Submitted URL: http://tuasaude.com/
Effective URL: https://www.tuasaude.com/
Submission: On February 01 via api from TR — Scanned from CA

Summary

This website contacted 62 IPs in 7 countries across 63 domains to perform 233 HTTP transactions. The main IP is 2607:5300:203:437::, located in Canada and belongs to OVH, FR. The main domain is www.tuasaude.com. The Cisco Umbrella rank of the primary domain is 304311.
TLS certificate: Issued by R3 on January 8th 2024. Valid for: 3 months.
This is the only time www.tuasaude.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2607:5300:203... 16276 (OVH)
37 2400:52e0:1a0... 200325 (BUNNYCDN)
7 2607:f8b0:400... 15169 (GOOGLE)
3 54.230.49.33 16509 (AMAZON-02)
1 3.162.3.96 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 54.192.51.94 16509 (AMAZON-02)
1 54.192.51.57 16509 (AMAZON-02)
1 188.226.136.4 14061 (DIGITALOC...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a04:4e42:79::84 54113 (FASTLY)
2 2607:f8b0:400... 15169 (GOOGLE)
1 3.161.212.32 16509 (AMAZON-02)
10 2607:f8b0:400... 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2 2607:f8b0:400... 15169 (GOOGLE)
4 23.39.185.6 16625 (AKAMAI-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
2 24 52.46.130.91 16509 (AMAZON-02)
1 3.161.213.18 16509 (AMAZON-02)
1 3.162.3.18 16509 (AMAZON-02)
9 2607:f8b0:400... 15169 (GOOGLE)
1 3.18.9.101 16509 (AMAZON-02)
19 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
14 23 172.253.62.157 15169 (GOOGLE)
3 8 104.18.36.155 13335 (CLOUDFLAR...)
6 8 68.67.160.132 29990 (ASN-APPNEX)
2 2 184.84.136.23 16625 (AKAMAI-AS)
1 1 2600:9000:215... 16509 (AMAZON-02)
2 2 35.194.66.159 396982 (GOOGLE-CL...)
1 1 35.208.249.213 15169 (GOOGLE)
2 2 70.42.32.191 13789 (INTERNAP-...)
1 3 172.64.151.101 13335 (CLOUDFLAR...)
2 6 34.98.64.218 396982 (GOOGLE-CL...)
1 1 23.105.14.101 30633 (LEASEWEB-...)
6 3.214.126.113 14618 (AMAZON-AES)
2 23.193.120.208 16625 (AKAMAI-AS)
2 23.50.125.215 16625 (AKAMAI-AS)
2 6 198.148.27.131 19189 (PULSEPOINT)
5 5 34.200.65.202 14618 (AMAZON-AES)
1 1 34.233.79.12 14618 (AMAZON-AES)
1 7 34.200.162.145 14618 (AMAZON-AES)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.235.96.255 14618 (AMAZON-AES)
2 3 35.71.139.29 16509 (AMAZON-02)
1 1 44.198.88.161 14618 (AMAZON-AES)
2 3 2a02:6b8::90 13238 (YANDEX)
1 1 20.121.97.20 8075 (MICROSOFT...)
1 2 107.23.6.4 14618 (AMAZON-AES)
2 172.253.63.149 15169 (GOOGLE)
2 104.36.113.112 62713 (AS-PUBMATIC)
7 7 3.33.220.150 16509 (AMAZON-02)
5 5 35.211.178.172 19527 (GOOGLE-2)
2 2 54.146.37.4 14618 (AMAZON-AES)
1 1 3.129.86.126 16509 (AMAZON-02)
1 2 3.161.213.118 16509 (AMAZON-02)
1 4 2600:1f18:4e9... 14618 (AMAZON-AES)
1 1 2620:116:800b... 14618 (AMAZON-AES)
1 1 52.87.115.253 14618 (AMAZON-AES)
2 2 2606:ae80:145... 25751 (VALUECLICK)
2 2 207.198.113.87 13768 (COGECO-PEER1)
2 2 44.216.238.183 14618 (AMAZON-AES)
3 4 34.111.113.62 396982 (GOOGLE-CL...)
13 18 69.173.151.100 26667 (RUBICONPR...)
1 40.76.134.238 8075 (MICROSOFT...)
7 104.36.113.107 62713 (AS-PUBMATIC)
2 2 35.207.24.140 15169 (GOOGLE)
1 1 213.19.162.80 3356 (LEVEL3)
2 2 8.2.110.134 46636 (NATCOWEB)
2 2 5.161.187.67 213230 (HETZNER-C...)
1 8.2.108.194 ()
1 1 8.43.72.97 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 52.95.125.22 16509 (AMAZON-02)
2 2 52.7.200.174 14618 (AMAZON-AES)
1 1 2600:9000:200... 16509 (AMAZON-02)
1 2600:9000:207... ()
1 23.40.207.42 ()
1 2 104.18.41.104 ()
2 8.28.7.84 ()
1 2 151.101.130.49 ()
1 2 34.235.77.155 ()
1 34.204.246.215 ()
1 52.55.97.47 ()
1 1 54.161.125.195 ()
1 1 2620:112:f002... ()
233 62
Apex Domain
Subdomains
Transfer
39 tuasaude.com
tuasaude.com — Cisco Umbrella Rank: 214963
www.tuasaude.com — Cisco Umbrella Rank: 304311
static.tuasaude.com — Cisco Umbrella Rank: 252949
2 MB
33 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
ad.doubleclick.net — Cisco Umbrella Rank: 163
209 KB
30 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
aax.amazon-adsystem.com — Cisco Umbrella Rank: 395
s.amazon-adsystem.com — Cisco Umbrella Rank: 326
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 801
93 KB
22 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 579
token.rubiconproject.com — Cisco Umbrella Rank: 477
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2084
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1274
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
27 KB
19 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
179 KB
16 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
analytics.google.com — Cisco Umbrella Rank: 154
www.google.com — Cisco Umbrella Rank: 2
71 KB
15 googlesyndication.com
cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
72 KB
13 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 535
image6.pubmatic.com — Cisco Umbrella Rank: 805
image2.pubmatic.com — Cisco Umbrella Rank: 912
simage2.pubmatic.com — Cisco Umbrella Rank: 870
simage4.pubmatic.com
image4.pubmatic.com
28 KB
11 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497
7 KB
9 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 671
ce.lijit.com — Cisco Umbrella Rank: 859
he.lijit.com — Cisco Umbrella Rank: 2846
7 KB
9 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
4 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
secure.adnxs.com — Cisco Umbrella Rank: 490
9 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
3 KB
7 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2238
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 5205
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 5306
tracking.crazyegg.com — Cisco Umbrella Rank: 4181
37 KB
6 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 523
6 KB
6 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 508
2 KB
6 openx.net
u.openx.net — Cisco Umbrella Rank: 683
us-u.openx.net — Cisco Umbrella Rank: 524
2 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
3 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 501
2 KB
4 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 871
3 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
349 KB
3 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1555
sync.intentiq.com
3 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 6258
978 B
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 412
1 KB
2 thrtle.com
thrtle.com
686 B
2 everesttech.net
sync-tm.everesttech.net
789 B
2 connatix.com
capi.connatix.com
524 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 555
1 KB
2 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 2235
553 B
2 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 3182
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1282
802 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 853
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 722
1 KB
2 dotomi.com
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 7333
648 B
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 550
1 KB
2 demdex.net
scotiabank.demdex.net — Cisco Umbrella Rank: 66690
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 874
s.tribalfusion.com — Cisco Umbrella Rank: 2405
1 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 626
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
1 KB
2 media.net
cs.media.net — Cisco Umbrella Rank: 1236
2 KB
2 google.ca
www.google.ca — Cisco Umbrella Rank: 9185
515 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 869
21 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 681
script.hotjar.com — Cisco Umbrella Rank: 996
60 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
95 KB
1 turn.com
ad.turn.com
518 B
1 ipredictive.com
sync.ipredictive.com
554 B
1 bfmio.com
sync.bfmio.com
425 B
1 kargo.com
crb.kargo.com
359 B
1 yahoo.net
hb.yahoo.net
650 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1495
556 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
517 B
1 ck-ie.com
us.ck-ie.com
432 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 4022
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 730
1 KB
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
512 B
1 temu.com
www.temu.com — Cisco Umbrella Rank: 2985
516 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 7787
417 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1259
35 B
1 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6940
279 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1161
361 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 662
437 B
1 cookie-script.com
geo.cookie-script.com — Cisco Umbrella Rank: 35705
30 KB
233 63
Domain Requested by
37 static.tuasaude.com www.tuasaude.com
static.tuasaude.com
24 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
match.sharethrough.com
ssum-sec.casalemedia.com
u.openx.net
bh.contextweb.com
ads.pubmatic.com
ce.lijit.com
23 cm.g.doubleclick.net 14 redirects googleads.g.doubleclick.net
cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com
u.openx.net
s.amazon-adsystem.com
19 s0.2mdn.net www.tuasaude.com
s0.2mdn.net
12 pixel.rubiconproject.com 8 redirects s.amazon-adsystem.com
10 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
9 pagead2.googlesyndication.com www.tuasaude.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com
www.googletagservices.com
8 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
7 match.adsrvr.org 7 redirects
7 ce.lijit.com 1 redirects s.amazon-adsystem.com
ce.lijit.com
7 ib.adnxs.com 5 redirects googleads.g.doubleclick.net
s.amazon-adsystem.com
6 token.rubiconproject.com 5 redirects eus.rubiconproject.com
6 bh.contextweb.com 2 redirects s.amazon-adsystem.com
bh.contextweb.com
6 match.sharethrough.com s.amazon-adsystem.com
match.sharethrough.com
5 x.bidswitch.net 5 redirects
5 ups.analytics.yahoo.com 5 redirects
4 simage2.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
4 pixel.tapad.com 3 redirects s.amazon-adsystem.com
4 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
u.openx.net
s.amazon-adsystem.com
4 tpc.googlesyndication.com www.tuasaude.com
tpc.googlesyndication.com
4 ct.pinterest.com s.pinimg.com
www.tuasaude.com
4 analytics.google.com www.googletagmanager.com
4 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
4 www.googletagmanager.com www.tuasaude.com
www.googletagmanager.com
3 image2.pubmatic.com s.amazon-adsystem.com
3 us-u.openx.net u.openx.net
s.amazon-adsystem.com
3 an.yandex.ru 2 redirects cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com
3 eb2.3lift.com 2 redirects s.amazon-adsystem.com
3 u.openx.net 2 redirects s.amazon-adsystem.com
3 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
3 c.amazon-adsystem.com www.tuasaude.com
c.amazon-adsystem.com
2 thrtle.com 1 redirects s.amazon-adsystem.com
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 capi.connatix.com 1 redirects s.amazon-adsystem.com
2 match.prod.bidr.io 2 redirects ads.pubmatic.com
2 sync-dmp.mobtrakk.com 2 redirects
2 cs.krushmedia.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 pulsepoint-match.dotomi.com 2 redirects
2 api.intentiq.com 1 redirects ssum-sec.casalemedia.com
2 i.liadm.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 ad.doubleclick.net www.tuasaude.com
2 scotiabank.demdex.net 1 redirects cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com
2 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
2 ads.pubmatic.com s.amazon-adsystem.com
2 b1sync.zemanta.com 2 redirects
2 um.simpli.fi 2 redirects
2 cs.media.net 2 redirects
2 cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 googleads.g.doubleclick.net www.tuasaude.com
2 www.google.com 1 redirects www.tuasaude.com
2 www.google.ca www.tuasaude.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 s.pinimg.com www.tuasaude.com
s.pinimg.com
2 www.googletagservices.com www.tuasaude.com
1 ad.turn.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 image4.pubmatic.com s.amazon-adsystem.com
1 sync.bfmio.com s.amazon-adsystem.com
1 crb.kargo.com s.amazon-adsystem.com
1 simage4.pubmatic.com ads.pubmatic.com
1 hb.yahoo.net s.amazon-adsystem.com
1 sync.intentiq.com s.amazon-adsystem.com
1 live.primis.tech 1 redirects
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 px.ads.linkedin.com s.amazon-adsystem.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 us.ck-ie.com ce.lijit.com
1 pixel-eu.rubiconproject.com 1 redirects
1 us01.z.antigena.com s.amazon-adsystem.com
1 sync.srv.stackadapt.com 1 redirects
1 cms.quantserve.com 1 redirects
1 secure.adnxs.com 1 redirects
1 he.lijit.com 1 redirects
1 www.temu.com 1 redirects
1 cc.adingo.jp 1 redirects
1 rtb.adentifi.com cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com
1 s.tribalfusion.com cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 ap.lijit.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 trace.mediago.io 1 redirects
1 s.ad.smaato.net 1 redirects
1 tracking.crazyegg.com script.crazyegg.com
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 geo.cookie-script.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 static.hotjar.com www.tuasaude.com
1 www.tuasaude.com
1 tuasaude.com 1 redirects
233 98
Subject Issuer Validity Valid
www.tuasaude.com
R3
2024-01-08 -
2024-04-07
3 months crt.sh
static.tuasaude.com
R3
2024-01-15 -
2024-04-14
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-12-30 -
2024-12-04
a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01
2023-03-09 -
2024-04-06
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-01-21 -
2025-02-19
a year crt.sh
*.cookie-script.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-11 -
2024-07-25
10 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-03-09 -
2024-03-08
a year crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-31 -
2024-08-07
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
*.google.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
*.google.ca
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01
2024-01-01 -
2024-12-21
a year crt.sh
crazyegg.com
Amazon RSA 2048 M02
2023-05-28 -
2024-06-26
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
www.google.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3
2023-05-21 -
2024-05-20
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01
2023-06-14 -
2024-07-12
a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-11-26 -
2024-11-26
a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-07 -
2024-04-03
a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1
2023-04-10 -
2024-05-09
a year crt.sh
*.lijit.com
Amazon RSA 2048 M02
2023-03-12 -
2024-04-10
a year crt.sh
adentifi.com
Amazon RSA 2048 M01
2023-07-06 -
2024-08-03
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2024-01-10 -
2024-06-26
6 months crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA
2023-04-03 -
2024-04-02
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01
2024-01-13 -
2024-12-22
a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-08-11 -
2024-09-11
a year crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03
2023-12-11 -
2025-01-08
a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02
2023-03-17 -
2024-04-14
a year crt.sh

This page contains 25 frames:

Primary Page: https://www.tuasaude.com/
Frame ID: 267308842305FB289FED878C39C41FEA
Requests: 93 HTTP requests in this frame

Frame: https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0F3064A2A6272328D3572B7EB24293A2
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&dcc=t
Frame ID: 3C67D6927C8D00AB6F619DF0940FD07A
Requests: 1 HTTP requests in this frame

Frame: https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8180D9D77CD48092BEA42660AA42F23E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Y2rP45wEwAQ&v=APEucNXaZSDad_Jn8xCm1FBpE1390HiZkeetfPO3CCMJW4VEskVYxZNxNQPQH-Waytv8EEAChxkokGl7Gyg45YNTTjd8r3G1mWZgnmN4WFOcBuOjNmmfyU8
Frame ID: EFE17D9C78B162E516389AAE83623346
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 6D5F206B7D456901DCB1BC15D7FFFBF3
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 93EC64D341FF387B19ABFD27FF7BFCB2
Requests: 9 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 836BA35BA32CEFCE997019EF39BF6FBC
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: D0C8E53C316FFC4767634460A48270CC
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 4F88802199592399785C146BA2BC9462
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4248769777910856124&gdpr=0&gdpr_consent=
Frame ID: A8B98DA75D0F0AEEA7A648356FA6FED7
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: E882F387F5F42C2748C7FEEAFB533789
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: A91577D51D79FCAE812650444D8A90AA
Requests: 20 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: CE46E6BC8AA709AF09B3AE1F511BEFE0
Requests: 20 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: 710B1780644369BB3E8A3399FD7DEBE9
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1RaHQwaUlaRTJ1S1BsemV4ckhjVTdRVzlXZmtFcy5qVn5B
Frame ID: 93C67B8C2EA72119D6AEA29DE0636B6B
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 41EF7E3D3C99B5D36BE82B8D2A040CD1
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2FBFE61BE499F393164DD8CD4DB1F324
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
Frame ID: A157AAEB55F3C6A10EFBF5CE4C4DA5E6
Requests: 18 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E&redir=true&gdpr=0&gdpr_consent=
Frame ID: 3B908082A561ED1DC25AC2D34336DEFC
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E
Frame ID: A8569AFA50C98BDDC4B6E80F20B28036
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=525832562408744480&gdpr=0&gdpr_consent=
Frame ID: D0BECF412DB08074F0D343BC21218481
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
Frame ID: D1E0C1A5D3991D45411536D472DCB006
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZbtkbAABn5lYuwAg
Frame ID: 1F3DBF7BA3CE3D2DD6009BDF0EE98CDF
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E
Frame ID: 995B471E63DD427C1C89AE18CD00FBA7
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Tua Saúde - Informação de confiança sobre saúde, nutrição e bem estar

Page URL History Show full URLs

  1. http://tuasaude.com/ HTTP 307
    https://tuasaude.com/ HTTP 301
    https://www.tuasaude.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/

