8r9jmBCFL36Rb4&usqp=CAI
Requested by
Host: 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
URL: https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c523daf93e079ac37b4c92b150ef687ff24764fb4bca01961994189ae773a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 21:22:21 GMT
x-content-type-options
nosniff
age
166969
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9139
x-xss-protection
0
last-modified
Mon, 19 Jul 2021 08:42:57 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 24 Aug 2023 21:22:21 GMT
csi
csi.gstatic.com/ Frame 9FA8
0
327 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l7avv8t7&c=8013040256046&slotId=4006520128023&qqid=CJLqvLai5fkCFYvVdwodL4QAGA&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/120dba6b59d2f966bd44cf141203e8a0.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Aug 2022 19:45:10 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hq1.jpg
i1.ytimg.com/vi/8Ce-HYBE_l0/ Frame 9FA8
16 KB
17 KB
Image
General
Full URL
https://i1.ytimg.com/vi/8Ce-HYBE_l0/hq1.jpg
Requested by
Host: 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
URL: https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2911ccd48b305adcb3c6e4eb24e52c94efe53b876b556d6e06ffd7fe7e1ca572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:43:00 GMT
x-content-type-options
nosniff
age
130
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16543
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 26 Aug 2022 21:43:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9FA8
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CxH9KxSIJY9LzEour3wOviILAAcD5nehrnbbKjpsQ_sz7upcyEAEgqoDDImCRhKCFjBigAey3ldYDyAEJqQLXwHIlf86wPuACAKgDAcgDywSqBJ4CT9BAW0Os6mGJewv86KcNJ104YG19br8cPyc2TGKf3ue5xyq1RMVM-TWe8zL5mV08K4V3Yl2DmdqIQb5iJOKUETxjULnd-dtarKl0_j7kB6Bpbv2oP0siN0S-2IfJ0od60rF_RmRBLQn9awFP4vEU-viqI3le7yNCNp2Ch-jTSBTEmeWHXXMTlXa8-IQQjGyrQeaTSIuXkpkNbxnEelQOZmcRQfVGoZvtPIOHw6BkvyO6Bp3jtgSW_M9Y6hiHxHbRFtH-t86AYZNemA4ePTsT1LsK5dSQZ4sZdZJSIPRRUi_K0roITbv1Z8eE3UlVsX9RLgXBbL93JyTQs8QRYGpcr-8k3326eBHvNbrzNyuK_Y8VLsceJk2dH1rh748RssAEvarSo4oE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_zH6imoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQxZwL0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDyAsB2BML0BUBmBYBgBcBshceChwIABIUcHViLTU1MTIzOTA3MDUxMzc1MDcYku8h&sigh=s0a9ZWLhRFs&uach_m=[UACH]&template_id=499
Requested by
Host: 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
URL: https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

videoplayback
rr6---sn-pouxga5o-vu2s.googlevideo.com/ Frame 9FA8
690 KB
691 KB
Media
General
Full URL
https://rr6---sn-pouxga5o-vu2s.googlevideo.com/videoplayback?expire=1661571909&ei=xSIJY9K8I5ypx_APyd-9yA4&ip=2a00:1630:2:1c02::10&id=f027be1d8044fe5d&itag=18&source=youtube&requiressl=yes&mh=nM&mm=31&mn=sn-pouxga5o-vu2s&ms=au&mv=m&mvi=6&pcm2cms=yes&pl=32&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.232&lmt=1658508067841392&mt=1661542871&txp=6210224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgcuOT9lMRqt009Md7pk7K22Xeu863xcoOQ4KL5hvWpQECIFxrVsfmi861tBvJXmmgc7OsTgbBXWjUI6UVeH37LIZc&lsparams=mh,mm,mn,ms,mv,mvi,pcm2cms,pl&lsig=AG3C_xAwRAIgaFQ71AwzELWQqPvGoIbSJfAlVnWlsqqFoXwjtEXOohgCIG01sXVrETzIJXg4kmx79aiZIlnLHbzyNpDe25ghPTkY&cpn=0ax-8SzoP3fgPigY
Requested by