Page Statistics

233
Requests

72 %
HTTPS

29 %
IPv6

63
Domains

98
Subdomains

62
IPs

7
Countries

3306 kB
Transfer

6395 kB
Size

117
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tuasaude.com/ HTTP 307
    https://tuasaude.com/ HTTP 301
    https://www.tuasaude.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://www.google.com/pagead/landing?gcs=G111&gcd=11t1t1p1p5&rnd=1524970577.1706779750&url=https%3A%2F%2Fwww.tuasaude.com%2F&dma_cps=-&dma=0&npa=1&gtm=45He41v0n81N8S2MQMv866807259&auid=2091443743.1706779750 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=11t1t1p1p5&rnd=1524970577.1706779750&url=https%3A%2F%2Fwww.tuasaude.com%2F&dma_cps=-&dma=0&npa=1&gtm=45He41v0n81N8S2MQMv866807259&auid=2091443743.1706779750
Request Chain 75
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&dcc=t
Request Chain 101
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGj6_AoEzgYqPiDfMI8VvlM&google_cver=1&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGj6_AoEzgYqPiDfMI8VvlM&google_cver=1&gdpr=0&C=1
Request Chain 102
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zbtkac1Plc2O5cB5psyuJwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGj6_AoEzgYqPiDfMI8VvlM&google_cver=1
Request Chain 103
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEA7kjea_vtaOWBl0M8uJ48I&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEA7kjea_vtaOWBl0M8uJ48I%26google_cver%3D1
Request Chain 104
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA4MzQ1NjMwOTU2NTI4MTEx
Request Chain 105
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3497813537034054000V10
Request Chain 106
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=7610120411
Request Chain 107
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=49BAECB5249A4B74B3D94B2820C391F5&ex=simpli.fi&status=ok
Request Chain 108
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7e581e03f12x7ikv00ls30lhwt
Request Chain 109
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=nwi0pDfVBtfy8QsdOEzQ
Request Chain 110
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 111
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 112
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4248769777910856124&gdpr=0&gdpr_consent=
Request Chain 116
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 117
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1RaHQwaUlaRTJ1S1BsemV4ckhjVTdRVzlXZmtFcy5qVn5B
Request Chain 118
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 119
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEErqBvbD-gfkeVwGYPY4Swc&google_cver=1&google_push=AXcoOmSw6UIyxe4JTsEvWuQDoC-nj-Uy5rGTZFlEL-bmpX5lqsN1N6e9JL-KSw9IvwuYSaT0u4J92_x6n9x5Tv1Nve3cNccYNStY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSw6UIyxe4JTsEvWuQDoC-nj-Uy5rGTZFlEL-bmpX5lqsN1N6e9JL-KSw9IvwuYSaT0u4J92_x6n9x5Tv1Nve3cNccYNStY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEErqBvbD-gfkeVwGYPY4Swc&google_cver=1&google_push=AXcoOmSw6UIyxe4JTsEvWuQDoC-nj-Uy5rGTZFlEL-bmpX5lqsN1N6e9JL-KSw9IvwuYSaT0u4J92_x6n9x5Tv1Nve3cNccYNStY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSw6UIyxe4JTsEvWuQDoC-nj-Uy5rGTZFlEL-bmpX5lqsN1N6e9JL-KSw9IvwuYSaT0u4J92_x6n9x5Tv1Nve3cNccYNStY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 121
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBXwr76mZm8kxsmG_bEWXJQ&google_cver=1&google_push=AXcoOmS61U9vAOeNyOzAamSZJk1aREfvNLA3PQaxMEdkp8bAypCtncVC2_KKloWKq021kLwqgfU46AXW_VUDKeXCwzbraqMtuETm HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmS61U9vAOeNyOzAamSZJk1aREfvNLA3PQaxMEdkp8bAypCtncVC2_KKloWKq021kLwqgfU46AXW_VUDKeXCwzbraqMtuETm&google_gid=CAESEBXwr76mZm8kxsmG_bEWXJQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIyOTk0NDIwNzgyNjM1MzE4MjAx&google_push=AXcoOmS61U9vAOeNyOzAamSZJk1aREfvNLA3PQaxMEdkp8bAypCtncVC2_KKloWKq021kLwqgfU46AXW_VUDKeXCwzbraqMtuETm
Request Chain 122
  • https://cs.media.net/cksync?type=g&google_gid=CAESEDtxucwYEgvqjibfZZpS5l0&google_cver=1&google_push=AXcoOmSYpqi9cd2tkVN0_5TKDo5zchthsfNvDlJagUBN-Udfty3wgAlYcgx9hBKdR17ooLWCf2yVjZCQ33mjzHYyJKu1ZrsI1LKi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ5NzgxMzUzNzAzNDAwNjAwMFYxMA%3d%3d&mn_hm=MzQ5NzgxMzUzNzAzNDAwNjAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSYpqi9cd2tkVN0_5TKDo5zchthsfNvDlJagUBN-Udfty3wgAlYcgx9hBKdR17ooLWCf2yVjZCQ33mjzHYyJKu1ZrsI1LKi&gdpr=&gdpr_consent=
Request Chain 123
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEBVVex3jfMryvpEhONrvKpI&google_cver=1&google_push=AXcoOmT5G7STsJ36yyEn5fXETOUotIQkwascvwO32dzr4k5xJr_fOtrocktsAtnoFNNFcsY8fAT4rUZsZUhzLsdK66NJt6uCjy8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmT5G7STsJ36yyEn5fXETOUotIQkwascvwO32dzr4k5xJr_fOtrocktsAtnoFNNFcsY8fAT4rUZsZUhzLsdK66NJt6uCjy8&google_hm=d1cdb0c5e8de4f778d96474084289ab9
Request Chain 124
  • https://an.yandex.ru/mapuid/google/CAESEBVSoL8pPb0sb6v19v6Zdas?ext-param=AXcoOmRBLj4z0Id3eU_VSehUwdUr1eUykgJKRSU4VQvZ8wyj-C3e0hYXuvzZcbP-IubwT2vM1El3JmGc_NWRer7er4HhQq0RQA8Z3A&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEBVSoL8pPb0sb6v19v6Zdas?redir-setuniq=1&ext-param=AXcoOmRBLj4z0Id3eU_VSehUwdUr1eUykgJKRSU4VQvZ8wyj-C3e0hYXuvzZcbP-IubwT2vM1El3JmGc_NWRer7er4HhQq0RQA8Z3A&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEBVSoL8pPb0sb6v19v6Zdas&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 125
  • https://www.temu.com/api/adx/cm/pixel?google_gid=CAESENAjhNdZ0errNViybgJIHGY&google_cver=1&google_push=AXcoOmRjOZ8tR8dyLe-TrpcigZTZhD7orozHOXzyrdtdSZYREPmq6sGy9P2NNKQfG5MgWnYf0b5InVxfbrXxmEqV7rBa6YGW_VYFkw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmRjOZ8tR8dyLe-TrpcigZTZhD7orozHOXzyrdtdSZYREPmq6sGy9P2NNKQfG5MgWnYf0b5InVxfbrXxmEqV7rBa6YGW_VYFkw
Request Chain 133
  • https://scotiabank.demdex.net/event?d_event=imp&d_src=203093&d_creative=190868996&d_campaign=29828495&d_placement=365566471&d_site=3375178&d_aid=6105106&d_bust=2895251668 HTTP 302
  • https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=190868996&d_campaign=29828495&d_placement=365566471&d_site=3375178&d_aid=6105106&d_bust=2895251668
Request Chain 140
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=935aafec-4bc0-4340-8a19-bd7f02a666a6&gdpr=0&gdpr_consent=
Request Chain 141
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=OTRlMmY1MjktNGY1MC00MGMzLWIwNzUtZmI5YTE1OWNmYTk5 HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 142
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2Stothm3wg5g6opTuaPadz9%26source_user_id%3D HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=49f87a43-78fa-092d-149a-1ea19858fb7c
Request Chain 143
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=94e2f529-4f50-40c3-b075-fb9a159cfa99&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sharethrough&user_id=94e2f529-4f50-40c3-b075-fb9a159cfa99&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sharethrough&bsw_param=2a66c61c-2db3-4b9f-8483-c292eb5cc82a&google_hm=MmE2NmM2MWMtMmRiMy00YjlmLTg0ODMtYzI5MmViNWNjODJh&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEA9hf1WWuXlLCgUgMlblF6U&google_cver=1&ssp=sharethrough&bsw_param=2a66c61c-2db3-4b9f-8483-c292eb5cc82a&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=2a66c61c-2db3-4b9f-8483-c292eb5cc82a&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 147
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=935aafec-4bc0-4340-8a19-bd7f02a666a6&expiration=1709371753&gdpr=0&gdpr_consent=
Request Chain 148
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZbtkaF9CnZ6y1.4kVLU8egAA%263809&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZbtkaF9CnZ6y1.4kVLU8egAA%263809&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=1157609403214f4db7a9111a8604c80b HTTP 303
  • https://he.lijit.com/merge?pid=8100&event_type=email&lc_md5=c8ab20e8d968bc912f3965a8327879c8&lc_sha1=a157568fff57e49c6d1502661b07b920b71f9506&lc_sha256=203dda47d3eaced2b662e5f4f7a25ed70d18795c80515a0a7aa5e4c7f97386b5&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&gpdr= HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=2&mi=10&dpi=174445236&pt=1&dpn=2247&dpt=c8ab20e8d968bc912f3965a8327879c8&pt=1&dpn=2248&dpt=a157568fff57e49c6d1502661b07b920b71f9506&pt=1&dpn=2270&dpt=203dda47d3eaced2b662e5f4f7a25ed70d18795c80515a0a7aa5e4c7f97386b5&pcid=IFo5APZHuBsBWGRkR42ZdOx3 HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=2&mi=10&dpi=174445236&pt=1&dpn=2247&dpt=c8ab20e8d968bc912f3965a8327879c8&pt=1&dpn=2248&dpt=a157568fff57e49c6d1502661b07b920b71f9506&pt=1&dpn=2270&dpt=203dda47d3eaced2b662e5f4f7a25ed70d18795c80515a0a7aa5e4c7f97386b5&pcid=IFo5APZHuBsBWGRkR42ZdOx3&ckls=true&ci=T2Wl4nxbnE&nc=false&trid=52314636-278b-457f-9161-682958068472
Request Chain 149
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZbtkaF9CnZ6y1-4kVLU8egAADuEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEC9cH1yPk0wYNoVEPMVoP48&google_cver=1
Request Chain 150
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=525832562408744480
Request Chain 152
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=THuLu0x63-BXKtvvT3vE6hl52-hXL43rSywWoUiG
Request Chain 153
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=eWKhpx5YUWtHALyFbQLb_aYAzQQ
Request Chain 158
  • https://match.adsrvr.org/track/cmf/openx?oxid=879b8f7e-cabe-34c0-5131-38eb92935914&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=879b8f7e-cabe-34c0-5131-38eb92935914&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=935aafec-4bc0-4340-8a19-bd7f02a666a6&ttd_puid=879b8f7e-cabe-34c0-5131-38eb92935914&gdpr=0&gdpr_consent=
Request Chain 160
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJy6gLx5UyTF06bqqhAf1xA&google_cver=1
Request Chain 178
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=WEJRTGNTRkVPMXJGdjI5d0lBRUlUQQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEDSBYiq76fhpi8qDffnCpfM&google_cver=1
Request Chain 179
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=5a200f0083a1162&is_secure=true&networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAG71FAtdubuwNZvvU0AAAAAAA&expiration=1706866154&nuid=&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 180
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=95&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=623434d3-9858-4572-b7e5-dd150750dd4b-65bb646a-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D623434d3-9858-4572-b7e5-dd150750dd4b-65bb646a-4341%26partner_url%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D543793%2526ev%253D623434d3-9858-4572-b7e5-dd150750dd4b-65bb646a-4341%2526gdpr_in_effect%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=623434d3-9858-4572-b7e5-dd150750dd4b-65bb646a-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D623434d3-9858-4572-b7e5-dd150750dd4b-65bb646a-4341%26partner_url%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D543793%2526ev%253D623434d3-9858-4572-b7e5-dd150750dd4b-65bb646a-4341%2526gdpr_in_effect%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=623434d3-9858-4572-b7e5-dd150750dd4b-65bb646a-4341&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D543793%26ev%3D623434d3-9858-4572-b7e5-dd150750dd4b-65bb646a-4341%26gdpr_in_effect%3D0%26gdpr_consent%3D HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=623434d3-9858-4572-b7e5-dd150750dd4b-65bb646a-4341&gdpr_in_effect=0&gdpr_consent=
Request Chain 187
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=C13SF7H7S6OPP7j2SxY2ng%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 188
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2d811491-3403-4dc5-9367-a948602b734a%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=935aafec-4bc0-4340-8a19-bd7f02a666a6&ttd_puid=2d811491-3403-4dc5-9367-a948602b734a%2C%2C
Request Chain 191
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEI1REQyMTctQjFGQi00QkEzLThGM0YtQjhGNjRCMTYzNjlF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFVekcuTpBc-lgfGWfaj5A8&google_cver=1
Request Chain 193
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:49BAECB5249A4B74B3D94B2820C391F5
Request Chain 194
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=935aafec-4bc0-4340-8a19-bd7f02a666a6&gdpr=0&gdpr_consent=
Request Chain 197
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=525832562408744480&gdpr=0&gdpr_consent=
Request Chain 198
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=aea435a7-180a-4199-bdf7-aedae9b0669c
Request Chain 199
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=sWhHaNZoZyfL&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 200
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LS30LJR6-1Z-BJML&gdpr=0
Request Chain 201
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=krushmedia&user_id=52cd0cb0-9f66-5a9e-bc72-ec6f5759964b HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=&consent=&usp=&ssp=krushmedia&bsw=2a66c61c-2db3-4b9f-8483-c292eb5cc82a HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=&consent=&usp=&ssp=krushmedia&bsw=2a66c61c-2db3-4b9f-8483-c292eb5cc82a&chk=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=NjJmOTRmNjE2Njg5NTZkYw&gdpr=&gdpr_consent=&us_privacy=&ssp=krushmedia&bsw_param=2a66c61c-2db3-4b9f-8483-c292eb5cc82a HTTP 302
  • https://cs.krushmedia.com/e08dd6156d5e964da4fe396e97a25abc.gif?puid=2a66c61c-2db3-4b9f-8483-c292eb5cc82a HTTP 302
  • https://us.ck-ie.com/krshme82.gif?gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA]&coppa=[COPPA]&puid=52cd0cb0-9f66-5a9e-bc72-ec6f5759964b
Request Chain 202
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LS30LJAZ-1F-7RX9 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LS30LJAZ-1F-7RX9&ex=d-rubiconproject.com&status=ok
Request Chain 203
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS30LJAZ-1F-7RX9
Request Chain 204
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=aBsfFVHZTKywTpLXEL9Slg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aBsfFVHZTKywTpLXEL9Slg
Request Chain 205
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/SfC2UFO98nB8S4zJk93gtcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-1Hezxs5E2oLaQRA60Ae571BY7SCP_Zt.TjfRww--~A
Request Chain 206
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=935aafec-4bc0-4340-8a19-bd7f02a666a6&gdpr=0&gdpr_consent=&expires=30
Request Chain 207
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjYxODc1NzIyNjFiMmI3ZDA1YzdlMWFkNTU3MmM3MDUwZTNkOTY5OA
Request Chain 208
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LS30LJAZ-1F-7RX9&ex=d-rubiconproject.com&status=ok
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDZxinx0GjO0hlrVX_7xBCI&google_cver=1
Request Chain 211
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFMzMExKQVotMUYtN1JYOQ== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENu0eAdUiS28cKsF02ONE5A&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMzMExKUjYtMVotQkpNTA==&google_push=
Request Chain 212
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADWmU7LdskAABMbCN2CHw&expires=30
Request Chain 213
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LS30LJAZ-1F-7RX9 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LS30LJAZ-1F-7RX9
Request Chain 214
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LS30LJR6-1Z-BJML&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LS30LJR6-1Z-BJML&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1hQzY2bnA5RTJ1RXpIZDFjblVCWTJqNnRiZUFfT2pweH5B&ovsid=LS30LJR6-1Z-BJML&dpid=58160
Request Chain 215
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LS30LJR6-1Z-BJML&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LS30LJR6-1Z-BJML&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 216
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LS30LJAZ-1F-7RX9
Request Chain 217
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LS30LJAZ-1F-7RX9
Request Chain 218
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LS30LJAZ-1F-7RX9
Request Chain 221
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=525832562408744480&gdpr=0&gdpr_consent=
Request Chain 222
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEV21VN0xkc2tBQUJNYkNOMkNIdw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AADWmU7LdskAABMbCN2CHw&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
Request Chain 223
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZbtkbAABn5lYuwAg
Request Chain 225
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E&vxii_pid=12&vxii_pid1=10067&vxii_rcid=3ba50b95-95ad-4ce1-bfa3-6e5593618ddc
Request Chain 229
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Bp_PKgJE2uUmQKesg.fUNZkkcftZ0cE-~A&gdpr=0
Request Chain 230
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2f15aa26-92b4-4adc-a698-dbc5c1764a93&gdpr=0&gdpr_consent=
Request Chain 231
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8820268196091734302&gdpr=0&gdpr_consent=&us_privacy=

233 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.tuasaude.com/
Redirect Chain
  • http://tuasaude.com/
  • https://tuasaude.com/
  • https://www.tuasaude.com/
141 KB
22 KB
Document
General
Full URL
https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:5300:203:437:: , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
382b24ad719e3498fbfa6097e755f424f2a54c3ec3dd779802e76fa07c1360f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
cache-control
s-max-age=7200, stale-while-revalidate=2592000
content-encoding
gzip
content-length
22025
content-type
text/html; charset=utf-8
date
Thu, 01 Feb 2024 09:29:07 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
X-User-Agent-Mobile,X-User-Agent-Facebook,X-Requested-With,Spa,Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge

Redirect headers

cache-control
max-age=0
content-length
233
content-type
text/html; charset=iso-8859-1
date
Thu, 01 Feb 2024 09:29:07 GMT
location
https://www.tuasaude.com/
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
User-Agent
x-frame-options
ALLOWALL SAMEORIGIN
styles.min.css
static.tuasaude.com/resources/harmony/css/
330 KB
51 KB
Stylesheet
General
Full URL
https://static.tuasaude.com/resources/harmony/css/styles.min.css?v=1654
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
b8e0f1aa064e3b0bbfeee299209852b47bc75ffda2deb453591da930b3c8f8a0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
cdn-edgestorageid
1068
cdn-cachedat
01/31/2024 11:25:37
cdn-pullzone
113777
last-modified
Wed, 31 Jan 2024 11:25:26 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
x-frame-options
ALLOWALL, SAMEORIGIN
content-type
text/css; charset=utf-8
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
cdn-requestid
e838cbbd3ab6f0b17911acbe549ea7a9
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
logo-group-rdor-white.png
static.tuasaude.com/layout/harmony/img/
4 KB
5 KB
Image
General
Full URL
https://static.tuasaude.com/layout/harmony/img/logo-group-rdor-white.png
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
590ec920f36aa1901c72013f82a86891dcf6584db069e3900104456f0f9ae1d7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
6615
cdn-edgestorageid
940
x-bo-processingtime
0
cdn-cachedat
10/31/2023 19:15:06
cdn-pullzone
113777
content-length
4194
x-bo-server
LA-221
last-modified
Tue, 31 Oct 2023 19:15:06 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
69
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
36.6%
cdn-requestid
7b24b0f2e9e8eeff96fc4ca5f3075b7b
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
logo-tuasaude.png
static.tuasaude.com/layout/harmony/img/
2 KB
2 KB
Image
General
Full URL
https://static.tuasaude.com/layout/harmony/img/logo-tuasaude.png
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
6672c66da37c824863f5c87967540777ffc1043f7c9f4aa49c4605cb0e98fa87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
2117
cdn-edgestorageid
845
x-bo-processingtime
0
cdn-cachedat
10/31/2023 18:51:40
cdn-pullzone
113777
content-length
1694
x-bo-server
LA-236
last-modified
Tue, 31 Oct 2023 18:51:40 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
69
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
19.98%
cdn-requestid
6c5cb5eb45b1aae9e3759b86d38aba62
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
dengue_63752_l.webp
static.tuasaude.com/media/article/pc/dw/
20 KB
20 KB
Image
General
Full URL
https://static.tuasaude.com/media/article/pc/dw/dengue_63752_l.webp
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
33ede053d1bfa921c3b4fc4fe6aff4e660632b8f008cbae4c09997f94e82e7a7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
19546
cdn-edgestorageid
940
x-bo-processingtime
2
cdn-cachedat
12/04/2023 14:48:02
cdn-pullzone
113777
content-length
20466
x-bo-server
LA-237
last-modified
Mon, 04 Dec 2023 14:48:02 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
68
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
0%
cdn-requestid
541676cbded86a115f606d02ca427596
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
leucemia-mieloide-aguda_38311_l.webp
static.tuasaude.com/media/article/vt/wq/
19 KB
19 KB
Image
General
Full URL
https://static.tuasaude.com/media/article/vt/wq/leucemia-mieloide-aguda_38311_l.webp
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
7611d2c5603f8d7109b7af8494acbe4b7a47351494046907088e73fbd9cd0afc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
18158
cdn-edgestorageid
845
x-bo-processingtime
2
cdn-cachedat
01/29/2024 14:58:41
cdn-pullzone
113777
content-length
19388
x-bo-server
LA-244
last-modified
Mon, 29 Jan 2024 14:58:41 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
69
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
0%
cdn-requestid
ed669aff000e74b9dc3499430970f5d7
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
rdor-multiple-doctors-badge.png
static.tuasaude.com/layout/harmony/img/
1 KB
2 KB
Image
General
Full URL
https://static.tuasaude.com/layout/harmony/img/rdor-multiple-doctors-badge.png
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
51c26a4edf83b71291b96f28986daca11436ea7bcb5fa634dc8e306eb85bf2bf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
3055
cdn-edgestorageid
1068
x-bo-processingtime
0
cdn-cachedat
08/31/2023 17:28:26
cdn-pullzone
113777
content-length
1190
x-bo-server
LA-244
last-modified
Thu, 31 Aug 2023 17:28:26 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
71
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
61.05%
cdn-requestid
aa1851a62a57fb8c046d0d7efce3ae6c
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
rdor-multiple-insurances-badge.png
static.tuasaude.com/layout/harmony/img/
1 KB
2 KB
Image
General
Full URL
https://static.tuasaude.com/layout/harmony/img/rdor-multiple-insurances-badge.png
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
93bdb3f5a6a46c705613077b00b0fa5bd61898c8e84949fc65eb70d4c07281b2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
2007
cdn-edgestorageid
1070
x-bo-processingtime
0
cdn-cachedat
08/31/2023 17:28:27
cdn-pullzone
113777
content-length
1218
x-bo-server
LA-240
last-modified
Thu, 31 Aug 2023 17:28:26 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
71
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
39.31%
cdn-requestid
339ef70c8401a76826bd43197a714eca
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
logo-tuasaude-rdor-white.png
static.tuasaude.com/layout/harmony/img/
1 KB
2 KB
Image
General
Full URL
https://static.tuasaude.com/layout/harmony/img/logo-tuasaude-rdor-white.png?x=1
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
974e7726b5f9671b9a1bdb1c14e9cc52f41f12d5a7adb35aa2547ecc3b120fd2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
2453
cdn-edgestorageid
871
x-bo-processingtime
0
cdn-cachedat
08/12/2023 18:26:01
cdn-pullzone
113777
content-length
1514
x-bo-server
LA-244
last-modified
Sat, 12 Aug 2023 18:26:00 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
75
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
38.28%
cdn-requestid
86f9e1a0dad5b579b376bd0cec63d52f
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
banner-find-doctor-woman-full.png
static.tuasaude.com/layout/harmony/img/
25 KB
25 KB
Image
General
Full URL
https://static.tuasaude.com/layout/harmony/img/banner-find-doctor-woman-full.png?x=5
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
82d4ec3522b13392f7ec804249564b8c72704d0ffe94ceb7b2d056b5d67cec27

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
201624
cdn-edgestorageid
718
x-bo-processingtime
2
cdn-cachedat
01/08/2024 11:39:31
cdn-pullzone
113777
content-length
25608
x-bo-server
LA-244
last-modified
Mon, 08 Jan 2024 11:39:31 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
70
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
87.3%
cdn-requestid
441ad52ecbdb6f6df41d30e22f695746
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
scripts.min.js
static.tuasaude.com/resources/harmony/js/
128 KB
33 KB
Script
General
Full URL
https://static.tuasaude.com/resources/harmony/js/scripts.min.js?v=1654
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
6d8ad294d31414d322c34bc442f77da851847ebd0a44b5d867e06358783d5653
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
cdn-edgestorageid
1068
cdn-cachedat
01/31/2024 11:25:37
cdn-pullzone
113777
last-modified
Wed, 31 Jan 2024 11:25:26 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
x-frame-options
ALLOWALL, SAMEORIGIN
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
cdn-requestid
72d48eeb5f45b934bb1b74d526a949c2
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
gpt.js
www.googletagservices.com/tag/js/
98 KB
30 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ca974f6ef834764cabf96a57be6a0a2c73ecc84aec3f65e4042535ccb9fe62a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29768
x-xss-protection
0
server
cafe
etag
703 / 19754 / m202401250101 / config-hash: 12567613332308686594
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 01 Feb 2024 09:29:09 GMT
apstag.js
c.amazon-adsystem.com/aax2/
283 KB
71 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.49.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-49-33.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 08:37:39 GMT
content-encoding
gzip
via
1.1 8d6071bd169bbf5fd46638140132b1d0.cloudfront.net (CloudFront), 1.1 266cd0ca40a2604d8ba51f8173b83662.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 20:58:12 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, YUL62-C2
age
3091
x-amz-server-side-encryption
AES256
etag
W/"40d0d68b26a97aab8ab324d2c4d4ad42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
H0IPTmUgOPnzh4bmp6y8bEFlkf9BgsYk5cc2tJDjj8Nzk_tiir8pKw==
ts.woff2
static.tuasaude.com/resources/harmony/fonts/
9 KB
10 KB
Font
General
Full URL
https://static.tuasaude.com/resources/harmony/fonts/ts.woff2?v=2024-01-30
Requested by
Host: static.tuasaude.com
URL: https://static.tuasaude.com/resources/harmony/css/styles.min.css?v=1654
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
df6083bf3cb678020b164c4604c4022c7477463f5d7d04f791d696a3cf947cbc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL, SAMEORIGIN

Request headers

Referer
https://static.tuasaude.com/resources/harmony/css/styles.min.css?v=1654
Origin
https://www.tuasaude.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
1069
cdn-cachedat
01/31/2024 11:25:38
cdn-pullzone
113777
content-length
9136
last-modified
Wed, 31 Jan 2024 11:25:26 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
206
x-frame-options
ALLOWALL, SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
5f69fed21f033146db9b0ff1965044c1
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
Rubik-Medium.ttf
static.tuasaude.com/fonts/harmony/
122 KB
62 KB
Font
General
Full URL
https://static.tuasaude.com/fonts/harmony/Rubik-Medium.ttf
Requested by
Host: static.tuasaude.com
URL: https://static.tuasaude.com/resources/harmony/css/styles.min.css?v=1654
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
df17aec2792d6f1fd1772dbfc95577c98f2bcac431441afad7720b6fe6a44ae4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://static.tuasaude.com/resources/harmony/css/styles.min.css?v=1654
Origin
https://www.tuasaude.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
cdn-edgestorageid
941
cdn-cachedat
12/28/2023 20:23:25
cdn-pullzone
113777
last-modified
Fri, 24 Feb 2023 16:55:22 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/ttf
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
a7a98660fa151ea53777a2654aab2afb
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
Rubik-SemiBold.ttf
static.tuasaude.com/fonts/harmony/
122 KB
62 KB
Font
General
Full URL
https://static.tuasaude.com/fonts/harmony/Rubik-SemiBold.ttf
Requested by
Host: static.tuasaude.com
URL: https://static.tuasaude.com/resources/harmony/css/styles.min.css?v=1654
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
029548e6933ae9083b9be422ed6f21b9c6f492d7f1649df1b04a6fbd64f9e425
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://static.tuasaude.com/resources/harmony/css/styles.min.css?v=1654
Origin
https://www.tuasaude.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
cdn-edgestorageid
1069
cdn-cachedat
10/31/2023 19:42:00
cdn-pullzone
113777
last-modified
Fri, 24 Feb 2023 16:55:22 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/ttf
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
8dac4accc10a17c0235dfce61df19740
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
Rubik-Regular.ttf
static.tuasaude.com/fonts/harmony/
122 KB
62 KB
Font
General
Full URL
https://static.tuasaude.com/fonts/harmony/Rubik-Regular.ttf
Requested by
Host: static.tuasaude.com
URL: https://static.tuasaude.com/resources/harmony/css/styles.min.css?v=1654
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
6130b0b996b9206b3a3a3882177a56f3b11aa70074feb1a6a9367539bccbfee6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://static.tuasaude.com/resources/harmony/css/styles.min.css?v=1654
Origin
https://www.tuasaude.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
cdn-edgestorageid
1069
cdn-cachedat
12/12/2023 23:11:05
cdn-pullzone
113777
last-modified
Fri, 24 Feb 2023 16:55:22 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/ttf
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
44aedd2fa15c16c4654e19bbb3784094
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
vacina-contra-dengue_15108_m.webp
static.tuasaude.com/media/article/jz/ul/
11 KB
11 KB
Image
General
Full URL
https://static.tuasaude.com/media/article/jz/ul/vacina-contra-dengue_15108_m.webp
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
ed145e651386bef987a862bb9cef6e110decf46bc12e00d0e1298c31672113bc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
10950
cdn-edgestorageid
718
x-bo-processingtime
1
cdn-cachedat
01/28/2024 16:56:41
cdn-pullzone
113777
content-length
10836
x-bo-server
LA-236
last-modified
Sun, 28 Jan 2024 16:56:41 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
69
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
1.04%
cdn-requestid
e450387ea5f4461722b97befef456514
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
sintomas-da-compulsao-alimentar_55319_m.webp
static.tuasaude.com/media/article/es/vm/
9 KB
9 KB
Image
General
Full URL
https://static.tuasaude.com/media/article/es/vm/sintomas-da-compulsao-alimentar_55319_m.webp
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
ec60bd8c0ab96c9df66c498adc2c85dec31f9e076d988dc76db98684c32c73a0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
9074
cdn-edgestorageid
1070
x-bo-processingtime
0
cdn-cachedat
01/23/2024 01:46:52
cdn-pullzone
113777
content-length
8928
x-bo-server
LA-244
last-modified
Tue, 23 Jan 2024 01:46:52 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
70
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
1.61%
cdn-requestid
13a0382eca22f1de014de8e2c496052e
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
camisinha_15668_m.webp
static.tuasaude.com/media/article/tp/6h/
17 KB
18 KB
Image
General
Full URL
https://static.tuasaude.com/media/article/tp/6h/camisinha_15668_m.webp
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
4f0774541d8c5075dfef4b5d9c5a9781dee68fb8452ecd9e3b36ba774ca1a590

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
18188
cdn-edgestorageid
1067
x-bo-processingtime
1
cdn-cachedat
01/23/2024 10:14:39
cdn-pullzone
113777
content-length
17734
x-bo-server
LA-241
last-modified
Tue, 23 Jan 2024 10:14:39 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
90
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
2.5%
cdn-requestid
6eef0a3fa4d0b8f9b8b48298fcd25341
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
neurite-optica_29629_m.webp
static.tuasaude.com/media/article/qz/vx/
8 KB
8 KB
Image
General
Full URL
https://static.tuasaude.com/media/article/qz/vx/neurite-optica_29629_m.webp
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
bedfa12913a6487557445a837e0b2711473b76c454614371985251fcfec6ce13

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
7322
cdn-edgestorageid
1067
x-bo-processingtime
0
cdn-cachedat
01/30/2024 15:22:15
cdn-pullzone
113777
content-length
7888
x-bo-server
LA-241
last-modified
Tue, 30 Jan 2024 15:22:15 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
70
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
0%
cdn-requestid
e4def03fe7807d0fe64c8bfeddac0cfe
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
657c77cc59e2e.jpg
static.tuasaude.com/media/theme/ju/tl/
219 KB
219 KB
Image
General
Full URL
https://static.tuasaude.com/media/theme/ju/tl/657c77cc59e2e.jpg
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
b4289fc38477e0b9a16f4f7fa3c6a2cfef39bcb6f09d163f4150f8c09400dbd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
818629
cdn-edgestorageid
941
x-bo-processingtime
16
cdn-cachedat
12/15/2023 16:02:25
cdn-pullzone
113777
content-length
223794
x-bo-server
LA-237
last-modified
Fri, 15 Dec 2023 16:02:24 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
141
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
72.66%
cdn-requestid
88bde415b98ebf55f2d1d819b453cf7c
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
657c7caadab2e.jpg
static.tuasaude.com/media/theme/mr/kd/
374 KB
374 KB
Image
General
Full URL
https://static.tuasaude.com/media/theme/mr/kd/657c7caadab2e.jpg
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
ca3d2caaa7e2036445ed39e948a6f1e7e4aebcaeab56cacf632c07d991f97a59

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
1220276
cdn-edgestorageid
940
x-bo-processingtime
16
cdn-cachedat
12/15/2023 16:21:43
cdn-pullzone
113777
content-length
382778
x-bo-server
LA-241
last-modified
Fri, 15 Dec 2023 16:21:43 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
209
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
68.63%
cdn-requestid
0d71d45f38b0d5dca6b6e30460b873cb
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
657c7d3f0bbb8.jpg
static.tuasaude.com/media/theme/kl/if/
245 KB
246 KB
Image
General
Full URL
https://static.tuasaude.com/media/theme/kl/if/657c7d3f0bbb8.jpg
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
3655530d4f9d9fd5a26b438174ae835607e9f8b5a037a0030d76090565517f26

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
858425
cdn-edgestorageid
845
x-bo-processingtime
14
cdn-cachedat
12/18/2023 00:39:03
cdn-pullzone
113777
content-length
250802
x-bo-server
LA-240
last-modified
Mon, 18 Dec 2023 00:39:03 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
143
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
70.78%
cdn-requestid
647c0bf6d816b211ddb1d8419793d1cc
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
657c7d6bab7dd.jpg
static.tuasaude.com/media/theme/mf/jw/
328 KB
328 KB
Image
General
Full URL
https://static.tuasaude.com/media/theme/mf/jw/657c7d6bab7dd.jpg
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
d0a9573ec0ff3170d5c1823ace7d1e4da3a9ead553899bac177f5765672a7517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
1038168
cdn-edgestorageid
1069
x-bo-processingtime
14
cdn-cachedat
12/15/2023 16:23:26
cdn-pullzone
113777
content-length
335544
x-bo-server
LA-241
last-modified
Fri, 15 Dec 2023 16:23:26 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
144
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
67.68%
cdn-requestid
343e6fe325edbd1f0d11eb24e73b5aa9
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
misoprostol-cytotec_16215_m.webp
static.tuasaude.com/media/article/ij/ro/
4 KB
5 KB
Image
General
Full URL
https://static.tuasaude.com/media/article/ij/ro/misoprostol-cytotec_16215_m.webp
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
00e766390b8dac53213575375ac0a9d5d2db8de96af998570b7c82b276ea4666

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
4444
cdn-edgestorageid
941
x-bo-processingtime
0
cdn-cachedat
01/29/2024 01:27:52
cdn-pullzone
113777
content-length
4338
x-bo-server
LA-240
last-modified
Mon, 29 Jan 2024 01:27:52 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
69
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
2.39%
cdn-requestid
ac54c75cdd579f292ba8265dbe03eef9
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
como-calcular-imc-infantil_4024_m.webp
static.tuasaude.com/media/article/p5/o4/
14 KB
14 KB
Image
General
Full URL
https://static.tuasaude.com/media/article/p5/o4/como-calcular-imc-infantil_4024_m.webp
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
36eca59a20fd826ca7e79c3a4c51de839b9e5b774b6f6662d6e2c53fb3b5b18f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
14500
cdn-edgestorageid
1069
x-bo-processingtime
1
cdn-cachedat
01/30/2024 11:53:20
cdn-pullzone
113777
content-length
14024
x-bo-server
LA-221
last-modified
Tue, 30 Jan 2024 11:53:20 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
86
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
3.28%
cdn-requestid
44b0ffc4f8bfc8a32a00fd5f33f9938e
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
proteina-c-reativa_22203_m.webp
static.tuasaude.com/media/article/bc/ca/
8 KB
9 KB
Image
General
Full URL
https://static.tuasaude.com/media/article/bc/ca/proteina-c-reativa_22203_m.webp
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
0db140656425451b7a0dc41ba473789d24ef841fcfb3dd3768d4e66be077ad4a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
8456
cdn-edgestorageid
871
x-bo-processingtime
0
cdn-cachedat
02/01/2024 03:25:01
cdn-pullzone
113777
content-length
8274
x-bo-server
LA-244
last-modified
Thu, 01 Feb 2024 03:25:01 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
71
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
2.15%
cdn-requestid
83e4601947437eaa8134e417384d5963
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
como-calcular-o-gasto-calorico_25184_m.webp
static.tuasaude.com/media/article/ny/hp/
14 KB
14 KB
Image
General
Full URL
https://static.tuasaude.com/media/article/ny/hp/como-calcular-o-gasto-calorico_25184_m.webp
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
5375d866257acc6b4eefbc17a3dff56e6533f4666d1ddf82bd41da0873c8d179

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
14486
cdn-edgestorageid
940
x-bo-processingtime
1
cdn-cachedat
01/03/2024 09:39:26
cdn-pullzone
113777
content-length
14188
x-bo-server
LA-242
last-modified
Wed, 03 Jan 2024 09:39:26 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
72
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
2.06%
cdn-requestid
25496b4ae1829f10ea8bf86053980fa4
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
tabela-para-saber-o-sexo-do-bebe_60834_m.webp
static.tuasaude.com/media/article/xg/tq/
14 KB
14 KB
Image
General
Full URL
https://static.tuasaude.com/media/article/xg/tq/tabela-para-saber-o-sexo-do-bebe_60834_m.webp
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
73580c7d0159344bf2d1ef7474a9e961996f4aab94b38f28f84c0024a8440d56

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
14460
cdn-edgestorageid
941
x-bo-processingtime
1
cdn-cachedat
02/01/2024 04:58:57
cdn-pullzone
113777
content-length
14214
x-bo-server
LA-221
last-modified
Thu, 01 Feb 2024 04:58:57 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
70
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
1.7%
cdn-requestid
4fd41c8e2512c13b7d787df6c2917225
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
remedios-para-vermes_24835_m.webp
static.tuasaude.com/media/article/cw/gm/
7 KB
7 KB
Image
General
Full URL
https://static.tuasaude.com/media/article/cw/gm/remedios-para-vermes_24835_m.webp
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
04473f08a550c0b8b92ea45ea1007d2a5c47d9a11c80d0091eb55983ad6143d1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
7362
cdn-edgestorageid
718
x-bo-processingtime
0
cdn-cachedat
04/10/2023 12:37:30
cdn-pullzone
113777
content-length
7192
x-bo-server
LA-242
last-modified
Mon, 10 Apr 2023 12:37:30 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.03
cdn-requestpullcode
200
x-bo-origindownloadtime
67
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
2.31%
cdn-requestid
e9c5f5e15ac8407deea8ce49625a3773
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
original.png
static.tuasaude.com/media/topic_subject_element/tz/sh/65a13a0b67c08/
36 KB
36 KB
Image
General
Full URL
https://static.tuasaude.com/media/topic_subject_element/tz/sh/65a13a0b67c08/original.png
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
aa2bab1d6453ef28754df24807c2d48cd309f311a30d609d9123644e502f8046

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
105300
cdn-edgestorageid
1067
x-bo-processingtime
7
cdn-cachedat
01/12/2024 13:23:57
cdn-pullzone
113777
content-length
36408
x-bo-server
LA-221
last-modified
Fri, 12 Jan 2024 13:23:57 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
75
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
65.42%
cdn-requestid
d142cb6b16be1a75c27f8e89133b1c87
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
l.jpg
static.tuasaude.com/media/topic_subject_element/dl/ye/63f5e2eacfd8e/
25 KB
26 KB
Image
General
Full URL
https://static.tuasaude.com/media/topic_subject_element/dl/ye/63f5e2eacfd8e/l.jpg
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
0ea5d5b963a524c63f0060d4481921b45a93f73fd826f58d4cbefb3740f3a02f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
129015
cdn-edgestorageid
1029
x-bo-processingtime
5
cdn-cachedat
01/27/2024 15:00:04
cdn-pullzone
113777
content-length
25980
x-bo-server
LA-221
last-modified
Sat, 27 Jan 2024 15:00:04 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
69
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
79.86%
cdn-requestid
4b0f79558603bce69d433aa64de331ba
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
l.jpg
static.tuasaude.com/media/topic_subject_element/up/hr/63be865ea692e/
50 KB
50 KB
Image
General
Full URL
https://static.tuasaude.com/media/topic_subject_element/up/hr/63be865ea692e/l.jpg
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
c8ffd0483cb87037b735d0a28e75da79edcb55040c39936d5e62ef206e8da38e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
192414
cdn-edgestorageid
845
x-bo-processingtime
7
cdn-cachedat
01/03/2024 14:54:24
cdn-pullzone
113777
content-length
51074
x-bo-server
LA-242
last-modified
Wed, 03 Jan 2024 14:54:24 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
70
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
73.46%
cdn-requestid
8ef5418e5c7040fa1acedb746310bd0a
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
l.jpg
static.tuasaude.com/media/topic_subject_element/tu/ie/64c8ed5149e9b/
36 KB
37 KB
Image
General
Full URL
https://static.tuasaude.com/media/topic_subject_element/tu/ie/64c8ed5149e9b/l.jpg
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
6ee04346ea6d6b67889969ec6ad3e62c3f0a3c6139417e3bd6fa40b15e63d46b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
166192
cdn-edgestorageid
871
x-bo-processingtime
9
cdn-cachedat
11/26/2023 00:30:19
cdn-pullzone
113777
content-length
37370
x-bo-server
LA-244
last-modified
Sun, 26 Nov 2023 00:30:19 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
70
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
77.51%
cdn-requestid
19a0354c185e5f91317d9e331fdf6643
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
l.jpg
static.tuasaude.com/media/topic_subject_element/dj/hu/64c8edb250f4b/
37 KB
38 KB
Image
General
Full URL
https://static.tuasaude.com/media/topic_subject_element/dj/hu/64c8edb250f4b/l.jpg
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
e9a00a25b65067adc3188475b310d848aa3b84f67d0b309007d7249622e40070

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
166077
cdn-edgestorageid
1070
x-bo-processingtime
6
cdn-cachedat
08/01/2023 11:34:11
cdn-pullzone
113777
content-length
38226
x-bo-server
LA-242
last-modified
Tue, 01 Aug 2023 11:34:11 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
84
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
76.98%
cdn-requestid
9bf2b955860f5da88aded234936f2877
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
l.jpg
static.tuasaude.com/media/topic_subject_element/bh/tl/64c8ed89844f9/
31 KB
31 KB
Image
General
Full URL
https://static.tuasaude.com/media/topic_subject_element/bh/tl/64c8ed89844f9/l.jpg
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
72eca2dc8243007f7ecc2329b5a32a9a6c3dd1d18dbfa78069776f84d86bd810

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
143305
cdn-edgestorageid
1067
x-bo-processingtime
7
cdn-cachedat
01/20/2024 00:52:00
cdn-pullzone
113777
content-length
31386
x-bo-server
LA-240
last-modified
Sat, 20 Jan 2024 00:52:00 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
70
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
78.1%
cdn-requestid
b435fd913eb9e2419c4be62b0b3c52e9
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
l.jpg
static.tuasaude.com/media/topic_subject_element/hx/qf/63b3081f5446e/
36 KB
37 KB
Image
General
Full URL
https://static.tuasaude.com/media/topic_subject_element/hx/qf/63b3081f5446e/l.jpg
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
7985d75dbaeedfa0494d934b3d3754602e5b2c345d2a68c0dc680cc974a61029

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
157863
cdn-edgestorageid
1067
x-bo-processingtime
6
cdn-cachedat
01/08/2024 13:25:07
cdn-pullzone
113777
content-length
37086
x-bo-server
LA-236
last-modified
Mon, 08 Jan 2024 13:25:07 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
70
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
76.51%
cdn-requestid
4a6ca93a1e5226ebb92c72c875f238df
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
hotjar-528857.js
static.hotjar.com/c/
12 KB
5 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-528857.js?sv=6
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-96.yul62.r.cloudfront.net
Software
/
Resource Hash
47d24db335482f177a1e8b3263c3f96be06366a1a307503e60c555d32ab2d937
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 01 Feb 2024 09:29:09 GMT
via
1.1 bccdd9eb44a87c0c46b5374545a79a04.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
age
34
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/413c9a0ed3cb69de9557e64a8f61bc48
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
wY8anmSkh6ipbmMO1b0hHHsxKpiC3cW6AqY0yv99g95aBcRWxSsgcQ==
gtm.js
www.googletagmanager.com/
309 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N8S2MQM&l=crossDataLayer
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c7dadce1106c1f8289bb8620173727c0385fedba8681b4e93bacb4b7ef173b80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91374
x-xss-protection
0
last-modified
Thu, 01 Feb 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Feb 2024 09:29:09 GMT
gtm.js
www.googletagmanager.com/
236 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P8PXWDX&l=tsDataLayer
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cb261abb3b3ece858b03bd5516db8887467b20515195ca15bd3a7020ebbfff09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80253
x-xss-protection
0
last-modified
Thu, 01 Feb 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Feb 2024 09:29:09 GMT
original.jpg
static.tuasaude.com/media/topic_subject_element/cj/dv/649eeaa7df526/
41 KB
41 KB
Image
General
Full URL
https://static.tuasaude.com/media/topic_subject_element/cj/dv/649eeaa7df526/original.jpg
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
25788721fd0396ed6c4037d6031619f4516d0b7014f4a1d8ff87e72e831dba45