Host: 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
URL: https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:ff0:1234:3::11 , Romania, ASN41494 (INTERLAN, RO),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
645dcac7f36e9647d2d0a743cf748a53a6e6cb596860bf0cc3f6f1c914fdb237
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 26 Aug 2022 19:45:10 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 22 Jul 2022 16:41:07 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-707053/707054
Cache-Control
private, max-age=28499
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
707054
Expires
Fri, 26 Aug 2022 19:45:10 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:10 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 27 Aug 2022 19:45:10 GMT
truncated
/ Frame 9FA8
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83f745707f17f1a62333ca5368c1b1ac895ef537fa99bb0d573c8d4fabad21b3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 9FA8
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d524bfae27e5abd09253fc0750d127771c61bf3b8aad0ea5c23db7b0148a23f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 20:35:41 GMT
x-content-type-options
nosniff
age
169769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17204
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:04:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Aug 2023 20:35:41 GMT
generate_204
tpc.googlesyndication.com/ Frame A386
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?mhddhg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
syncframe
gum.criteo.com/ Frame 3088
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.vivendobauru.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.vivendobauru.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 26 Aug 2022 19:45:10 GMT
server-processing-duration-in-ticks
2166
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/
87 KB
28 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:10 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:20:45 GMT
server
nginx
etag
W/"62fb454d-15cfe"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 27 Aug 2022 19:45:10 GMT
sid
mug.criteo.com/ Frame 3088
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=vivendobauru.com.br&sn=ChromeSyncframe&so=0&topUrl=www.vivendobauru.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=mrDCGXxiaTY4dHhiQm91OStmVzBNSDA1OFMyT240MGdpcEVHUDdzaEJxMEIxcTcyMlNwMDl5ZWJ3Z1QyZmNRWEhWUk9tSHlJell1T2FmR0tjS3A5N3cvcllLb0VwcjZ4MUJCZUM5MVhVUGVlQTFySzBIdkxVbDVOVWh3ND...
454 B
654 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=mrDCGXxiaTY4dHhiQm91OStmVzBNSDA1OFMyT240MGdpcEVHUDdzaEJxMEIxcTcyMlNwMDl5ZWJ3Z1QyZmNRWEhWUk9tSHlJell1T2FmR0tjS3A5N3cvcllLb0VwcjZ4MUJCZUM5MVhVUGVlQTFySzBIdkxVbDVOVWh3NDVra2g1TzcvNVZJaUhhY1E3RUU0UjM4eWVGdHlWcjA3dS9BNlc1bDNVNTBoWEdQT2M5d2M1TkhoNVNzVndVVVIwckpETGh6MzFWUlVDWG9adWZlQmY5OTEyYk05Tnkva0pPeW92NSttcGNqYnhsbDF6YUxTTGFVM0RJeXhQbVo4MkJQejBPVHJZVGFFVXpWeklCVXFUQ2c3RlBCUHlxcG1xb25RYng1T0pMQTk1akFXTFl3bz18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
c6ca53faa87d7774fb7fb26c81c9e0fb9b04f2b8d0c60ad44e85993d21a1810b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Aug 2022 19:45:09 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3665