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
391564
cdn-edgestorageid
1068
x-bo-processingtime
9
cdn-cachedat
07/27/2023 23:30:41
cdn-pullzone
113777
content-length
41870
x-bo-server
LA-220
last-modified
Thu, 27 Jul 2023 23:30:40 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
149
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
89.31%
cdn-requestid
2d837c32a651d046d853c3da86344230
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
original.jpg
static.tuasaude.com/media/topic_subject_element/ro/zn/649eeab6146f5/
43 KB
44 KB
Image
General
Full URL
https://static.tuasaude.com/media/topic_subject_element/ro/zn/649eeab6146f5/original.jpg
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
00e055020368816daf8c19674e3d5e109ea891718d2b2f833777ee3fdc90a338

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:08 GMT
x-downloadsize
602697
cdn-edgestorageid
1029
x-bo-processingtime
12
cdn-cachedat
01/09/2024 03:13:12
cdn-pullzone
113777
content-length
44434
x-bo-server
LA-240
last-modified
Tue, 09 Jan 2024 03:13:11 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
476
content-type
image/webp
cdn-cache
HIT
cdn-uid
b190520a-8459-484f-95dd-26ba4984e846
cache-control
public, max-age=31919000
x-bo-compressionratio
92.63%
cdn-requestid
59a1656c31d066a93fd46da2f634fa7d
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/
436 KB
137 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:21:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
487
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139565
x-xss-protection
0
server
cafe
etag
12534472742743793976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 31 Jan 2025 09:21:02 GMT
fbd71602-861a-434f-bce7-5c91ff7aeff8
config.aps.amazon-adsystem.com/configs/
564 B
831 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/fbd71602-861a-434f-bce7-5c91ff7aeff8
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-94.yul62.r.cloudfront.net
Software
CloudFront /
Resource Hash
4e9e9b49b3150784d7ed7f1f12094309babd4950d74d868de13ffcec06b4bedd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 08:49:45 GMT
via
1.1 612d3e065148a94cbbe94139733f662e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
age
2365
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
omJXK4Ju3Q1RhetGQPdRFwSlsxha_CVhInFWR2IgYpPMyiGyeL2EDA==
config
c.amazon-adsystem.com/cdn/prod/
0
313 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.tuasaude.com&pubid=fbd71602-861a-434f-bce7-5c91ff7aeff8
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.49.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-49-33.yul62.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 08:23:12 GMT
via
1.1 266cd0ca40a2604d8ba51f8173b83662.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C2
age
3957
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.tuasaude.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
OIXVfze4Pp3NoCRfACm_7Lyu_BjPpUKAEOdJ6Q9ZWlZM2V9kTIRKYQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.49.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-49-33.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 18b0fca4845f3542d7f0566683e26626.cloudfront.net (CloudFront)
date
Thu, 01 Feb 2024 06:25:36 GMT
x-amz-cf-pop
YUL62-C2
age
11015
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
O_Xt7B2FF0hzd-8L0E_gToV-rQNofeVXzk5PtxRRoodbWYGmNBlM3g==
modules.bab19612e24942353c1e.js
script.hotjar.com/
218 KB
55 KB
Script
General
Full URL
https://script.hotjar.com/modules.bab19612e24942353c1e.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-528857.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-57.yul62.r.cloudfront.net
Software
/
Resource Hash
aace7956dd8e29280f2d8c46b39d938b9607d1443b68cbc7d00f35fa10c406a9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 11:44:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 43334f58904cd7106ee523ee0361b402.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
78304
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55412
last-modified
Wed, 31 Jan 2024 11:43:23 GMT
etag
"63d5bf255810dc6e5fc983b4254c3c09"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
oV1yXNDGqLFEkvCdBMcwv4-yfAyhpmNYNVk0RIZuuNTOAGf3WlK6Xw==
js
www.googletagmanager.com/gtag/
282 KB
93 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VJN3X16J7Y&l=tsDataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8PXWDX&l=tsDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7af97b8b19167a608044fccb672e2fd97a4ec50492691839752b46d91c2cec5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94857
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Feb 2024 09:29:09 GMT
f88e5c4258645d30350f16dd53718970.js
geo.cookie-script.com/s/
213 KB
30 KB
Script
General
Full URL
https://geo.cookie-script.com/s/f88e5c4258645d30350f16dd53718970.js?country=us-af-al-dz-as-ad-ao-ai-aq-ag-ar-am-aw-au-az-bs-bh-bd-bb-by-bz-bj-bm-bt-bo-bq-ba-bw-bv-br-io-bn-bf-bi-cv-kh-cm-ca-ky-cf-td-cl-cn-cx-cc-co-km-cd-cg-ck-cr-cu-cw-ci-dj-dm-do-ec-eg-sv-gq-er-sz-et-fk-fo-fj-gf-pf-tf-ga-gm-ge-gi-gh-gl-gd-gp-gu-gt-gg-gn-gw-gy-ht-hm-va-hn-hk-is-in-id-ir-iq-im-il-jm-jp-je-jo-kz-ke-ki-kp-kr-kw-kg-la-lb-ls-lr-ly-li-mo-mg-mw-my-mv-ml-mh-mq-mr-mu-yt-mx-fm-md-mc-mn-me-ms-ma-mz-mm-na-np-nr-nc-nz-ni-ne-ng-nu-nf-mp-no-om-pk-pw-ps-pa-pg-py-pe-ph-pn-pr-qa-mk-ru-rw-re-bl-sh-kn-lc-mf-pm-vc-ws-sm-st-sa-sn-rs-sc-sl-sx-sg-sb-so-za-gs-ss-lk-sd-sr-sj-ch-sy-tw-tj-tz-th-tl-tg-tk-to-tt-tn-tr-tm-tc-tv-ua-ug-ae-um-uy-uz-vu-ve-vn-vg-vi-wf-eh-ye-zm-zw-ax
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8PXWDX&l=tsDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.226.136.4 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
042b7d00ca0f379dbbb7481252f962201031a0f2dc9799527d7d136a12546ae3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 01 Feb 2024 09:29:10 GMT
content-encoding
gzip
last-modified
Wed, 31 Jan 2024 15:30:15 GMT
x-cache-status
HIT
content-type
application/javascript
4250.js
script.crazyegg.com/pages/scripts/0075/
6 KB
2 KB
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0075/4250.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8PXWDX&l=tsDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74f14362693befca74ad6882a3e6f048743408b954813c1c3498a2e95004d135

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:10 GMT
content-encoding
gzip
cf-cache-status
HIT
age
30512
cf-polished
origSize=6112
ce-version
11.5.172
cf-bgj
minify
last-modified
Thu, 01 Feb 2024 01:00:38 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
84e92b1dfc2b36ab-YYZ
core.js
s.pinimg.com/ct/
5 KB
2 KB
Script
General
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:79::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3e376deaeb30858026260be3d2bd058d03c0b007cb7133c0d6fea15d775afd86

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:10 GMT
content-encoding
br
x-cdn
fastly
etag
"ba3486175e2b68724e3b47a025fadde7"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=7200
alt-svc
h3=":443";ma=600
content-length
1861
js
www.googletagmanager.com/gtag/
261 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KMLKQF5N2B&l=crossDataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8S2MQM&l=crossDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6da79300102cf0298246c53fa6a72b5d526c1ff506733cf537ea5889ce17e8d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90522
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Feb 2024 09:29:09 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8S2MQM&l=crossDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 01 Feb 2024 09:12:27 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1003
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 01 Feb 2024 11:12:27 GMT
bid
aax.amazon-adsystem.com/e/dtb/
207 B
541 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.tuasaude.com%2F&pid=lXJG3DKMoCXjH&cb=0&ws=1600x1200&v=24.117.1925&t=2000&slots=%5B%7B%22sd%22%3A%22divGptAd_ts_mrec_sidebar%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F92076944%2FTS-Mrec-Sidebar%22%7D%2C%7B%22sd%22%3A%22divGptAd_ts_sticky_footer_mobile%22%2C%22s%22%3A%5B%22320x50%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F92076944%2FTS-STICKY-FOOTER-MOBILE%22%7D%2C%7B%22sd%22%3A%22divGptAd_ts_sticky_footer_desktop%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22%2F92076944%2FTS-STICKY-FOOTER-DESKTOP%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=fbd71602-861a-434f-bce7-5c91ff7aeff8&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
0feb535616a6ad1e694fbb599d9f9b311ae3a0a83351489679b4f615fe38889d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:10 GMT
via
1.1 dc2de227a66d49eadfba1450eb6faa90.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.tuasaude.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
207
x-amz-cf-id
5SS2ysiTMqF0iMMc2wETkcxzc3FfAhLOAR1Lo8tad86EzJDbmK3Ptg==
92076944
fundingchoicesmessages.google.com/i/
183 KB
61 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/92076944?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3b4da84cd97e5f50e5836241ca182b802c8a50cc9a267833aae22d3167b00c52
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-WNuWoMcJmgU6FpawPS0nXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-WNuWoMcJmgU6FpawPS0nXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJwNxT0LQWEYBuBznjxCOsmE2SATm5nFYFGKIpOSLCZZyMA_kPcdbDIJi8HgBxhELBIDg3MQFh8Lg3u4umxT1W_zKBGfR1mG97SBlfdEW6gqOjXhkNTpDAGfQSEoFQ2qgPo7kxUerws53hdygR8e7it9YBKLmm5JwVpKsLmCIVsTXAJtKDg4EjyeC55CxhCcgy5L7kMrLrkDjbTkNoTzkhPwLEj-Qnm34Bo47RZ9dh-YHfVjb01_g5xVLQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
www.tuasaude.com.json
script.crazyegg.com/pages/data-scripts/0075/4250/site/
5 KB
2 KB
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0075/4250/site/www.tuasaude.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0075/4250.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0dd723d13f2ae375d25a3b2e5c305b07e5e657db2c118b950e4161eb94c35ca

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:10 GMT
content-encoding
gzip
cf-cache-status
HIT
age
30511
ce-version
11.5.172
content-length
1784
last-modified
Thu, 01 Feb 2024 01:00:39 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84e92b220c4836a8-YYZ
collect
www.google-analytics.com/j/
4 B
210 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=943008817&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tuasaude.com%2F&ul=en-us&de=UTF-8&dt=Tua%20Sa%C3%BAde%20-%20Informa%C3%A7%C3%A3o%20de%20confian%C3%A7a%20sobre%20sa%C3%BAde%2C%20nutri%C3%A7%C3%A3o%20e%20bem%20estar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACEABFAAAACAAI~&jid=969867716&gjid=549136450&cid=1136395905.1706779750&tid=UA-130025901-22&_gid=1663641267.1706779750&_r=1&_slc=1&gtm=45He41v0n81N8S2MQMv866807259&gcs=G111&gcd=11t1t1p1p5&dma_cps=-&dma=0&npa=1&z=856273526
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tuasaude.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tuasaude.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/
0
255 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-VJN3X16J7Y&gtm=45je41v0v897582120z8832045900&_p=1706779748806&_gaz=1&gcs=G111&gcd=11t1t1p1p5&npa=1&dma_cps=-&dma=0&cid=1136395905.1706779750&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706779749&sct=1&seg=0&dl=https%3A%2F%2Fwww.tuasaude.com%2F&dt=Tua%20Sa%C3%BAde%20-%20Informa%C3%A7%C3%A3o%20de%20confian%C3%A7a%20sobre%20sa%C3%BAde%2C%20nutri%C3%A7%C3%A3o%20e%20bem%20estar&en=page_view&_fv=1&_ss=1&tfd=3195
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJN3X16J7Y&l=tsDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tuasaude.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
178 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VJN3X16J7Y&cid=1136395905.1706779750&gtm=45je41v0v897582120z8832045900&aip=1&dma=0&dma_cps=-&gcs=G111&gcd=11t1t1p1p5&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJN3X16J7Y&l=tsDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tuasaude.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-KMLKQF5N2B&gtm=45je41v0v880870970z8866807259&_p=1706779748806&_gaz=1&gcs=G111&gcd=11t1t1p1p5&npa=1&dma_cps=-&dma=0&gdid=dMmY1Mm&cid=1136395905.1706779750&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706779749&sct=1&seg=0&dl=https%3A%2F%2Fwww.tuasaude.com%2F&dt=Tua%20Sa%C3%BAde%20-%20Informa%C3%A7%C3%A3o%20de%20confian%C3%A7a%20sobre%20sa%C3%BAde%2C%20nutri%C3%A7%C3%A3o%20e%20bem%20estar&en=page_view&_fv=1&_ss=1&tfd=3212
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KMLKQF5N2B&l=crossDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tuasaude.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
54 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KMLKQF5N2B&cid=1136395905.1706779750&gtm=45je41v0v880870970z8866807259&aip=1&dma=0&dma_cps=-&gcs=G111&gcd=11t1t1p1p5&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KMLKQF5N2B&l=crossDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tuasaude.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/
42 B
107 B
Image
General
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VJN3X16J7Y&cid=1136395905.1706779750&gtm=45je41v0v897582120z8832045900&aip=1&dma=0&dma_cps=-&gcs=G111&gcd=11t1t1p1p5&npa=1&z=447002572
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/
42 B
408 B
Image
General
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KMLKQF5N2B&cid=1136395905.1706779750&gtm=45je41v0v880870970z8866807259&aip=1&dma=0&dma_cps=-&gcs=G111&gcd=11t1t1p1p5&npa=1&z=1766672095
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=11t1t1p1p5&rnd=1524970577.1706779750&url=https%3A%2F%2Fwww.tuasaude.com%2F&dma_cps=-&dma=0&npa=1&gtm=45He41v0n81N8S2MQMv866807259&auid=2091443743....
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=11t1t1p1p5&rnd=1524970577.1706779750&url=https%3A%2F%2Fwww.tuasaude.com%2F&dma_cps=-&dma=0&npa=1&gtm=45He41v0n81N8S2MQMv866807259&aui...
42 B
387 B
Ping
General
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=11t1t1p1p5&rnd=1524970577.1706779750&url=https%3A%2F%2Fwww.tuasaude.com%2F&dma_cps=-&dma=0&npa=1&gtm=45He41v0n81N8S2MQMv866807259&auid=2091443743.1706779750
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=11t1t1p1p5&rnd=1524970577.1706779750&url=https%3A%2F%2Fwww.tuasaude.com%2F&dma_cps=-&dma=0&npa=1&gtm=45He41v0n81N8S2MQMv866807259&auid=2091443743.1706779750
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.b3ba56f5.js
s.pinimg.com/ct/lib/
66 KB
19 KB
Script
General
Full URL
https://s.pinimg.com/ct/lib/main.b3ba56f5.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:79::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
45f265d91f0d046e0bf176d32af863a7e497d1c4fa27b488cb0d7a0f539c21e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:10 GMT
content-encoding
br
x-cdn
fastly
etag
"672deff0b6e5a9abcd39c208d7373098"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=1209600
alt-svc
h3=":443";ma=600
content-length
19203
collect
stats.g.doubleclick.net/j/
1 B
125 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-130025901-22&cid=1136395905.1706779750&jid=969867716&gjid=549136450&_gid=1663641267.1706779750&npa=1&_u=aGBACEAAFAAAACAAI~&z=1623535859
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tuasaude.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 01 Feb 2024 09:29:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tuasaude.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/user/
298 B
692 B
XHR
General
Full URL
https://ct.pinterest.com/user/?tid=2613542178268&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1706779750716&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b3ba56f5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.39.185.6 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-185-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8e33955f54ef8025b647a6e685fa689a9256fc5c987f7dc98590310ac3c358e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.e5c83017.1706779751.6d1c9ffc
x-envoy-upstream-service-time
3
content-length
173
x-pinterest-rid
1361650388074510
pin-unauth
dWlkPU1ESXlPVEF3WlRJdE9HTTVZUzAwTTJRMkxUZ3lOalV0WkRBNVlXTmtZV1UyTUdNeA
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.tuasaude.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
1874ddb49806027a2d0f19e48eeaf7a1914420d3
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/user/
298 B
714 B
XHR
General
Full URL
https://ct.pinterest.com/user/?event=pagevisit&tid=2613542178268&cb=1706779750717&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b3ba56f5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.39.185.6 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-185-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8e33955f54ef8025b647a6e685fa689a9256fc5c987f7dc98590310ac3c358e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.e5c83017.1706779751.6d1c9ffb
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=600
content-length
173
x-pinterest-rid
9767798842064231
pin-unauth
dWlkPU9XWTRZVEkxTlRZdE1EZ3hNUzAwWldWbExUZzFNelV0TUdVNFl6RXdORFUyTURWaA
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.tuasaude.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
1874ddb49806027a2d0f19e48eeaf7a1914420d3
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
456 B
Image
General
Full URL
https://ct.pinterest.com/v3/?tid=2613542178268&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.tuasaude.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22b3ba56f5%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1706779750718
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.39.185.6 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-185-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:11 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.e5c83017.1706779751.6d1c9ffd
content-type
image/gif
access-control-allow-origin
*
pinterest-version
1874ddb49806027a2d0f19e48eeaf7a1914420d3
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
1
content-length
35
x-pinterest-rid
1724685341429872
expires
Sat, 01 Jan 2000 00:00:00 GMT
0950ea1dbebed2954aa6d777835d27a1.js
script.crazyegg.com/pages/versioned/common-scripts/
95 KB
31 KB
Script
General
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/0950ea1dbebed2954aa6d777835d27a1.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0075/4250.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21c5ec67ba1bad191886f86a9ff26d695e5947256d85e466159a81ab87883262

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Jan 2024 18:00:36 GMT
server
cloudflare
age
72533
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84e92b22bec536ab-YYZ
content-length
31521
AGSKWxU_fujQqHjP_tXn7rt_n56nHaZsh9SZz3edkgbbWKbBQOSArejcofvRrijLLGFCnj7E1f75iXIxwcfaqJ6HxYIIXW2k2qeMopq1WNs-QxdMk7YUBxhMnNEtR9gjuJ4rRXjP6gTRNw==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU_fujQqHjP_tXn7rt_n56nHaZsh9SZz3edkgbbWKbBQOSArejcofvRrijLLGFCnj7E1f75iXIxwcfaqJ6HxYIIXW2k2qeMopq1WNs-QxdMk7YUBxhMnNEtR9gjuJ4rRXjP6gTRNw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2Nzc5NzUwLDkwMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cudHVhc2F1ZGUuY29tLyIsbnVsbCxbWzgsImxNSXpkQUtLREVZIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
592427bb157b1bfad216acd68f53d12420908b817d1fe0a88d645d9dd5a8ace5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ts04AtcarxwDmS6UAxMuIw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-Ts04AtcarxwDmS6UAxMuIw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNxT0LQWEYBuDj4RGSZMJskInNbDJYlKLIpCTLmWRxJv6BvO9gsyghZTD4AQb5yCAxWJyDsPhYGNzD1eWYmkIOv5IM-pVl7EBbWAdOtIOaolMDjmmdzhAOGhQFtWxQFUy_M9nh8bqQ-30hL4Tg4bvSByaJuOWWFuzKCLZWMeQ1wSq4BoIjQ8HjueAp5AzBBeiw5B40k5LbUM9KbkGsKDkFz5LkL1T2C9bA47Tps3vf6l51RxvzH49DVWA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
www.tuasaude.com.json
script.crazyegg.com/pages/data-scripts/0075/4250/sampling/
156 B
239 B
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0075/4250/sampling/www.tuasaude.com.json?t=474105
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/0950ea1dbebed2954aa6d777835d27a1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4170fcbc3da033feb8aff5893a0de7e01eb21602022c03281000478f0c862f59

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:11 GMT
content-encoding
gzip
cf-cache-status
HIT
age
30512
ce-version
11.5.172
content-length
146
last-modified
Thu, 01 Feb 2024 01:00:39 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84e92b23edf736a8-YYZ
AGSKWxW8CBzqZTLsEgQmy2GCuXkOFJ1cNWAfOloQN0wZ6uaRbmqYveGtae-gsvrI6AafF_4jgAWp7uBx0tEdxZgXZcmmN305nziOPXIzCW6dae-KD7n0_dUIGgcSJDL72BOVO4YkamETLA==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW8CBzqZTLsEgQmy2GCuXkOFJ1cNWAfOloQN0wZ6uaRbmqYveGtae-gsvrI6AafF_4jgAWp7uBx0tEdxZgXZcmmN305nziOPXIzCW6dae-KD7n0_dUIGgcSJDL72BOVO4YkamETLA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2Nzc5NzUxLDU5MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5XSxudWxsLDIsbnVsbCwiZW4iXSwiaHR0cHM6Ly93d3cudHVhc2F1ZGUuY29tLyIsbnVsbCxbWzgsImxNSXpkQUtLREVZIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
633c70ffd8ecbb4b8f9905cf1948b910fed8b6b1bb1ddee8721d52d4e98d3acb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-peVKAiw7_6ocdl0o350FKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:11 GMT
content-security-policy
script-src 'report-sample' 'nonce-peVKAiw7_6ocdl0o350FKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsGoxSXF4KshxaAQtpPpvNMdputAfFHlKdNNIK5leMbUCsQPwp8xvQBiA43nTBZAXJD9nKkCiBn_vGDiBOJ3X14yCXx9ySQBxFpA_E7yFdM3IN7h48HyJnw6K1_EdFa2CiANxHF101kLgJhv3XRWw_XTWbecmc66B4hjnk9nTQHixawzWFcD8ZTAGaxzgLglegbrNCB2Sp_BGgLEnzNnsP4G4rLb51jrgFhE7jyrDBALcXM8P_F2LZtAx8-j_gDUJlhD"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
49 KB
20 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1788915694370412&correlator=3820517106165736&eid=31079527%2C31080115&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fif&gdpr=0&iu_parts=92076944%2CTS-Mrec-Sidebar&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C200x200%7C250x250%7C320x190&ifi=1&didk=1178095628&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706779751178&lmt=1706779751&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.tuasaude.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1136395905.1706779750&ga_sid=1706779751&ga_hid=943008817&ga_fc=true&dlt=1706779747986&idt=2154&prev_scp=amp%3Dno%26mature%3Dno%26language%3Dpt%26layout%3Dundefined%26acordo%3Drede-dor-insite%26amznbid%3D2%26amznp%3D2&cust_params=amznbid%3D0%26amznp%3D0&adks=3708773259&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0422cbacbda7a913a58ccacd095653c2948be84dd7786a3bc33075fad99e0a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:11 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20203
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.tuasaude.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0F30
6 KB
3 KB
Document
General
Full URL
https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tuasaude.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 09:29:11 GMT
expires
Fri, 31 Jan 2025 09:29:11 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
iu3
s.amazon-adsystem.com/ Frame 3C67
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&dcc=t
377 B
1 KB
Document
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f2a9b86980722fa3b606ea43a4d9f580df159a769620f5735eb7c45a4dcf24c1
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.tuasaude.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
377
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 01 Feb 2024 09:29:12 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
K6W11KE14PEJ40JXKQN3

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 01 Feb 2024 09:29:11 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
R50D92EFRR1FDQPYTGFJ
ads
securepubads.g.doubleclick.net/gampad/
126 KB
48 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1788915694370412&correlator=3820517106165736&eid=31079527%2C31080115&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fif&gdpr=0&iu_parts=92076944%2CTS-STICKY-FOOTER-DESKTOP&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=2&didk=626756903&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706779751195&lmt=1706779751&adxs=315&adys=1143&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.tuasaude.com%2F&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&ga_vid=1136395905.1706779750&ga_sid=1706779751&ga_hid=943008817&ga_fc=true&dlt=1706779747986&idt=2154&prev_scp=amp%3Dno%26mature%3Dno%26language%3Dpt%26layout%3Dundefined%26acordo%3Drede-dor-insite%26amznbid%3D2%26amznp%3D2&cust_params=amznbid%3D0%26amznp%3D0&adks=2709258452&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d4c99cc1a41d123c79d56e45e09a4c4fefdf057188c31519a53891f99fa2120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:11 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48330
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.tuasaude.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
healthcheck
pagestates-tracking.crazyegg.com/
19 B
461 B
XHR
General
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/0950ea1dbebed2954aa6d777835d27a1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 07:07:40 GMT
via
1.1 f4979fa9d388cee1327b2a7fad0fcbfa.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P1
age
17029292
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
18PD6MZ57c-NukcscZr18_7JCvRlS21b0VDtmJMqD3Fh-6X8AWcIAw==
healthcheck
assets-tracking.crazyegg.com/
19 B
462 B
XHR
General
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/0950ea1dbebed2954aa6d777835d27a1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 20:47:31 GMT
via
1.1 726979f71f252186e97d38202269f636.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
age
17152901
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
kqTCReAJwlwXcx7rNhJruAyAhp8P6ASsuNh88he85Gy9U-AKgEJ8vg==
7f491006-bed8-450b-af3d-af9d4b704ac1
https://www.tuasaude.com/
45 B
0
Other
General
Full URL
blob:https://www.tuasaude.com/7f491006-bed8-450b-af3d-af9d4b704ac1
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
45
Content-Type
text/javascript
/
ct.pinterest.com/v3/
35 B
700 B
Image
General
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&tid=2613542178268&cb=1706779751560&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%2C%22aem_ge%22%3A%2262c66a7a5dd70c3146618063c344e531e6d4b59e379808443ce962b3abd63c5a%22%2C%22aem_eligible_list%22%3A%5B%22ge%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.tuasaude.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22b3ba56f5%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.39.185.6 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-185-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:11 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.e5c83017.1706779751.6d1caa95
content-type
image/gif
access-control-allow-origin
*
pinterest-version
1874ddb49806027a2d0f19e48eeaf7a1914420d3
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
1
content-length
35
x-pinterest-rid
1227828728580194
expires
Sat, 01 Jan 2000 00:00:00 GMT
ads_loader.
fundingchoicesmessages.google.com/f/AGSKWxVONCh5VDfeWC5FZxjo-F0uY6ziOzKNe-8zx9c3Vj2g7ItjpMH4F9_9gvr2daJhqQwoV_H_t8jgbfiOfzEG7ctJzed-S7wjcTyH1MRNTspnk-PuB42VeRb0unOc6_u5FXmbaItTnieI88xtQush2HqE0M1UE...
54 B
110 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVONCh5VDfeWC5FZxjo-F0uY6ziOzKNe-8zx9c3Vj2g7ItjpMH4F9_9gvr2daJhqQwoV_H_t8jgbfiOfzEG7ctJzed-S7wjcTyH1MRNTspnk-PuB42VeRb0unOc6_u5FXmbaItTnieI88xtQush2HqE0M1UE3lX1cqaIpkGGFBVKNylwd1aF8rDtMoc/__StickyAdFunc./adengage0..480x60-/bauer.ads./ads_loader.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwUwk8S3lvqCRjdd4FHf7_IJcArdw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8a80115655540371008b6a7960f27aa57af11e9082b4547902918e4f27f47260
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vC6d_RpnQK_kfphfWmoZiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:11 GMT
content-security-policy
script-src 'report-sample' 'nonce-vC6d_RpnQK_kfphfWmoZiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNxS0PQWEYBuBzHh7DzEziZMEkmnySoNhsbEyymSmSKU7iH5j3DZpoKILgBwjGJDOC4nwYio9CcIdrl3-pJvyakotrylY_0R52sQsdoKOY1INzwSQbknGL0tBsWNQG9WeTDx4vh0JvhyKQgEf0Sh9YZDPuW0FwsCjY08ZQMQQ3ITgVnJoJnq8FL6FsCa7CiCWPoZ-TPIRuSfIA9JrkPDzrkr_QOm7YgHDAa63uE09ITro71x-Nv1T_"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/
47 B
149 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwUwk8S3lvqCRjdd4FHf7_IJcArdw/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 09:38:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
85817
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Feb 2024 09:38:55 GMT
AGSKWxUz7hosFxGmAof8PTZVVg1ifvZO_H-8ZuC-M2243s6Qet5MpOxfuoQSti25pZtK34yAW8MbxFpf5BkHEIKAzMni4WLu9y7KQh5ygMpRq9g0V8pwS7XdPxJSjdeylMrBbAGM84TyuA==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUz7hosFxGmAof8PTZVVg1ifvZO_H-8ZuC-M2243s6Qet5MpOxfuoQSti25pZtK34yAW8MbxFpf5BkHEIKAzMni4WLu9y7KQh5ygMpRq9g0V8pwS7XdPxJSjdeylMrBbAGM84TyuA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JvrdJpDfAqH2gKoPlsCMBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.tuasaude.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 01 Feb 2024 09:29:12 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JvrdJpDfAqH2gKoPlsCMBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmJw1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcLw48XYtm8CN74cOMgIA7YUjgw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.tuasaude.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
container.html
cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8180
6 KB
3 KB
Document
General
Full URL
https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tuasaude.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 09:29:12 GMT
expires
Fri, 31 Jan 2025 09:29:12 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-VJN3X16J7Y&gtm=45je41v0v897582120z8832045900&_p=1706779748806&gcs=G111&gcd=11t1t1p1p5&npa=1&dma_cps=-&dma=0&gdid=dMmY1Mm&cid=1136395905.1706779750&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=2&sid=1706779749&sct=1&seg=0&dl=https%3A%2F%2Fwww.tuasaude.com%2F&dt=Tua%20Sa%C3%BAde%20-%20Informa%C3%A7%C3%A3o%20de%20confian%C3%A7a%20sobre%20sa%C3%BAde%2C%20nutri%C3%A7%C3%A3o%20e%20bem%20estar&en=calculator-shown&ep.widgetCode=bmi-calculator&_et=3&tfd=4820
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJN3X16J7Y&l=tsDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tuasaude.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clock
tracking.crazyegg.com/
27 B
134 B
XHR
General
Full URL
https://tracking.crazyegg.com/clock?t=1706779752000&tk=ba2dbddf471fb91cd2f737fcc66b7773&s=436597&p=%2F&u=754250&v=fc3347a9e4a7aef4f8059bfa85b07dd137d05de5&f=tuasaude.com&ul=https%3A%2F%2Fwww.tuasaude.com%2F
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/0950ea1dbebed2954aa6d777835d27a1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.18.9.101 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-18-9-101.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
f4d82d03b6a5353fb476c5f3f66f83f3cb3b4c95ec06771f1d0433756c233dd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 01 Feb 2024 09:29:12 GMT
cache-control
no-store
server
awselb/2.0
content-length
27
content-type
text/plain
AGSKWxUz7hosFxGmAof8PTZVVg1ifvZO_H-8ZuC-M2243s6Qet5MpOxfuoQSti25pZtK34yAW8MbxFpf5BkHEIKAzMni4WLu9y7KQh5ygMpRq9g0V8pwS7XdPxJSjdeylMrBbAGM84TyuA==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUz7hosFxGmAof8PTZVVg1ifvZO_H-8ZuC-M2243s6Qet5MpOxfuoQSti25pZtK34yAW8MbxFpf5BkHEIKAzMni4WLu9y7KQh5ygMpRq9g0V8pwS7XdPxJSjdeylMrBbAGM84TyuA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EyAcu8IMBhqchfABB5O6mQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.tuasaude.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 01 Feb 2024 09:29:12 GMT
content-security-policy
script-src 'report-sample' 'nonce-EyAcu8IMBhqchfABB5O6mQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw15BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH48WJt2vZBG6cOH2fEQD0OyFv"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.tuasaude.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame EFE1
645 B
320 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Y2rP45wEwAQ&v=APEucNXaZSDad_Jn8xCm1FBpE1390HiZkeetfPO3CCMJW4VEskVYxZNxNQPQH-Waytv8EEAChxkokGl7Gyg45YNTTjd8r3G1mWZgnmN4WFOcBuOjNmmfyU8
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 09:29:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 6D5F
111 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/
Origin
https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:38:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57020
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Feb 2024 17:38:52 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240129/r20110914/elements/html/ Frame 6D5F
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240129/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 21:08:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
44460
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Feb 2024 21:08:12 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240129/r20110914/ Frame 6D5F
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240129/r20110914/abg_lite_fy2021.js
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 21:08:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
44460
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
3610546441309021303
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Feb 2024 21:08:12 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 6D5F
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 04:34:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
17657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 Jan 2025 04:34:55 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240129/r20110914/client/ Frame 6D5F
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240129/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 21:08:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
44460
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Feb 2024 21:08:12 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 93EC
1 KB
1001 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
62250
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 16:11:42 GMT
etag
48472445140208031
expires
Thu, 01 Feb 2024 16:11:42 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240129/r20110914/client/ Frame 6D5F
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 11:54:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
77688
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Feb 2024 11:54:24 GMT
l
www.google.com/ads/measurement/ Frame 6D5F
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRue2GRUbVswibAgTJQvdPy6wLSu4tlsryhuPUf-sxuP2BAjw1Yn4etcRopOx8kxdfzPq48JQq7HHlVPZIFOTNSxNru0A
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6D5F
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66348
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706704584918460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Feb 2024 09:29:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D5F
42 B
170 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AM-dXE8arXG5Npi_vhyEwk7a918W5f70zUEtNLoewdJ8iJw70tOEA80Wx-i_eqvtkYHUYCtPAWyecBdRePFD-8DRMnwXKNaTQnz3Ur2Eo-LYURJmY
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame 836B
3 KB
4 KB
Document
General
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
0357553d29e095108429cd116b9a07a2e50a7f24228acc5f11f8ab4032323d23
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3250
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 01 Feb 2024 09:29:12 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
KRCQXE0NQV3HC9MWGCCA
ping
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.tuasaude.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

rum
dsum-sec.casalemedia.com/ Frame EFE1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGj6_AoEzgYqPiDfMI8VvlM&google_cver=1&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGj6_AoEzgYqPiDfMI8VvlM&google_cver=1&gdpr=0&C=1
43 B
336 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGj6_AoEzgYqPiDfMI8VvlM&google_cver=1&gdpr=0&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Y2rP45wEwAQ&v=APEucNXaZSDad_Jn8xCm1FBpE1390HiZkeetfPO3CCMJW4VEskVYxZNxNQPQH-Waytv8EEAChxkokGl7Gyg45YNTTjd8r3G1mWZgnmN4WFOcBuOjNmmfyU8
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhKtcdF4KtW0PrNnfu4IXEl7SxJn%2Bs3%2F6HeucVvx9HnUX7x1tz8z8bi6BRiVMWgVZlkCMaFYXn3CPhXmDWlNvR1GCB%2Bup8xEWv8GHk1eaK9ccrgZnmb8M4hLTZ6zNgcIbltMbr4O50oFug%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84e92b31ef7436c8-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9H4gR9ZVLIkr5pCw9LtUbB4%2FuVxg0KmP2YuBR%2FwHqtNN0JN03NtOed7A2pX7OfwVQZrUvbuOM%2F6bxuvPJ%2FBF2Hg1zj2PGjwV6l%2F5s3sIvbKiGX2Mf7y78wlyC9b%2BwfdpJEXDcSaI%2B0pFyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEGj6_AoEzgYqPiDfMI8VvlM&google_cver=1&gdpr=0&C=1
cache-control
no-cache
cf-ray
84e92b308eb836c8-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame EFE1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zbtkac1Plc2O5cB5psyuJwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGj6_AoEzgYqPiDfMI8VvlM&google_cver=1
43 B
733 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGj6_AoEzgYqPiDfMI8VvlM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Y2rP45wEwAQ&v=APEucNXaZSDad_Jn8xCm1FBpE1390HiZkeetfPO3CCMJW4VEskVYxZNxNQPQH-Waytv8EEAChxkokGl7Gyg45YNTTjd8r3G1mWZgnmN4WFOcBuOjNmmfyU8
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ym44n5vp%2FUZM5cA%2FAETXU97lRl7s0mY%2FqtHRIErIQe7R8xE7hnxFQ%2Fi7Ct2fgXXKo7bLAh0EygE8mR0q24lDkFHDlJOJL9SBZNvtPk4chWLBNP8MVQRuNuf3fc1tOUQNbwaNAjVxjTGNng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84e92b3cfa3239dd-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGj6_AoEzgYqPiDfMI8VvlM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame EFE1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEA7kjea_vtaOWBl0M8uJ48I&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEA7kjea_vtaOWBl0M8uJ48I%26google_cver%3D1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEA7kjea_vtaOWBl0M8uJ48I%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Y2rP45wEwAQ&v=APEucNXaZSDad_Jn8xCm1FBpE1390HiZkeetfPO3CCMJW4VEskVYxZNxNQPQH-Waytv8EEAChxkokGl7Gyg45YNTTjd8r3G1mWZgnmN4WFOcBuOjNmmfyU8
Protocol
H2
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
an-x-request-uuid
e3592077-d6b6-430d-a6fe-2234ab6a7c9e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
an-x-request-uuid
f7985512-1ba3-4978-a2e6-f9b529e7a872
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEA7kjea_vtaOWBl0M8uJ48I%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EFE1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA4MzQ1NjMwOTU2NTI4MTEx
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA4MzQ1NjMwOTU2NTI4MTEx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Y2rP45wEwAQ&v=APEucNXaZSDad_Jn8xCm1FBpE1390HiZkeetfPO3CCMJW4VEskVYxZNxNQPQH-Waytv8EEAChxkokGl7Gyg45YNTTjd8r3G1mWZgnmN4WFOcBuOjNmmfyU8
Protocol
H2
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
an-x-request-uuid
dfd45988-22c0-4a90-bbd1-3e0a621bf57a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA4MzQ1NjMwOTU2NTI4MTEx
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 836B
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3497813537034054000V10
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3497813537034054000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 09:29:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GHAYNQFBZ4HRXZTK3435
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 09:29:13 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3497813537034054000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Thu, 01 Feb 2024 09:29:13 GMT
ecm3
s.amazon-adsystem.com/ Frame 836B
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=7610120411
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=7610120411
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 09:29:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M47TNPR9K72YGB3YS85J
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 01 Feb 2024 09:28:45 GMT
via
1.1 77f3bc2c9964f50671e7151896d06648.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
age
27
x-cache
Hit from cloudfront
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=7610120411
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
cqD11bo5b51lSoRKpj00Uo2YkcaX-TkUOA3fpMf-ilNmKRYUm57AXQ==
ecm3
s.amazon-adsystem.com/ Frame 836B
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=49BAECB5249A4B74B3D94B2820C391F5&ex=simpli.fi&status=ok
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=49BAECB5249A4B74B3D94B2820C391F5&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 09:29:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
709GFQVAJZBNW820S870
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 01 Feb 2024 09:29:12 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=49BAECB5249A4B74B3D94B2820C391F5&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 31 Jan 2024 09:29:12 GMT
ecm3
s.amazon-adsystem.com/ Frame 836B
Redirect Chain
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7e581e03f12x7ikv00ls30lhwt
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7e581e03f12x7ikv00ls30lhwt
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 09:29:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
40XX4QVV9DCKYZN6HAWN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 01 Feb 2024 09:29:12 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7e581e03f12x7ikv00ls30lhwt
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame 836B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=nwi0pDfVBtfy8QsdOEzQ
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=nwi0pDfVBtfy8QsdOEzQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 09:29:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
F4Z2TYXVY7CZ3CVXWQKT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 09:29:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=nwi0pDfVBtfy8QsdOEzQ
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
101
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame D0C8
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6afd7d1b8256961098a3b36843d8ba6cc8846d0d5fd3d120f49090cb8b81483e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84e92b31090d5479-YYZ
content-encoding
br
content-type
text/html
date
Thu, 01 Feb 2024 09:29:13 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKkkSPVGTbV47nooMc9ORHHkNeIN4gGJgfovzkFDX5VVWofFZmh29hzIf2rZbxfS690%2B8msOW6JzA7F4e6n1vewfZG5HG2ybdLmHl0vwY1O8XR986DyHCD09ySK9r435W8HeuFk8WimrUg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84e92b2f78785479-YYZ
content-length
0
date
Thu, 01 Feb 2024 09:29:12 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sE8MUsRYRX5Jgr3fb%2Fmbqbmwaon6au5dgckzA%2F2UVu6wiYtAy%2BhiwX%2BJc1QFCsvS7ZNn2Ljp6Rl1emR1CjbwbmmX0W%2FxnX1GCAL8jpjlXmgQV3xgze5Ro5A3QL43aK%2B2wJFSWq%2BoZsylYA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame 4F88
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
824 B
795 B
Document
General
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
30f3d85b576477b20a3c14a04b2a2e0ff421e05a116fc5e4c9b5c07c54a3bf38

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
470
content-type
text/html
date
Thu, 01 Feb 2024 09:29:13 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 01 Feb 2024 09:29:12 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame A8B9
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4248769777910856124&gdpr=0&gdpr_consent=
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4248769777910856124&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 01 Feb 2024 09:29:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
DGWSJY0KEP0ECGJGJ382

Redirect headers

content-length
0
date
Thu, 01 Feb 2024 09:29:12 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4248769777910856124&gdpr=0&gdpr_consent=
/
match.sharethrough.com/jwumXNuB/v1/ Frame E882
842 B
1 KB
Document
General
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.126.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-126-113.compute-1.amazonaws.com
Software
/
Resource Hash
9413ed6eba1ed22c87cc0f2c93632ad8fd673ff6c22c67a017107ced5c6e0326

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
842
date
Thu, 01 Feb 2024 09:29:13 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A915
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.120.208 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-120-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=69591
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 01 Feb 2024 09:29:12 GMT
expires
Fri, 02 Feb 2024 04:49:03 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame CE46
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 01 Feb 2024 09:29:13 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame 710B
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
951 B
2 KB
Document
General
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
85f1c7c65fbe92b8f19ef6bebb0425531282059c70bda2b3761921a34f666e60
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-length
951
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-6658dc8946-9k2d6
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
cw-server
bh-deployment-6658dc8946-9k2d6
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 93C6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1RaHQwaUlaRTJ1S1BsemV4ckhjVTdRVzlXZmtFcy5qVn5B
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1RaHQwaUlaRTJ1S1BsemV4ckhjVTdRVzlXZmtFcy5qVn5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 01 Feb 2024 09:29:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
VXQCV1EB7AC7Z4DBEQ3J