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 26 Aug 2022 19:45:10 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=mrDCGXxiaTY4dHhiQm91OStmVzBNSDA1OFMyT240MGdpcEVHUDdzaEJxMEIxcTcyMlNwMDl5ZWJ3Z1QyZmNRWEhWUk9tSHlJell1T2FmR0tjS3A5N3cvcllLb0VwcjZ4MUJCZUM5MVhVUGVlQTFySzBIdkxVbDVOVWh3NDVra2g1TzcvNVZJaUhhY1E3RUU0UjM4eWVGdHlWcjA3dS9BNlc1bDNVNTBoWEdQT2M5d2M1TkhoNVNzVndVVVIwckpETGh6MzFWUlVDWG9adWZlQmY5OTEyYk05Tnkva0pPeW92NSttcGNqYnhsbDF6YUxTTGFVM0RJeXhQbVo4MkJQejBPVHJZVGFFVXpWeklCVXFUQ2c3RlBCUHlxcG1xb25RYng1T0pMQTk1akFXTFl3bz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
547638
content-length
0
expires
0
oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
pagead2.googlesyndication.com/bg/ Frame 348F
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Requested by
Host: 89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
URL: https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 07:13:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
217899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Aug 2023 07:13:31 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082202&jk=127967635178947&bg=!7e6l7qrNAAYUOm8VNDo7ACkAdvg8Wti1xw2qoRx-7xfBxDtkb1gbhwDSfS6ujD0D0T0RMgnxoEEeDgIAAACOUgAAAAJoAQeZAuPF6-g6Ux1cNAwwWQYhSpBWJn7k9Du427f54q2J84JhwI4nsGc6n1rp-ffqtslPljnxhCKVen1NICM0yvwLbJMghTvr0HxljsdRrzOVLf4qPNrOZafcJAf3ADvtl2QrBDzInMn4bIhF0-FuJJb8zAonUwv2XUOZwSTj7bgo7dYgGeydLUIJ8Q5vj6jrOwN50qgYrRuHix1Xh4jXI2WDJAcuXpjUQCCpFy5UGL0zpY3VM-vD0bqJFpt9MenfvPgNzkLDQL02aM0kJj2Gu3DNkVfZC8pGWCT41p7Ha_mygDUFBtp1-_A1I_mX8-nW219I6WzFWnSKh3n-OqUQXaPJq5mJ03XkoJbLUBIJdkf-KeJ-Flg4sd4cFuE16xOwZv1gERp_ARPrMBhl36KxKndvsdTvs7qkh0WRNXz7yZyXqePv1iW82j30dTi4TRXqjAZgfWyGU53cAwdS_10zomOJYtwgS7HcH3TvmU6Fred_bR0PZu2D9Y4wOV4VuPdbkfdzHsRsePokEnwF231WpnePvmwq_yBStJneTrDnl9NkDR-sWulsnpbV1p1BwO0h0psQruilKacpXQwOdBBni4lWtinayX3ZivRDZXE22PQTJys400IrOeIeGfSrE4MPQFL-9mOrk954T4Xks7YAVPLpk3J29wYOGK10LrU5KMtYd3LAKx_gjkSF9cLQavfFdU1qv8o-nBk94aUGRlUggbFt167N6ZrXrRxTSqcPfhOM5hUOWSxMSg2YnE26MvbYbj2oev0oNXl2HpLlQ4Rd8zbJ2ziETyQxP1AMZ3UiCLEUZcBXEEsFqQa-NNrst9_PXyZ6uFfKlugEqNGPMI3TUnuGvzwBLgN-wVBKuPz5ooT11oM9WNtMeefmnw4qmbmTX0_kKnAB_PRSrbXlO5Rb8A7DLdoM32qSj71mdD5K6ryR3c24C3UJ5hM1FelPnbdnXRSzVO-qc_0WI-5vEKkugZibmPT5LzHy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

csi
csi.gstatic.com/ Frame 9FA8
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l7avv8th&c=8013040256046&slotId=4006520128023&qqid=CJLqvLai5fkCFYvVdwodL4QAGA&umsem=0&ple=1&ape=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/120dba6b59d2f966bd44cf141203e8a0.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Aug 2022 19:45:11 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.vivendobauru.com.br%2F&domain=www.vivendobauru.com.br&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.vivendobauru.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.vivendobauru.com.br
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 26 Aug 2022 19:45:12 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1119
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.vivendobauru.com.br%2F&domain=www.vivendobauru.com.br&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=mUfjcXwxUGk2aC9iQ0FYV05oNFRNNW11UjV4WXZZUUNVakg4RWMrWHVRMnIrb2Urb0V2NmgzRDlqSWtwSFNGck5YWENEYUxkaVVCa2pyM0lrVnQ1WFFaTkdoR0RESkpOalZrRHVPTnR5M0FNS0s4SDZnZTZKaWZ3VEJRQm...