Redirect headers

age
0
content-length
0
date
Thu, 01 Feb 2024 09:29:13 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1RaHQwaUlaRTJ1S1BsemV4ckhjVTdRVzlXZmtFcy5qVn5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.94
strict-transport-security
max-age=31536000
amazon
ce.lijit.com/beacon/ Frame 41EF
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB
Document
General
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.162.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-162-145.compute-1.amazonaws.com
Software
/
Resource Hash
17a2c8839c06eff676ed0fdd505723cb7bd5315b5e6aa91bee364fe8e1a4b610

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-encoding
gzip
content-length
538
content-type
text/html
date
Thu, 01 Feb 2024 09:29:14 GMT
expires
Fri, 20 Mar 2009 00:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
vary
Accept-Encoding, User-Agent

Redirect headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
0
date
Thu, 01 Feb 2024 09:29:13 GMT
expires
Fri, 20 Mar 2009 00:00:00 GMT
location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
i.match
s.tribalfusion.com/z/ Frame 93EC
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEErqBvbD-gfkeVwGYPY4Swc&google_cver=1&google_push=AXcoOmSw6UIyxe4JTsEvWuQDoC-nj-Uy5rGTZFlEL-bmpX5lqsN1N6e9JL-KSw9IvwuYSaT0u4J92_x6n9x5Tv1Nve3cNccYNStY&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEErqBvbD-gfkeVwGYPY4Swc&google_cver=1&google_push=AXcoOmSw6UIyxe4JTsEvWuQDoC-nj-Uy5rGTZFlEL-bmpX5lqsN1N6e9JL-KSw9IvwuYSaT0u4J92_x6n9x5Tv1Nve3cNccYNSt...
43 B
418 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEErqBvbD-gfkeVwGYPY4Swc&google_cver=1&google_push=AXcoOmSw6UIyxe4JTsEvWuQDoC-nj-Uy5rGTZFlEL-bmpX5lqsN1N6e9JL-KSw9IvwuYSaT0u4J92_x6n9x5Tv1Nve3cNccYNStY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSw6UIyxe4JTsEvWuQDoC-nj-Uy5rGTZFlEL-bmpX5lqsN1N6e9JL-KSw9IvwuYSaT0u4J92_x6n9x5Tv1Nve3cNccYNStY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com
URL: https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
84e92b330a11a252-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
295
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEErqBvbD-gfkeVwGYPY4Swc&google_cver=1&google_push=AXcoOmSw6UIyxe4JTsEvWuQDoC-nj-Uy5rGTZFlEL-bmpX5lqsN1N6e9JL-KSw9IvwuYSaT0u4J92_x6n9x5Tv1Nve3cNccYNStY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSw6UIyxe4JTsEvWuQDoC-nj-Uy5rGTZFlEL-bmpX5lqsN1N6e9JL-KSw9IvwuYSaT0u4J92_x6n9x5Tv1Nve3cNccYNStY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
84e92b31c928a252-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
CookieSyncAdX
rtb.adentifi.com/ Frame 93EC
0
35 B
Image
General
Full URL
https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESEEo-4XWdqP06-UAbUxLFXmg&google_cver=1&google_push=AXcoOmRHtA5sSg_dkyB5A_pj2tbJrFNBpQPluVMDKZGW22EsBa40yTIOzpM72-djTRPUXDkSyEYtJs0BS5RsnKxh5vkYs14TxONP
Requested by
Host: cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com
URL: https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.96.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-96-255.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:13 GMT
pixel
cm.g.doubleclick.net/ Frame 93EC
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBXwr76mZm8kxsmG_bEWXJQ&google_cver=1&google_push=AXcoOmS61U9vAOeNyOzAamSZJk1aREfvNLA3PQaxMEdkp8bAypCtncVC2_KKloWKq021kLwqgfU46AXW_VUDKeXCwzbraqMtuETm
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmS61U9vAOeNyOzAamSZJk1aREfvNLA3PQaxMEdkp8bAypCtncVC2_KKloWKq021kLwqgfU46AXW_VUDKeXCwzbraqMtuET...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIyOTk0NDIwNzgyNjM1MzE4MjAx&google_push=AXcoOmS61U9vAOeNyOzAamSZJk1aREfvNLA3PQaxMEdkp8bAypCtncVC2_KKloWK...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIyOTk0NDIwNzgyNjM1MzE4MjAx&google_push=AXcoOmS61U9vAOeNyOzAamSZJk1aREfvNLA3PQaxMEdkp8bAypCtncVC2_KKloWKq021kLwqgfU46AXW_VUDKeXCwzbraqMtuETm
Requested by
Host: cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com
URL: https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIyOTk0NDIwNzgyNjM1MzE4MjAx&google_push=AXcoOmS61U9vAOeNyOzAamSZJk1aREfvNLA3PQaxMEdkp8bAypCtncVC2_KKloWKq021kLwqgfU46AXW_VUDKeXCwzbraqMtuETm
date
Thu, 01 Feb 2024 09:29:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 93EC
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEDtxucwYEgvqjibfZZpS5l0&google_cver=1&google_push=AXcoOmSYpqi9cd2tkVN0_5TKDo5zchthsfNvDlJagUBN-Udfty3wgAlYcgx9hBKdR17ooLWCf2yVjZCQ33mjzHYyJKu1ZrsI1LKi
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ5NzgxMzUzNzAzNDAwNjAwMFYxMA%3d%3d&mn_hm=MzQ5NzgxMzUzNzAzNDAwNjAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSYpqi9cd2tkVN0_5TKDo5zcht...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ5NzgxMzUzNzAzNDAwNjAwMFYxMA%3d%3d&mn_hm=MzQ5NzgxMzUzNzAzNDAwNjAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSYpqi9cd2tkVN0_5TKDo5zchthsfNvDlJagUBN-Udfty3wgAlYcgx9hBKdR17ooLWCf2yVjZCQ33mjzHYyJKu1ZrsI1LKi&gdpr=&gdpr_consent=
Requested by
Host: cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com
URL: https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 09:29:13 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ5NzgxMzUzNzAzNDAwNjAwMFYxMA%3d%3d&mn_hm=MzQ5NzgxMzUzNzAzNDAwNjAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSYpqi9cd2tkVN0_5TKDo5zchthsfNvDlJagUBN-Udfty3wgAlYcgx9hBKdR17ooLWCf2yVjZCQ33mjzHYyJKu1ZrsI1LKi&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Thu, 01 Feb 2024 09:29:13 GMT
pixel
cm.g.doubleclick.net/ Frame 93EC
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEBVVex3jfMryvpEhONrvKpI&google_cver=1&google_push=AXcoOmT5G7STsJ36yyEn5fXETOUotIQkwascvwO32dzr4k5xJr_fOtrocktsAtnoFNNFcsY8fAT4rUZsZUhzLsdK66NJt6uCjy8
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmT5G7STsJ36yyEn5fXETOUotIQkwascvwO32dzr4k5xJr_fOtrocktsAtnoFNNFcsY8fAT4rUZsZUhzLsdK66NJt6uCjy8&google_hm=d1cdb0c5e8de4f778d96...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmT5G7STsJ36yyEn5fXETOUotIQkwascvwO32dzr4k5xJr_fOtrocktsAtnoFNNFcsY8fAT4rUZsZUhzLsdK66NJt6uCjy8&google_hm=d1cdb0c5e8de4f778d96474084289ab9
Requested by
Host: cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com
URL: https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmT5G7STsJ36yyEn5fXETOUotIQkwascvwO32dzr4k5xJr_fOtrocktsAtnoFNNFcsY8fAT4rUZsZUhzLsdK66NJt6uCjy8&google_hm=d1cdb0c5e8de4f778d96474084289ab9
date
Thu, 01 Feb 2024 09:29:13 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
spacer.gif
an.yandex.ru/resource/ Frame 93EC
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEBVSoL8pPb0sb6v19v6Zdas?ext-param=AXcoOmRBLj4z0Id3eU_VSehUwdUr1eUykgJKRSU4VQvZ8wyj-C3e0hYXuvzZcbP-IubwT2vM1El3JmGc_NWRer7er4HhQq0RQA8Z3A&partner-tag=yandex_ag...
  • https://an.yandex.ru/mapuid/google/CAESEBVSoL8pPb0sb6v19v6Zdas?redir-setuniq=1&ext-param=AXcoOmRBLj4z0Id3eU_VSehUwdUr1eUykgJKRSU4VQvZ8wyj-C3e0hYXuvzZcbP-IubwT2vM1El3JmGc_NWRer7er4HhQq0RQA8Z3A&partn...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEBVSoL8pPb0sb6v19v6Zdas&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
168 B
Image
General
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com
URL: https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Jan 2025 09:29:14 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 93EC
Redirect Chain
  • https://www.temu.com/api/adx/cm/pixel?google_gid=CAESENAjhNdZ0errNViybgJIHGY&google_cver=1&google_push=AXcoOmRjOZ8tR8dyLe-TrpcigZTZhD7orozHOXzyrdtdSZYREPmq6sGy9P2NNKQfG5MgWnYf0b5InVxfbrXxmEqV7rBa6Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmRjOZ8tR8dyLe-TrpcigZTZhD7orozHOXzyrdtdSZYREPmq6sGy9P2NNKQfG5MgWnYf0b5InVxfbrXxmEqV7rBa6YGW_VYFkw
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmRjOZ8tR8dyLe-TrpcigZTZhD7orozHOXzyrdtdSZYREPmq6sGy9P2NNKQfG5MgWnYf0b5InVxfbrXxmEqV7rBa6YGW_VYFkw
Requested by
Host: cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com
URL: https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 01 Feb 2024 09:29:13 GMT
strict-transport-security
max-age=2592000
server
nginx
content-security-policy-report-only
default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
content-language
en-CA
location
https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmRjOZ8tR8dyLe-TrpcigZTZhD7orozHOXzyrdtdSZYREPmq6sGy9P2NNKQfG5MgWnYf0b5InVxfbrXxmEqV7rBa6YGW_VYFkw
x-yak-request-id
1706779753095-54c6046e048cb6546145bc358cc54bff
yak-timeinfo
1706779753095|2
cip
166.0.205.4
alt-svc
h3=":443"; ma=604800
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 93EC
0
130 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LcCZfUb6tj0Q_lk1KCHnsZoQgqgCGmLRGsyTzjdt3OT9r68_fcKc09oT4vBz8vjKHTR4TdfFs
Requested by
Host: cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com
URL: https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:12 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
AGSKWxUz7hosFxGmAof8PTZVVg1ifvZO_H-8ZuC-M2243s6Qet5MpOxfuoQSti25pZtK34yAW8MbxFpf5BkHEIKAzMni4WLu9y7KQh5ygMpRq9g0V8pwS7XdPxJSjdeylMrBbAGM84TyuA==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUz7hosFxGmAof8PTZVVg1ifvZO_H-8ZuC-M2243s6Qet5MpOxfuoQSti25pZtK34yAW8MbxFpf5BkHEIKAzMni4WLu9y7KQh5ygMpRq9g0V8pwS7XdPxJSjdeylMrBbAGM84TyuA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-S5Wwu3m8DUn2r8LJkq3xrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.tuasaude.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 01 Feb 2024 09:29:12 GMT
content-security-policy
script-src 'report-sample' 'nonce-S5Wwu3m8DUn2r8LJkq3xrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH48WJt2vZBH6snDuRCQDvkiDp"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.tuasaude.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUz7hosFxGmAof8PTZVVg1ifvZO_H-8ZuC-M2243s6Qet5MpOxfuoQSti25pZtK34yAW8MbxFpf5BkHEIKAzMni4WLu9y7KQh5ygMpRq9g0V8pwS7XdPxJSjdeylMrBbAGM84TyuA==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUz7hosFxGmAof8PTZVVg1ifvZO_H-8ZuC-M2243s6Qet5MpOxfuoQSti25pZtK34yAW8MbxFpf5BkHEIKAzMni4WLu9y7KQh5ygMpRq9g0V8pwS7XdPxJSjdeylMrBbAGM84TyuA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dwLO28OG-myI6UBA0xpxcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.tuasaude.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 01 Feb 2024 09:29:12 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dwLO28OG-myI6UBA0xpxcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw15BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH48WJt2vZBCZ8WLCRCQDylyD3"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.tuasaude.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUygImFNllC4lYnYheZMac24TWq_ePIV0AdcCqoBJh_xwmw8gsdLfV0I8Ts6RiQsIbsLiGWZk-z6Xx90WdvCUKgn1VLWK6FxEdh3df7haXjt-tzPXPxUi3JYvisOLH9vZt4l_fcNg==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUygImFNllC4lYnYheZMac24TWq_ePIV0AdcCqoBJh_xwmw8gsdLfV0I8Ts6RiQsIbsLiGWZk-z6Xx90WdvCUKgn1VLWK6FxEdh3df7haXjt-tzPXPxUi3JYvisOLH9vZt4l_fcNg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2Nzc5NzUyLDUwNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cudHVhc2F1ZGUuY29tLyIsbnVsbCxbWzgsImxNSXpkQUtLREVZIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
325280478007a0dae5311804afa6b94e7d31b766da3392658403c074f6c79ba2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VN3SHrSEEycFW2gP-dhjrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:12 GMT
content-security-policy
script-src 'report-sample' 'nonce-VN3SHrSEEycFW2gP-dhjrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4KkhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I6K1sFkAbiuLrprAVAzLduOqvh-umsW85MZ90DxDHPp7OmAPFi1hmsq4F4SuAM1jlA3BI9g3UaEDulz2ANAeLPmTNYfwNx2e1zrHVALCx3nlUaiIV4OF6ceLuWTeDD7h_TmAAtplew"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUNVDeq-Tg0vzPFQz601dEiYKr0KYm_PTyEKX8szluv6GkZo2HnPTBjyui5YWtHASbHvW0U9Zx2r_Yj-egzuWITg5D81OSq-Y_aZSxaRnGhKeRLBBionVTHU7kzPs1MN04cWSfp_Q==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUNVDeq-Tg0vzPFQz601dEiYKr0KYm_PTyEKX8szluv6GkZo2HnPTBjyui5YWtHASbHvW0U9Zx2r_Yj-egzuWITg5D81OSq-Y_aZSxaRnGhKeRLBBionVTHU7kzPs1MN04cWSfp_Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TbexY-lx0M7qpO7uE2n5vQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.tuasaude.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 01 Feb 2024 09:29:12 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TbexY-lx0M7qpO7uE2n5vQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH48WJt2vZBG4sbrzLBADwpCD4"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.tuasaude.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 6D5F
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a0789ead2b2e18b2e26385e69821ff4e5b7be1a68bd5ed41e63046951008eb4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 2FBF
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
426244
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 11:05:08 GMT
expires
Sun, 26 Jan 2025 11:05:08 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
firstevent
scotiabank.demdex.net/ Frame 6D5F
Redirect Chain
  • https://scotiabank.demdex.net/event?d_event=imp&d_src=203093&d_creative=190868996&d_campaign=29828495&d_placement=365566471&d_site=3375178&d_aid=6105106&d_bust=2895251668
  • https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=190868996&d_campaign=29828495&d_placement=365566471&d_site=3375178&d_aid=6105106&d_bust=2895251668
42 B
724 B
Script
General
Full URL
https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=190868996&d_campaign=29828495&d_placement=365566471&d_site=3375178&d_aid=6105106&d_bust=2895251668
Requested by
Host: cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com
URL: https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
107.23.6.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-6-4.compute-1.amazonaws.com
Software
/
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-06c65f3d1.edge-va6.demdex.com 6 ms
pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
G6zo/Ns2S0c=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-va6-1-v053-0142dceaa.edge-va6.demdex.com 0 ms
pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
/LMAS90MTZc=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=190868996&d_campaign=29828495&d_placement=365566471&d_site=3375178&d_aid=6105106&d_bust=2895251668
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
index.html
s0.2mdn.net/sadbundle/4842514163848708096/ Frame A157
62 KB
10 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
670c1134d0415d8b8ca194eada70d7769e5f7b672abead1f5109b192e6d7d6be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
9023
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
9801
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 06:58:50 GMT
expires
Fri, 31 Jan 2025 06:58:50 GMT
last-modified
Tue, 25 Apr 2023 16:24:35 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 6D5F
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjst9SzDsrA6YvSHfV3z0VTBS5OxzKanEolcW7cRo-aiUDG_ef1AdrNVxFSBEHRBvLHjMm0-BZLdeGC3fvyW4LL40P0E40qsh7p03idjHgXBopdTGmkb04D0PQ6L_wY5bIsTDdciQAI5A8BQngOM5dLAGOtW3PUK9ZxRo55Hwp0bVtoHWD4wMeaKm_w7VqjdwyVs6Or-WzBgd7GNCxre7T72gEv-Duy9oz3LSaOX2O_EeYbUDlS0RTC88_LNYQzPiPz2s1-JoRCWPVlrIqFrykf4dEqJrh7f1g1DzXtZgblG6QETDt-Oq309FjEbHMcWUPchXOmBHBOe-2Igo_JT8-oQDrLnMZgSrpvypzhEKogMXuWmybSvLT1MvkS3gwz_sPhyL9zoGnNq03SBHdBnenyF4i3s6jO-UfOIVsQVEeUFClPGC1vkyG9gd8NHrk1LCo2mij1Z3Al3h1oSuv5Y169x__XOOoBVJw8unYzK5TRNQddvBrQzyNykNM1yHRmBgBw-cmhRGofmCgzd_0-YFV1Gh0jZ93xhSq3plhSUBaGRwOJNOLF2j1IuH2kdZwZoVdmfeclhC86ctyzAB8vCOoSvQkG8XmbcJPdOdpvprLeuU8H3191ItfQcZD8f55mMq4cLGkJ9_mTK10A5LkWcECR5RZ0k50DS21kiNOz0DcR2oSGE0FZtp-IAKi2ylMgzS89ABsKghojL-xy2vsrz_LPY4ONXwFR6bFuVEiX8Tenl4rXtfviNgZp8dHPefs7EFF7yuDDmlZOFGAPMRcL0mCR3T5XNmm2XkeMHT7ejg3bidFf1vTIgADxNObyFx64rD81y-0uK9QmFxFud51SKEYMxhoGZVtYtSypEHCPM9gOdSA6BqMEep4GbxYpnAUPvqGqZTyh9GWtXyT0gv_PuWZtLRO1Au6tFYcVdRJ62X88TQE9gv-4MI4uBYsEbSwqfnt5Cay6e_zovEctBuhLDF7ZHZCibYbdCRtIjrnhjEWGbf1R9tozwBqWEO72S03UUloICIOmSUz0aYX1xIHMpEpoxSSBVc-qzaJ7Gx0Bfry6S1BMQS3pcEFWaAG_iETNLi8eJmNMjsnXvYLJLcb7aEVxuexBdaZdE5wIx52pH1x4ZhuioI-qgBRLdNmv_Rv_MTeYUvhFSt4Ywh7qE7PG5lkEbaKS6QGmUs0VUFIDJFeLVNQeRaB1m59JlEML0sDPvfNFfu7EJpe79dV2itMPqz9mi7CmqyWocrJsH4I5Qq9BApw65JLGw6HuX3keI3nDh4rFRVyZJpx-kI4p6XoqratcuqVYxfD1Fdy1ccpkotgYNmc4I1deFqD8nllHWIf2fex5eyIuxnaXqZnnpEcRZTmzwfGzDhfX2lo44b8AXgPMCAJIC7bmtDeN0fEd2bqwVzaO1L8BHP51hUPUO0ZdwYZTTvjDP4ttNReYc-CQXIq4BI8Jvwl7xaSpxH6sU15U30pafbXGr16W-8TMHzFehULJA&sai=AMfl-YRGmKIEJs15Qq1xGIq2kGr90ri7rHE4vnoqnYQPiYJONa8xPujHmO-BP2bF62eR_YTuK8AXrpDRPsdP3G1pqAGiSghE32BPZU5xnTE7EdvsjIJnFNwP_yUnM_NnpSckIQDPG9Rl7x78NcLGnVR-9lCFZRkaltxy5VnkWYTgYLernU0pMHFhIGePFjwbA9fa83b_VJisbKNmYiJy9ZRg3FromlUQa-yaXlz00OBqFTgRLyKMwardsW8d3aEFthSYIcgvt3NSGBbjh5Bj9ZmjyNozgAlUrZsJKSoALj78nuEymzxlo0GhJ7O1DSxuo57JzY_bnRuGKOTxjNjS1zAy5nn4vr4A2agZ4df5EWDrGf9V_bEvd0Uy8xg4DIZV9KIls0OWOmSB2SXZPRhsI6YEpkXvq2WlBWkSysFafdAi18ERflxI&sig=Cg0ArKJSzG_Hg8wdIydGEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zY290aWFiYW5rLmNvbSxodHRwczovL2RlbWRleC5uZXQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=668&cbvp=1&cstd=665&cisv=r20240129.36938&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 01 Feb 2024 09:29:13 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 01 Feb 2024 09:29:13 GMT
c37dae4c-52fd-4ad3-88ca-c021b15c7905
https://www.tuasaude.com/
241 B
0
Other
General
Full URL
blob:https://www.tuasaude.com/c37dae4c-52fd-4ad3-88ca-c021b15c7905
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b8b16f32c5a471d7aac969d8678784b1be8df6bfe3e0c0f7a77c0d3f196c7b8

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
241
Content-Type
text/javascript
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 2FBF
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 23:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
36712
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Jan 2025 23:17:21 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame A915
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=96131507&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.112 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
abb677394abc430b543d796a61cafc336d88007be430f1fc53f5093ceaa5a605

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 01 Feb 2024 09:29:12 GMT
content-length
1736
content-type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame E882
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=94e2f529-4f50-40c3-b075-fb9a159cfa99
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 09:29:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TB001AZ6GMX9Y7B9PBPC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame E882
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=935aafec-4bc0-4340-8a19-bd7f02a666a6&gdpr=0&gdpr_consent=
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=935aafec-4bc0-4340-8a19-bd7f02a666a6&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.214.126.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-126-113.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:14 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=935aafec-4bc0-4340-8a19-bd7f02a666a6&gdpr=0&gdpr_consent=
date
Thu, 01 Feb 2024 09:29:13 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame E882
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=OTRlMmY1MjktNGY1MC00MGMzLWIwNzUtZmI5YTE1OWNmYTk5
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.214.126.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-126-113.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:13 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame E882
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2...
  • https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=49f87a43-78fa-092d-149a-1ea19858fb7c
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=49f87a43-78fa-092d-149a-1ea19858fb7c
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.214.126.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-126-113.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:13 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Thu, 01 Feb 2024 09:29:13 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=49f87a43-78fa-092d-149a-1ea19858fb7c
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
v1
match.sharethrough.com/sync/ Frame E882
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=94e2f529-4f50-40c3-b075-fb9a159cfa99&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365
  • https://x.bidswitch.net/ul_cb/sync?ssp=sharethrough&user_id=94e2f529-4f50-40c3-b075-fb9a159cfa99&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sharethrough&bsw_param=2a66c61c-2db3-4b9f-8483-c292eb5cc82a&google_hm=MmE2NmM2MWMtMmRiMy00YjlmLTg0ODMtYzI5MmViNWN...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEA9hf1WWuXlLCgUgMlblF6U&google_cver=1&ssp=sharethrough&bsw_param=2a66c61c-2db3-4b9f-8483-c292eb5cc82a&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=2a66c61c-2db3-4b9f-8483-c292eb5cc82a&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=2a66c61c-2db3-4b9f-8483-c292eb5cc82a&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.214.126.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-126-113.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:14 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
//match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=2a66c61c-2db3-4b9f-8483-c292eb5cc82a&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Thu, 01 Feb 2024 09:29:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame CE46
39 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4403aa17a6898022bf1f51f2cf57da5e70cc8f0457730e34d313b91f492be0d5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 09:29:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Jan 2024 14:58:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19730
Connection
keep-alive
Content-Length
10921
Expires
Thu, 01 Feb 2024 14:58:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2FBF
0
58 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BzkOXZ2S7ZdmDI9a9jvQP_vqRqAsAAAAAOAHgBAI&bg=!nZ6lntHNAAa8BdJLnAU7ADQBe5WfOAHQ3dJiNT3GWOuWz5wu58VOX-m23_RhcM70tYPjirCpMNPJuQSxOtGvXdFNbourAgAAAFVSAAAAAmgBB5kDTQRv3A639wKxdsapKsv-1Xcq3q9d_AqCZMggpdcPvChHRLE2abiAPpkuGylIutZt8VlgaNw0g8VrluEZ9CfOu4qtySnlCaEYClNH3TyQh5Y2omBZXYvb-8I3S0VHpmz5bhG56O6sunf6KZ8h7fxQUlF55vf8DCbGGAH3Xh9SwtujLAtpjjcH_Lzb7KRSCqc77CFLQTfh4W-qIBqcM3GVk7GANd5tjr1ormgA3Nmn8IJNa_Wz1nwIF9lAzHPLbaq269coCijUqpDCC5VToeiKYkX73bBEmMJgiooiXkMx1EvlZ7GKUiLl3GpuV3JuAMuS-AS7UiduuUEL0I9jdbdy3YUPijxgNzq_Um4p4jdun34RsPYX3qFQ9EcsiGWemCDGC_Gmq_VJNHWuO1JlkqnmTVK02Lx7CkPpRgqWwRbXD1V4gF0UuFEiQxValq7KbmksR6W-EcgGs472NqFL_0YjasjNLp1Mty2scS6l4ig5g4b06I8Neb2MCwICl441YvD-70wGHOiqyjt_4Q1x3FLeH8A2HRSyXDG0ZXeypiblB_huAxk0dKkvuZ72PpUa5JQjawh8daJMoHdftfTbp-CDBK6f8oGrGr6kmu3tUHUrW_eGfxF5OzjkVRo2GBEOmaNCtCTsrbbmK82iEWW6K-XNIGXMYPWfs3RptJYePbnQ6bTtduVob2i-qo5i6vAbP3NHE9mwRGJvvcz_xpm2AreGOiPXkgJe8HJs9Fn1QthWHDxEvlhtETjh-DgZdkzSyvbltjXITKBeJHqMBue2eXP_pB1V5KOCKmBFblfS7632Wdqk99LnMugEHXFG1VZyR78xR22lCkiUTR8tTPkJfaU0i0hfNfan3EGDsE5PtjZZ_0wV1GpKV3tuOK0ofsp_1vMH9sHUDXQD5xGNpmFhKQ3GZJcZ_9U4QK3eqwAcqUiuhjbFFqAfVGUj7UwooZmtvW8Hvxz1vqWxGL6Q4zJYl_l7gUf0eTKwAtGmskqcY0uqQCDsT3wtDOokP13zThEuhUkWtQBxwniBtJgW6nILuqd2f0bbrOGwbq4Fe2p7stSVK_KFNKWbRSDXLpHr1L1a7fwpARtCqw62RTeuvnnrWsqSSgyfHkCtLiS_byYby943
Requested by
Host: cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com
URL: https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame D0C8
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZbtkaF9CnZ6y1-4kVLU8egAADuEAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 09:29:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N7NMGWSXBZWZ33H7FTE4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D0C8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=935aafec-4bc0-4340-8a19-bd7f02a666a6&expiration=1709371753&gdpr=0&gdpr_consent=
0
0

ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame D0C8
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZbtkaF9CnZ6y1.4kVLU8egAA%263809&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZbtkaF9CnZ6y1.4kVLU8egAA%263809&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=1157609403214f4db7a9111a8604c80b
  • https://he.lijit.com/merge?pid=8100&event_type=email&lc_md5=c8ab20e8d968bc912f3965a8327879c8&lc_sha1=a157568fff57e49c6d1502661b07b920b71f9506&lc_sha256=203dda47d3eaced2b662e5f4f7a25ed70d18795c80515...
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=2&mi=10&dpi=174445236&pt=1&dpn=2247&dpt=c8ab20e8d968bc912f3965a8327879c8&pt=1&dpn=2248&dpt=a157568fff57e49c6d1502661b07b920b71f9506...
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=2&mi=10&dpi=174445236&pt=1&dpn=2247&dpt=c8ab20e8d968bc912f3965a8327879c8&pt=1&dpn=2248&dpt=a157568fff57e49c6d1502661b07b920b71f9506...
43 B
942 B
Image
General
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=2&mi=10&dpi=174445236&pt=1&dpn=2247&dpt=c8ab20e8d968bc912f3965a8327879c8&pt=1&dpn=2248&dpt=a157568fff57e49c6d1502661b07b920b71f9506&pt=1&dpn=2270&dpt=203dda47d3eaced2b662e5f4f7a25ed70d18795c80515a0a7aa5e4c7f97386b5&pcid=IFo5APZHuBsBWGRkR42ZdOx3&ckls=true&ci=T2Wl4nxbnE&nc=false&trid=52314636-278b-457f-9161-682958068472
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
3.161.213.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-118.yul62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:16 GMT
via
1.1 e4319b693fea530a4675a1f616581394.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
Fh-wUd9V-a-uGlQAy8W0f9XCPI8D80Sqsm2cely1YgKShtP2XD5BvQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:15 GMT
via
1.1 e4319b693fea530a4675a1f616581394.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=2&mi=10&dpi=174445236&pt=1&dpn=2247&dpt=c8ab20e8d968bc912f3965a8327879c8&pt=1&dpn=2248&dpt=a157568fff57e49c6d1502661b07b920b71f9506&pt=1&dpn=2270&dpt=203dda47d3eaced2b662e5f4f7a25ed70d18795c80515a0a7aa5e4c7f97386b5&pcid=IFo5APZHuBsBWGRkR42ZdOx3&ckls=true&ci=T2Wl4nxbnE&nc=false&trid=52314636-278b-457f-9161-682958068472
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
y4J9vxyktp2X4NqLtqnWEbptXd8xjrZOeJVClKmvUokXlzg-Mm3_dA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame D0C8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZbtkaF9CnZ6y1-4kVLU8egAADuEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEC9cH1yPk0wYNoVEPMVoP48&google_cver=1
43 B
536 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEC9cH1yPk0wYNoVEPMVoP48&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ly%2FyBOiy%2Bh29fhh8ob50YoI3s0nGw0RZI8heL3gVURniDAesyzitxH0kCGZ%2F2VyxybXpYuWvBhK4wmgD%2FrDmmzEX2rBuenUSdDoSRmFfTkig4YHjGm94gPVIH49pndq9hnS85S3SKB1cgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84e92b3389d95479-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEC9cH1yPk0wYNoVEPMVoP48&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D0C8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=525832562408744480
43 B
328 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=525832562408744480
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbeKYl3NswB4qvtOYKxgqA47MwqHUSzNsEvkI9IVEEAfvWf1yC2VBtQgjYJnXBgvPk2HgHQzd5rayJ%2FM0pmL555Xd66YsJUZPe%2FlQGy11xLI6t6CMAvkGTK1k%2FW6ZurzExWcYMgBjCLX7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84e92b33d93036c8-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
an-x-request-uuid
80e816e0-78ae-41e8-978f-911a9cb5be9c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=525832562408744480
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZbtkaF9CnZ6y1-4kVLU8egAADuEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame D0C8
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZbtkaF9CnZ6y1-4kVLU8egAADuEAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:83b2:f27c:d7f2:6412 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame D0C8
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=THuLu0x63-BXKtvvT3vE6hl52-hXL43rSywWoUiG
43 B
772 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=THuLu0x63-BXKtvvT3vE6hl52-hXL43rSywWoUiG
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usT%2B%2BmcdD%2FBAiDAGavINmhYlsYin4JN5y4PxkWDwbbDd36%2BrTve9BvZ0DdKc1vy7zufPrw0Xl62SK7pm%2FhHrBqm2HBOB2OPRDGwes2Xz0tUhTu7cmj6v%2BlCEaEg3rFZq5rSa970qr5BvbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84e92b36fdf739dd-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=THuLu0x63-BXKtvvT3vE6hl52-hXL43rSywWoUiG
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D0C8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=eWKhpx5YUWtHALyFbQLb_aYAzQQ
43 B
734 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=eWKhpx5YUWtHALyFbQLb_aYAzQQ
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVBnwgVBrHk3T7mmvIhjuVei9SH2bqghwWFtowaIa3L%2FCU9IlpLBwm7zszIFMJKjpL%2BGE8IOvb7RpiRrofNLTw%2Fcu9wE58Gb2jghw6oeYXPcfIbSc6XTxuXGYmaLoTPgG1uixj3m9NAN%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84e92b389f4339dd-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=eWKhpx5YUWtHALyFbQLb_aYAzQQ
Date
Thu, 01 Feb 2024 09:29:14 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
ecm3
s.amazon-adsystem.com/ Frame D0C8
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZbtkaF9CnZ6y1-4kVLU8egAADuEAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 09:29:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EMNQ75YP51Z2BCY9CHGQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 4F88
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=df4df303-d614-8f3a-913f-ba7cfaa092f4
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 09:29:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W5YVWCRXWVCQZSYTWCRN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
135ce93a-5a12-a689-60e6-2e1e6dc4945d
pr-bh.ybp.yahoo.com/sync/openx/ Frame 4F88
43 B
603 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/135ce93a-5a12-a689-60e6-2e1e6dc4945d?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:83b2:f27c:d7f2:6412 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 4F88
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=df4df303-d614-8f3a-913f-ba7cfaa092f4
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 09:29:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1KVE63YHB1ZM1JPEA5SR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4F88
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=879b8f7e-cabe-34c0-5131-38eb92935914&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=879b8f7e-cabe-34c0-5131-38eb92935914&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=935aafec-4bc0-4340-8a19-bd7f02a666a6&ttd_puid=879b8f7e-cabe-34c0-5131-38eb92935914&gdpr=0&gdpr_consent=
43 B
62 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=935aafec-4bc0-4340-8a19-bd7f02a666a6&ttd_puid=879b8f7e-cabe-34c0-5131-38eb92935914&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=935aafec-4bc0-4340-8a19-bd7f02a666a6&ttd_puid=879b8f7e-cabe-34c0-5131-38eb92935914&gdpr=0&gdpr_consent=
date
Thu, 01 Feb 2024 09:29:13 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 4F88
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWJmNDVjYjQtMDNjOS02YTY0LTQ0ZDEtNjI1MjU4NzE5Nzc0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4F88
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJy6gLx5UyTF06bqqhAf1xA&google_cver=1
43 B
163 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJy6gLx5UyTF06bqqhAf1xA&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJy6gLx5UyTF06bqqhAf1xA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3a504e68.png
s0.2mdn.net/sadbundle/4842514163848708096/images/ Frame A157
984 B
1012 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4842514163848708096/images/3a504e68.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6800769c94bb6c61478754ac50e07bccab7ecdb2c23a548c1b88d56926d7f1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 31 Jan 2025 07:15:28 GMT
date
Thu, 01 Feb 2024 07:15:28 GMT
x-content-type-options
nosniff
age
8025
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
984
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:24:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
9d5c08a2.png
s0.2mdn.net/sadbundle/4842514163848708096/images/ Frame A157
22 KB
22 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4842514163848708096/images/9d5c08a2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac537c1338bd86914f498cbd9be53afdc02e07fd8ef8f3763b0769f0711e3880
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 31 Jan 2025 01:42:44 GMT
date
Thu, 01 Feb 2024 01:42:44 GMT
x-content-type-options
nosniff
age
27989
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22446
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:24:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
5778058f.png
s0.2mdn.net/sadbundle/4842514163848708096/images/ Frame A157
20 KB
20 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4842514163848708096/images/5778058f.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fad5650fd3478296dc04517547d09245fa2cf5b1a77123ebeac0869e66326c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 31 Jan 2025 07:15:28 GMT
date
Thu, 01 Feb 2024 07:15:28 GMT
x-content-type-options
nosniff
age
8025
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20708
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:24:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
440038af.png
s0.2mdn.net/sadbundle/4842514163848708096/images/ Frame A157
30 KB
30 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4842514163848708096/images/440038af.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb4c1e88d8441244b84105fd9409e29323b5b10d63c1b0a960fe1bbd70d6472f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 31 Jan 2025 07:15:28 GMT
date
Thu, 01 Feb 2024 07:15:28 GMT
x-content-type-options
nosniff
age
8025
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30445
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:24:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
910eb65d.png
s0.2mdn.net/sadbundle/4842514163848708096/images/ Frame A157
2 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4842514163848708096/images/910eb65d.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbd295cef378a24e5ee2c7afbad7403ce7ba94f2739948588185360e509bb150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 31 Jan 2025 07:15:28 GMT
date
Thu, 01 Feb 2024 07:15:28 GMT
x-content-type-options
nosniff
age
8025
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1920
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:24:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
8169b5c2.png
s0.2mdn.net/sadbundle/4842514163848708096/images/ Frame A157
5 KB
5 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4842514163848708096/images/8169b5c2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfc2fef80255af53882a3f45528b25df68edcaf99aecd36fe33db811b4cc7254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 31 Jan 2025 07:15:28 GMT
date
Thu, 01 Feb 2024 07:15:28 GMT
x-content-type-options
nosniff
age
8025
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5560
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:24:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
f8758345.png
s0.2mdn.net/sadbundle/4842514163848708096/images/ Frame A157
10 KB
10 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4842514163848708096/images/f8758345.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4f0a6ade003597c5d2fcf7c6a8d37832d186af1d447a379b7a14a90752f278d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 31 Jan 2025 07:15:28 GMT
date
Thu, 01 Feb 2024 07:15:28 GMT
x-content-type-options
nosniff
age
8025
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10096
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:24:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
9c666995.png
s0.2mdn.net/sadbundle/4842514163848708096/images/ Frame A157
4 KB
4 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4842514163848708096/images/9c666995.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46e514dcf05baf3b1f7479aab9eafc1a4a9bbca66dc5b1078b8c6b339af91ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 31 Jan 2025 07:15:28 GMT
date
Thu, 01 Feb 2024 07:15:28 GMT
x-content-type-options
nosniff
age
8025
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3956
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:24:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
565c04fc.png
s0.2mdn.net/sadbundle/4842514163848708096/images/ Frame A157
7 KB
7 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4842514163848708096/images/565c04fc.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6f768e09d7cbf7b01c8ca8ceba2fe5ecfa8e085093eb5496cffd7ad380d80f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 31 Jan 2025 01:42:44 GMT
date
Thu, 01 Feb 2024 01:42:44 GMT
x-content-type-options
nosniff
age
27989
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6766
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:24:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
e8fae1d1.png
s0.2mdn.net/sadbundle/4842514163848708096/images/ Frame A157
3 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4842514163848708096/images/e8fae1d1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75314c825d5ffb0c101df1e3746c54d0445152cbca2c850ad224b9b5aff7fc72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 31 Jan 2025 07:15:28 GMT
date
Thu, 01 Feb 2024 07:15:28 GMT
x-content-type-options
nosniff
age
8025
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3120
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:24:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
29cbb31d.png
s0.2mdn.net/sadbundle/4842514163848708096/images/ Frame A157
5 KB
5 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4842514163848708096/images/29cbb31d.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f33dab1f24e5f1ec10057e559f6ee242f32ec18536d2f73a27ae3df10dc4f86a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 31 Jan 2025 07:15:29 GMT
date
Thu, 01 Feb 2024 07:15:29 GMT
x-content-type-options
nosniff
age
8024
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5176
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:24:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
c90563f8.png
s0.2mdn.net/sadbundle/4842514163848708096/images/ Frame A157
3 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4842514163848708096/images/c90563f8.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a6ebb4518836d555784198267dca7de180f0609ef867c693c729abe0855301d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 31 Jan 2025 07:15:29 GMT
date
Thu, 01 Feb 2024 07:15:29 GMT
x-content-type-options
nosniff
age
8024
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3342
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:24:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
6a5f9d91.png
s0.2mdn.net/sadbundle/4842514163848708096/images/ Frame A157
6 KB
6 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4842514163848708096/images/6a5f9d91.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c44de879982d22a7af446036bf4f9076fe101a861bf28bc3d4a519e846ed732f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 31 Jan 2025 07:15:29 GMT
date
Thu, 01 Feb 2024 07:15:29 GMT
x-content-type-options
nosniff
age
8024
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6066
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:24:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
ae828946.png
s0.2mdn.net/sadbundle/4842514163848708096/images/ Frame A157
3 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4842514163848708096/images/ae828946.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63d8142c6bb5b436123f6da5581948c2e1c68ed85ba9d533c34e47b70afc2ddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 31 Jan 2025 01:42:44 GMT
date
Thu, 01 Feb 2024 01:42:44 GMT
x-content-type-options
nosniff
age
27989
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2915
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:24:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
51701f7d.png
s0.2mdn.net/sadbundle/4842514163848708096/images/ Frame A157
5 KB
5 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4842514163848708096/images/51701f7d.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf41c0ad17b574c12f3064a4dbab3b1ae4394cdb3b80498674180ef4b5f37150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 31 Jan 2025 07:15:29 GMT
date
Thu, 01 Feb 2024 07:15:29 GMT
x-content-type-options
nosniff
age
8024
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5428
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:24:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
b6293dca.png
s0.2mdn.net/sadbundle/4842514163848708096/images/ Frame A157
1 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4842514163848708096/images/b6293dca.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e3e3afeb810f4956781e00e559550988d43b941fa4940d30d5909b24903c36f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 31 Jan 2025 07:15:29 GMT
date
Thu, 01 Feb 2024 07:15:29 GMT
x-content-type-options
nosniff
age
8024
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1223
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:24:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
3bf59b16.png
s0.2mdn.net/sadbundle/4842514163848708096/images/ Frame A157
2 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4842514163848708096/images/3bf59b16.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb6f61653ede2f77a88607da92a849534562afef43a8ae0b28fdfdb1e3dc311a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4842514163848708096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 31 Jan 2025 07:15:29 GMT
date
Thu, 01 Feb 2024 07:15:29 GMT
x-content-type-options
nosniff
age
8024
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2539
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:24:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
rtset
bh.contextweb.com/bh/ Frame 710B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=WEJRTGNTRkVPMXJGdjI5d0lBRUlUQQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEDSBYiq76fhpi8qDffnCpfM&google_cver=1
49 B
805 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEDSBYiq76fhpi8qDffnCpfM&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-9k2d6
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEDSBYiq76fhpi8qDffnCpfM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 710B
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=5a200f0083a1162&is_secure=true&networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAG71FAtdubuwNZvvU0AAAAAAA&expiration=1706866154&nuid=&is_secure=true&gdpr_consent=&gdpr=0
49 B
841 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAG71FAtdubuwNZvvU0AAAAAAA&expiration=1706866154&nuid=&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-9k2d6
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:14 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAG71FAtdubuwNZvvU0AAAAAAA&expiration=1706866154&nuid=&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rtset
bh.contextweb.com/bh/ Frame 710B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=95&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=623434d3-9858-4572-b7e5-dd150750dd4b-65bb646a-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=623434d3-9858-4572-b7e5-dd150750dd4b-65bb646a-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=623434d3-9858-4572-b7e5-dd150750dd4b-65bb646a-4341&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid...
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=623434d3-9858-4572-b7e5-dd150750dd4b-65bb646a-4341&gdpr_in_effect=0&gdpr_consent=
49 B
893 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=623434d3-9858-4572-b7e5-dd150750dd4b-65bb646a-4341&gdpr_in_effect=0&gdpr_consent=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-9k2d6
expires
-1