465 B
698 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=mUfjcXwxUGk2aC9iQ0FYV05oNFRNNW11UjV4WXZZUUNVakg4RWMrWHVRMnIrb2Urb0V2NmgzRDlqSWtwSFNGck5YWENEYUxkaVVCa2pyM0lrVnQ1WFFaTkdoR0RESkpOalZrRHVPTnR5M0FNS0s4SDZnZTZKaWZ3VEJRQmEvcit0VmNtdEFPd2RyQWNLZHd1ZkJ6VnQzejBRdGNybkZMN3JuZzVOSFBQZUNFYTFRRzRSU1JmaUErVDdlQnJzdlZZU085UXhwdysrZjBIWGlpRzR6a0hSVnM4WURJdEpEdGJjTjUxRnJQdmtseVNyQVpnazNOb1pFMGJZZlpuMWZJdG1VdDhtTXZESENISDI1aTRKeU9YQldjYjNiMUx0bm9pV2hlZjVFVG54K0pJOG5NWT18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
3fa9b555c315d65b4f31d5eb177c59bb771242c4146ca11b171c4e12b82c8a29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.vivendobauru.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Aug 2022 19:45:11 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3582
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 26 Aug 2022 19:45:12 GMT
location
https://mug.criteo.com/sid?cpp=mUfjcXwxUGk2aC9iQ0FYV05oNFRNNW11UjV4WXZZUUNVakg4RWMrWHVRMnIrb2Urb0V2NmgzRDlqSWtwSFNGck5YWENEYUxkaVVCa2pyM0lrVnQ1WFFaTkdoR0RESkpOalZrRHVPTnR5M0FNS0s4SDZnZTZKaWZ3VEJRQmEvcit0VmNtdEFPd2RyQWNLZHd1ZkJ6VnQzejBRdGNybkZMN3JuZzVOSFBQZUNFYTFRRzRSU1JmaUErVDdlQnJzdlZZU085UXhwdysrZjBIWGlpRzR6a0hSVnM4WURJdEpEdGJjTjUxRnJQdmtseVNyQVpnazNOb1pFMGJZZlpuMWZJdG1VdDhtTXZESENISDI1aTRKeU9YQldjYjNiMUx0bm9pV2hlZjVFVG54K0pJOG5NWT18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.vivendobauru.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1485
content-length
567
expires
0
rid
match.adsrvr.org/track/
63 B
396 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
668ae20cda4c5ba5ce207d432824bd28dd3321daa74a8d012ab4a2d85db658a3

Request headers

Referer
https://www.vivendobauru.com.br/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 26 Aug 2022 19:45:12 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.vivendobauru.com.br
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sun, 25 Sep 2022 19:45:12 GMT
usersync
ssp.wp.pl/bidder/ Frame A20B
477 B
410 B
Document
General
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://www.vivendobauru.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Fri, 26 Aug 2022 19:45:12 GMT
last-modified
Tue, 23 Aug 2022 14:02:12 GMT
server
nginx
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 2B9D
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1661543109102&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.vivendobauru.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame 3218
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1661543109103&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.vivendobauru.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usersync
ssp.wp.pl/bidder/ Frame D3C1
477 B
319 B
Document
General
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://www.vivendobauru.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Fri, 26 Aug 2022 19:45:12 GMT
last-modified
Tue, 23 Aug 2022 14:02:12 GMT
server
nginx
vary
Accept-Encoding
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame A20B
45 KB
16 KB
Script
General
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
07b800a20bf851c9201aa6c57bd358ff7d166bc6ad12fbcc6be6b706001815b0

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:12 GMT
content-encoding
br
last-modified
Thu, 25 Aug 2022 12:00:40 GMT
server
nginx
etag
W/"9dac9739ee610efe462ceee192442661"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame D3C1
45 KB
16 KB
Script
General
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
07b800a20bf851c9201aa6c57bd358ff7d166bc6ad12fbcc6be6b706001815b0

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 19:45:12 GMT
content-encoding
br
last-modified
Thu, 25 Aug 2022 12:00:40 GMT
server
nginx
etag
W/"9dac9739ee610efe462ceee192442661"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=mUfjcXwxUGk2aC9iQ0FYV05oNFRNNW11UjV4WXZZUUNVakg4RWMrWHVRMnIrb2Urb0V2NmgzRDlqSWtwSFNGck5YWENEYUxkaVVCa2pyM0lrVnQ1WFFaTkdoR0RESkpOalZrRHVPTnR5M0FNS0s4SDZnZTZKaWZ3VEJRQmEvcit0VmNtdEFPd2RyQWNLZHd1ZkJ6VnQzejBRdGNybkZMN3JuZzVOSFBQZUNFYTFRRzRSU1JmaUErVDdlQnJzdlZZU085UXhwdysrZjBIWGlpRzR6a0hSVnM4WURJdEpEdGJjTjUxRnJQdmtseVNyQVpnazNOb1pFMGJZZlpuMWZJdG1VdDhtTXZESENISDI1aTRKeU9YQldjYjNiMUx0bm9pV2hlZjVFVG54K0pJOG5NWT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 26 Aug 2022 19:45:11 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1075
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _wpemojiSettings function| ym object| twemoji object| wp object| Sk function| setCookie function| getCookie function| createGeoRestrictionCookie object| AdSlotCollection boolean| __isGoogleAllowed object| googletag object| pbjs325474 object| Ya object| yaCounter87548442 function| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| Criteo object| ggeac object| google_tag_data object| google_js_reporting_queue object| sas object| apntag object| _ADAGIO undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| google_image_requests

20 Cookies

Domain/Path Name / Value
.di10.biz/ Name: uuid
Value: 8bb1eac9-b9eb-46e4-94f3-87dc584aba65
www.vivendobauru.com.br/ Name: __oagr
Value: true
.vivendobauru.com.br/ Name: _ym_uid
Value: 166154310962400551
.vivendobauru.com.br/ Name: _ym_d
Value: 1661543109
.vivendobauru.com.br/ Name: _ym_isad
Value: 2
.yandex.ru/ Name: yandexuid
Value: 9619146981661543108
.yandex.ru/ Name: yuidss
Value: 9619146981661543108
mc.yandex.ru/ Name: yabs-sid
Value: 1547105571661543108
.yandex.ru/ Name: i
Value: Q8AP5mVMgN8rgLXWNG/iecqmM3WF+RVQyl4B4adW1/wKHFEe1UsR5h4Cbm+smDW0ASr2Zy1XCUGfzclC4Tgu1qhIn8c=
.yandex.ru/ Name: ymex
Value: 1693079108.yrts.1661543108#1693079108.yrtsi.1661543108
www.vivendobauru.com.br/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.vivendobauru.com.br/ Name: _sharedID
Value: cfced352-7abe-4054-a67f-1335c854f486
.vivendobauru.com.br/ Name: _ym_visorc
Value: b
.prebid.a-mo.net/ Name: __amc
Value: 1_1661543109_1661543109
.vivendobauru.com.br/ Name: __gads
Value: ID=7fee9d3cbfb6f3e2-22cadfd907ce0084:T=1661543109:S=ALNI_MbWQBwXsrqCVIeqmuaqMQGiVQIjyQ
.doubleclick.net/ Name: IDE
Value: AHWqTUm7UI3fTqJnbU7HiF5ybiEMAB-DM1ECuP9pLSwZUliL9oi_4FtEuZHpGkSQ5ms
.criteo.com/ Name: uid
Value: 8cf4d33f-45ee-45ae-80e4-6bdb4318576f
www.vivendobauru.com.br/ Name: unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-08-26T19%3A45%3A12%22%7D
.vivendobauru.com.br/ Name: cto_bundle
Value: h9n9T19BZmk5M21OSE1oajZVNVNkZjR2SGFiV2xkRUdhWjNDaVRjRiUyRmNqN3cyTXN3NGZZRFl2a0NMUjRzNWolMkYlMkYwYkNFbDc2U2laS0lReGtMTFFHQkRpOVFFZjl6Yk9nYU54eEEzR3oyN3VUU1FteDdZQVhOJTJGNEdNYkJOdk1PeWwybU5UVGUxT1UlMkJtRjlYejJ2SjV4TDFZWjN6a0hqb2taQ1clMkZ0cGF6dGZiZiUyQmRDYyUzRA
.vivendobauru.com.br/ Name: cto_bidid
Value: VqcpKF9XU1cyZTlQUVdqTDQ0OEVFNHhiZ2glMkJrVUEzdVB1VFl1NEt5V2pEcnJmMHFMSm1kJTJCY1JEYjBqSGd5N3hSWUt1UWRxNlJEWlZJbURDZTl3WWVOMUZFcXJVZWx4ZnJmR1JhSnV6Z1BuNzR5YWhaQVNXaWJlVThQYnl4VUNMWm41NzU

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

89253cd0339fedc2633ea7029dea8111.safeframe.googlesyndication.com
adservice.google.com
adservice.google.nl
bidder.criteo.com
cdn.jsdelivr.net
cmp.optad360.io
csi.gstatic.com
di10.biz
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
gum.criteo.com
i1.ytimg.com
match.adsrvr.org
mc.yandex.ru
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
prebid.a-mo.net
rr6---sn-pouxga5o-vu2s.googlevideo.com
script.4dex.io
securepubads.g.doubleclick.net
ssp.wp.pl
static.criteo.net
std.wpcdn.pl
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.vivendobauru.com.br
147.75.85.234
178.250.0.165
178.250.2.146
185.177.92.147
185.184.8.90
2001:4860:4802:32::3
212.77.98.32
212.77.99.29
2600:9000:206f:9200:11:a4de:2580:93a1
2600:9000:206f:c200:6:b871:4f00:93a1
2606:4700:20::681a:8a9
2606:4700::6810:5714
2a00:1450:4001:801::2003
2a00:1450:4001:801::2004
2a00:1450:4001:806::2002
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:ff0:1234:3::11
2a02:2638:1::3
2a02:2638::1c
2a02:6b8::1:119
2a06:98c1:3121::3
35.71.131.137
51.89.9.251
07572f31a00b1843fc6d9a1eb3155eaf2a46089213d6740f302cf34f83738040
07b800a20bf851c9201aa6c57bd358ff7d166bc6ad12fbcc6be6b706001815b0
1686090e2b5f4a5892f208198670fd0672f0449c0e130169e2052f6b56413174
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
1e994421dd7e49d9978e8e3f2ccbb26178146a72ec77740ac9a022144993c4b5
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
24e24023c3a1884f356473b97dca966a8091dffee581de3916183b93a66bce25
2911ccd48b305adcb3c6e4eb24e52c94efe53b876b556d6e06ffd7fe7e1ca572
316ed6dcf1f70f783d3eb12316e4a3b0d5993d439e6a6ec35dd7f8df43fa1b3f
3d61e629c4fb08e8034550d028523cf4544bfe6ad6f8eaba617c14c2f02d1e61
3ea2171f1cfa3fba1737d38126a0f074577b73ff01493fcf8a9d4e362bb2a232
3fa9b555c315d65b4f31d5eb177c59bb771242c4146ca11b171c4e12b82c8a29
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
4325463d5c17aebbc147fb20c300203304a6d06cbe4d8bfbff402ef6a9a5c8cc
548f0eedda64e6a2d698edfec2bf0b8a9b7b1b0d9f12b117a575202ddac6d687
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5a96ae083e6d9e97d919248f91dbd238ebfc901b8b7c0e68d6c685852567d035
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6
645dcac7f36e9647d2d0a743cf748a53a6e6cb596860bf0cc3f6f1c914fdb237
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
668ae20cda4c5ba5ce207d432824bd28dd3321daa74a8d012ab4a2d85db658a3
6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10
710bf3b3a54e164c3bde1c64dd239d2e8cafb6277fecfcfff4bda901d81d377b
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
83f745707f17f1a62333ca5368c1b1ac895ef537fa99bb0d573c8d4fabad21b3
8902f39511563a66abb6358437ee6c4762acec8dbefd1ef53797a7b15417dfb4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c03afe161b10b51214f2528481a2d43a401b5df3a5597613e4212348309b8eb
8c523daf93e079ac37b4c92b150ef687ff24764fb4bca01961994189ae773a89
8d644294233adb479cce7d6390b93dc5ae6fe97f8cad88596d5208942aee6b3e
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
af186659e415490e7eee1bd3c8d511771dbd3e03ddbebf6b6a5096ac8ba29449
b0bd96d397412285e6de03d4b9a8168c61b6f6968776382dc0e7c83d269b88dd
b2acaf3a9e50a42005c8b2c5601c7a6abcbf143002b40edc38a6d572faf7a769
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
c5ef40c1fb83845fa32788976916255228d0d5e3f95a7f5dd84f9457d4c59e97
c6ca53faa87d7774fb7fb26c81c9e0fb9b04f2b8d0c60ad44e85993d21a1810b
c8bde6806d2fda126457fb62e4a0ef21fa264460c26b1390005fa616b4f56e31
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d524bfae27e5abd09253fc0750d127771c61bf3b8aad0ea5c23db7b0148a23f1
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83c57242b8a8653e9950fc3d2b4ce5a541b86c2aafcbfa222977a06a5201538
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea7871850f61d9fbeaa8adae980c60045d253ffea0f786911fbc134e8110a887
f75626d2a6383bfdad3b92c86ae0623790fbe692e880b315cd06bfaa1d249f9f
f77c20b6869b696fe3415200077fe4a9d1609a15023e39818992312199feb101
fb16e51480f1812bba39f47a4dd2e154767356b870f1e5e2564f0f462f40098f