Redirect headers

date
Thu, 01 Feb 2024 09:29:15 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=623434d3-9858-4572-b7e5-dd150750dd4b-65bb646a-4341&gdpr_in_effect=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 710B
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=sWhHaNZoZyfL&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 09:29:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H85KNE4XN80R33ASXZ02
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
view
ad.doubleclick.net/pcs/ Frame 6D5F
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjst9SzDsrA6YvSHfV3z0VTBS5OxzKanEolcW7cRo-aiUDG_ef1AdrNVxFSBEHRBvLHjMm0-BZLdeGC3fvyW4LL40P0E40qsh7p03idjHgXBopdTGmkb04D0PQ6L_wY5bIsTDdciQAI5A8BQngOM5dLAGOtW3PUK9ZxRo55Hwp0bVtoHWD4wMeaKm_w7VqjdwyVs6Or-WzBgd7GNCxre7T72gEv-Duy9oz3LSaOX2O_EeYbUDlS0RTC88_LNYQzPiPz2s1-JoRCWPVlrIqFrykf4dEqJrh7f1g1DzXtZgblG6QETDt-Oq309FjEbHMcWUPchXOmBHBOe-2Igo_JT8-oQDrLnMZgSrpvypzhEKogMXuWmybSvLT1MvkS3gwz_sPhyL9zoGnNq03SBHdBnenyF4i3s6jO-UfOIVsQVEeUFClPGC1vkyG9gd8NHrk1LCo2mij1Z3Al3h1oSuv5Y169x__XOOoBVJw8unYzK5TRNQddvBrQzyNykNM1yHRmBgBw-cmhRGofmCgzd_0-YFV1Gh0jZ93xhSq3plhSUBaGRwOJNOLF2j1IuH2kdZwZoVdmfeclhC86ctyzAB8vCOoSvQkG8XmbcJPdOdpvprLeuU8H3191ItfQcZD8f55mMq4cLGkJ9_mTK10A5LkWcECR5RZ0k50DS21kiNOz0DcR2oSGE0FZtp-IAKi2ylMgzS89ABsKghojL-xy2vsrz_LPY4ONXwFR6bFuVEiX8Tenl4rXtfviNgZp8dHPefs7EFF7yuDDmlZOFGAPMRcL0mCR3T5XNmm2XkeMHT7ejg3bidFf1vTIgADxNObyFx64rD81y-0uK9QmFxFud51SKEYMxhoGZVtYtSypEHCPM9gOdSA6BqMEep4GbxYpnAUPvqGqZTyh9GWtXyT0gv_PuWZtLRO1Au6tFYcVdRJ62X88TQE9gv-4MI4uBYsEbSwqfnt5Cay6e_zovEctBuhLDF7ZHZCibYbdCRtIjrnhjEWGbf1R9tozwBqWEO72S03UUloICIOmSUz0aYX1xIHMpEpoxSSBVc-qzaJ7Gx0Bfry6S1BMQS3pcEFWaAG_iETNLi8eJmNMjsnXvYLJLcb7aEVxuexBdaZdE5wIx52pH1x4ZhuioI-qgBRLdNmv_Rv_MTeYUvhFSt4Ywh7qE7PG5lkEbaKS6QGmUs0VUFIDJFeLVNQeRaB1m59JlEML0sDPvfNFfu7EJpe79dV2itMPqz9mi7CmqyWocrJsH4I5Qq9BApw65JLGw6HuX3keI3nDh4rFRVyZJpx-kI4p6XoqratcuqVYxfD1Fdy1ccpkotgYNmc4I1deFqD8nllHWIf2fex5eyIuxnaXqZnnpEcRZTmzwfGzDhfX2lo44b8AXgPMCAJIC7bmtDeN0fEd2bqwVzaO1L8BHP51hUPUO0ZdwYZTTvjDP4ttNReYc-CQXIq4BI8Jvwl7xaSpxH6sU15U30pafbXGr16W-8TMHzFehULJA&sai=AMfl-YRGmKIEJs15Qq1xGIq2kGr90ri7rHE4vnoqnYQPiYJONa8xPujHmO-BP2bF62eR_YTuK8AXrpDRPsdP3G1pqAGiSghE32BPZU5xnTE7EdvsjIJnFNwP_yUnM_NnpSckIQDPG9Rl7x78NcLGnVR-9lCFZRkaltxy5VnkWYTgYLernU0pMHFhIGePFjwbA9fa83b_VJisbKNmYiJy9ZRg3FromlUQa-yaXlz00OBqFTgRLyKMwardsW8d3aEFthSYIcgvt3NSGBbjh5Bj9ZmjyNozgAlUrZsJKSoALj78nuEymzxlo0GhJ7O1DSxuo57JzY_bnRuGKOTxjNjS1zAy5nn4vr4A2agZ4df5EWDrGf9V_bEvd0Uy8xg4DIZV9KIls0OWOmSB2SXZPRhsI6YEpkXvq2WlBWkSysFafdAi18ERflxI&sig=Cg0ArKJSzG_Hg8wdIydGEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zY290aWFiYW5rLmNvbSxodHRwczovL2RlbWRleC5uZXQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1647&vt=11&dtpt=979&dett=3&cstd=665&cisv=r20240129.36938&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 01 Feb 2024 09:29:13 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6D5F
42 B
121 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv31C34xGeh95dEbXUgeV-zGNGol9JrBV7qDIyY1GN4RBZ1k71OL1XRq5S2hihyxUntOtzWljis7XODH0vYpKKf1MfWI6qFQ6-rQf2PnWn_-RwRNOuzGCUHUIRcmeAOveYZHsH_KBPjb7vjLuTqNcUncDpA&sai=AMfl-YRVv2YyErVuzs97KdYgOmS_gGyaPdGltqPumxzf686ZDuIhbPTcB5rBZg_5Oj4DkTHtj2otVRY7DVtIcqKMruCw-qfxkMkL4-th2O0wj_glL3yO_wCuZqvaIU8&sig=Cg0ArKJSzLU4Kbs-ji2VEAE&cid=CAQSOwAvHhf_gFLZdW9D525ZXNtTCBnLO-yKU2CNRKRDkiBTs8dPFgK0XDWQKjDQVdfg5d7O4Dx6ZLoku882GAE&id=lidar2&mcvt=1006&p=0,0,90,728&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2709258452&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=271255200&rst=1706779752128&rpt=657&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame CE46
7 B
778 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Expires
0
dcm
s.amazon-adsystem.com/ Frame 3B90
43 B
855 B
Document
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 01 Feb 2024 09:29:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ME351GC100M1NMS9NTA1
ecm3
s.amazon-adsystem.com/ Frame A856
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 01 Feb 2024 09:29:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
R99BANTYG5NSYXE278W8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A915
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=C13SF7H7S6OPP7j2SxY2ng%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.193.120.208 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-120-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:14 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=69589
accept-ranges
bytes
content-length
5622
expires
Fri, 02 Feb 2024 04:49:03 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame A915
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2d811491-3403-4dc5-9367-a948602b734a%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=935aafec-4bc0-4340-8a19-bd7f02a666a6&ttd_puid=2d811491-3403-4dc5-9367-a948602b734a%2C%2C
95 B
431 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=935aafec-4bc0-4340-8a19-bd7f02a666a6&ttd_puid=2d811491-3403-4dc5-9367-a948602b734a%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:15 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=935aafec-4bc0-4340-8a19-bd7f02a666a6&ttd_puid=2d811491-3403-4dc5-9367-a948602b734a%2C%2C
date
Thu, 01 Feb 2024 09:29:14 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame A915
0
0
Image
General
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%200B5DD217-B1FB-4BA3-8F3F-B8F64B16369E&rnd=RND
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

xuid
eb2.3lift.com/ Frame A915
37 B
353 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 01 Feb 2024 09:29:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame A915
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEI1REQyMTctQjFGQi00QkEzLThGM0YtQjhGNjRCMTYzNjlF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 01 Feb 2024 09:29:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A915
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFVekcuTpBc-lgfGWfaj5A8&google_cver=1
42 B
344 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFVekcuTpBc-lgfGWfaj5A8&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 01 Feb 2024 09:29:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFVekcuTpBc-lgfGWfaj5A8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A915
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:49BAECB5249A4B74B3D94B2820C391F5
42 B
323 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:49BAECB5249A4B74B3D94B2820C391F5
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 01 Feb 2024 09:29:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 01 Feb 2024 09:29:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:49BAECB5249A4B74B3D94B2820C391F5
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 31 Jan 2024 09:29:14 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A915
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=935aafec-4bc0-4340-8a19-bd7f02a666a6&gdpr=0&gdpr_consent=
42 B
542 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=935aafec-4bc0-4340-8a19-bd7f02a666a6&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 01 Feb 2024 09:29:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=935aafec-4bc0-4340-8a19-bd7f02a666a6&gdpr=0&gdpr_consent=
date
Thu, 01 Feb 2024 09:29:14 GMT
server
Kestrel
content-length
355
0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A915
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E?gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:83b2:f27c:d7f2:6412 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ecm3
s.amazon-adsystem.com/ Frame 41EF
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=IFo5APZHuBsBWGRkR42ZdOx3&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 09:29:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4NJM3EY0TAZTAF3HQZDC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 41EF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=525832562408744480&gdpr=0&gdpr_consent=
43 B
626 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=92&3pid=525832562408744480&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H2
Server
34.200.162.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-162-145.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Thu, 01 Feb 2024 09:29:14 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:14 GMT
an-x-request-uuid
b38183fb-3a4d-4b87-b514-eb96ff5cdaed
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ce.lijit.com/merge?pid=92&3pid=525832562408744480&gdpr=0&gdpr_consent=
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 41EF
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=aea435a7-180a-4199-bdf7-aedae9b0669c
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=87&3pid=aea435a7-180a-4199-bdf7-aedae9b0669c
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H2
Server
34.200.162.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-162-145.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Thu, 01 Feb 2024 09:29:15 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=aea435a7-180a-4199-bdf7-aedae9b0669c
date
Thu, 01 Feb 2024 09:29:15 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame 41EF
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=sWhHaNZoZyfL&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
623 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=49&3pid=sWhHaNZoZyfL&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H2
Server
34.200.162.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-162-145.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Thu, 01 Feb 2024 09:29:14 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://ce.lijit.com/merge?pid=49&3pid=sWhHaNZoZyfL&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-9k2d6
expires
-1
merge
ce.lijit.com/ Frame 41EF
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LS30LJR6-1Z-BJML&gdpr=0
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LS30LJR6-1Z-BJML&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H2
Server
34.200.162.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-162-145.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Thu, 01 Feb 2024 09:29:15 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LS30LJR6-1Z-BJML&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
deb9f124eecce7a554c70ca983265c95
Expires
0
krshme82.gif
us.ck-ie.com/ Frame 41EF
Redirect Chain
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=krushmedia&user_id=52cd0cb0-9f66-5a9e-bc72-ec6f5759964b
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=&consent=&usp=&ssp=krushmedia&bsw=2a66c61c-2db3-4b9f-8483-c292eb5cc82a
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=&consent=&usp=&ssp=krushmedia&bsw=2a66c61c-2db3-4b9f-8483-c292eb5cc82a&chk=1
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=NjJmOTRmNjE2Njg5NTZkYw&gdpr=&gdpr_consent=&us_privacy=&ssp=krushmedia&bsw_param=2a66c61c-2db3-4b9f-8483-c292eb5cc82a
  • https://cs.krushmedia.com/e08dd6156d5e964da4fe396e97a25abc.gif?puid=2a66c61c-2db3-4b9f-8483-c292eb5cc82a
  • https://us.ck-ie.com/krshme82.gif?gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA]&coppa=[COPPA]&puid=52cd0cb0-9f66-5a9e-bc72-ec6f5759964b
42 B
432 B
Image
General
Full URL
https://us.ck-ie.com/krshme82.gif?gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA]&coppa=[COPPA]&puid=52cd0cb0-9f66-5a9e-bc72-ec6f5759964b
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
8.2.108.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 09:29:17 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 09:29:16 GMT
Server
nginx
Location
https://us.ck-ie.com/krshme82.gif?gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA]&coppa=[COPPA]&puid=52cd0cb0-9f66-5a9e-bc72-ec6f5759964b
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
ecm3
s.amazon-adsystem.com/ Frame CE46
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LS30LJAZ-1F-7RX9
  • https://s.amazon-adsystem.com/ecm3?id=LS30LJAZ-1F-7RX9&ex=d-rubiconproject.com&status=ok
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=LS30LJAZ-1F-7RX9&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 09:29:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
79ZY93K6YBFE3A7C46DB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LS30LJAZ-1F-7RX9&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
setuid
px.ads.linkedin.com/ Frame CE46
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS30LJAZ-1F-7RX9
0
517 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS30LJAZ-1F-7RX9
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:15 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: B472DFBCFC7E4E61928F6C620B514F1F Ref B: YTO01EDGE0507 Ref C: 2024-02-01T09:29:15Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYQTqEKIzJQ9qDArOz7aQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS30LJAZ-1F-7RX9
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame CE46
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=aBsfFVHZTKywTpLXEL9Slg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aBsfFVHZTKywTpLXEL9Slg
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aBsfFVHZTKywTpLXEL9Slg
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 09:29:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7R76VKNHDXPKG6JPDH5P
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aBsfFVHZTKywTpLXEL9Slg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame CE46
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/SfC2UFO98nB8S4zJk93gtcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-1Hezxs5E2oLaQRA60Ae571BY7SCP_Zt.TjfRww--~A
42 B
871 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-1Hezxs5E2oLaQRA60Ae571BY7SCP_Zt.TjfRww--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 01 Feb 2024 09:29:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-1Hezxs5E2oLaQRA60Ae571BY7SCP_Zt.TjfRww--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame CE46
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=935aafec-4bc0-4340-8a19-bd7f02a666a6&gdpr=0&gdpr_consent=&expires=30
42 B
871 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=935aafec-4bc0-4340-8a19-bd7f02a666a6&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
eea754ae2ea80a3b4eb2fcf35349058a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=935aafec-4bc0-4340-8a19-bd7f02a666a6&gdpr=0&gdpr_consent=&expires=30
date
Thu, 01 Feb 2024 09:29:14 GMT
server
Kestrel
content-length
289
pixel
cm.g.doubleclick.net/ Frame CE46
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjYxODc1NzIyNjFiMmI3ZDA1YzdlMWFkNTU3MmM3MDUwZTNkOTY5OA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjYxODc1NzIyNjFiMmI3ZDA1YzdlMWFkNTU3MmM3MDUwZTNkOTY5OA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjYxODc1NzIyNjFiMmI3ZDA1YzdlMWFkNTU3MmM3MDUwZTNkOTY5OA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
eea754ae2ea80a3b4eb2fcf35349058a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame CE46
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LS30LJAZ-1F-7RX9&ex=d-rubiconproject.com&status=ok
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=LS30LJAZ-1F-7RX9&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 09:29:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
96295PDAM701SQ3NNT5T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LS30LJAZ-1F-7RX9&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cdd55fb02049ca8b9389527f6c1a1194
Expires
0
tap.php
pixel.rubiconproject.com/ Frame CE46
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDZxinx0GjO0hlrVX_7xBCI&google_cver=1
42 B
871 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDZxinx0GjO0hlrVX_7xBCI&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
314e432eb2d967cf733b82bdbbe35231
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDZxinx0GjO0hlrVX_7xBCI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame CE46
43 B
855 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 09:29:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MWTCK4APCKPHVBWME49N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CE46
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFMzMExKQVotMUYtN1JYOQ==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENu0eAdUiS28cKsF02ONE5A&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMzMExKUjYtMVotQkpNTA==&google_push=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMzMExKUjYtMVotQkpNTA==&google_push=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMzMExKUjYtMVotQkpNTA==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Expires
0
tap.php
pixel.rubiconproject.com/ Frame CE46
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADWmU7LdskAABMbCN2CHw&expires=30
42 B
871 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADWmU7LdskAABMbCN2CHw&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
cdd55fb02049ca8b9389527f6c1a1194
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADWmU7LdskAABMbCN2CHw&expires=30
Date
Thu, 01 Feb 2024 09:29:15 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame CE46
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LS30LJAZ-1F-7RX9
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LS30LJAZ-1F-7RX9
43 B
1 KB
Image
General
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LS30LJAZ-1F-7RX9
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
2600:9000:2073:8a00:1b:6b7d:2300:93a1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:17 GMT
via
1.1 d5710f445906ae917df909d01c495c9e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD50-C2
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
sccWFU3Mv8kEgK3jxB_ASZFcgil1op42yBGQwYFIcp328QLt2KAbJw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:15 GMT
via
1.1 28f481302befff8459645b5750f67a86.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
IAD66-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LS30LJAZ-1F-7RX9
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
ob2-eJ5O_rjjQKLpNRSrWxsQXVa-zCi_8ivWoPlkimDAZX4LBVagLA==
cksync
hb.yahoo.net/ Frame CE46
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LS30LJR6-1Z-BJML&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LS30LJR6-1Z-BJML&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1hQzY2bnA5RTJ1RXpIZDFjblVCWTJqNnRiZUFfT2pweH5B&ovsid=LS30LJR6-1Z-BJML&dpid=58160
57 B
650 B
Image
General
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1hQzY2bnA5RTJ1RXpIZDFjblVCWTJqNnRiZUFfT2pweH5B&ovsid=LS30LJR6-1Z-BJML&dpid=58160
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.40.207.42 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 01 Feb 2024 09:29:16 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Thu, 01 Feb 2024 09:29:16 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1hQzY2bnA5RTJ1RXpIZDFjblVCWTJqNnRiZUFfT2pweH5B&ovsid=LS30LJR6-1Z-BJML&dpid=58160
date
Thu, 01 Feb 2024 09:29:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
capi.connatix.com/us/ Frame CE46
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LS30LJR6-1Z-BJML&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LS30LJR6-1Z-BJML&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B
Image
General
Full URL
https://capi.connatix.com/us/pixel?puid=LS30LJR6-1Z-BJML&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
104.18.41.104 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84e92b4a2dc936ff-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 01 Feb 2024 09:29:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LS30LJR6-1Z-BJML&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84e92b48aca736ff-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
v1
match.sharethrough.com/sync/ Frame CE46
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LS30LJAZ-1F-7RX9
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LS30LJAZ-1F-7RX9
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
3.214.126.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-126-113.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:16 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LS30LJAZ-1F-7RX9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9a0c641c0479142b55591fdf2031b15f
Expires
0
merge
ce.lijit.com/ Frame CE46
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LS30LJAZ-1F-7RX9
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LS30LJAZ-1F-7RX9
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
34.200.162.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-162-145.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Thu, 01 Feb 2024 09:29:16 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LS30LJAZ-1F-7RX9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
44e748b6247b033344ab4f6b8c0f8cbb
Expires
0
setuid
ib.adnxs.com/prebid/ Frame CE46
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LS30LJAZ-1F-7RX9
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LS30LJAZ-1F-7RX9
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:16 GMT
an-x-request-uuid
80bf8f83-6ee5-40ca-b69c-78a77de57eb3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LS30LJAZ-1F-7RX9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f84b118a3f01dd6ffa744f6af941f4e8
Expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame A915
0
260 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame A915
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=46973741&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.112 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
401b21044c57b66122ccd86dbef85bd0b6089ec1ba77157747ef13ac4bec92b0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 01 Feb 2024 09:29:15 GMT
content-length
1597
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame D0BE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=525832562408744480&gdpr=0&gdpr_consent=
42 B
296 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=525832562408744480&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 01 Feb 2024 09:29:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
7b6fac38-9c94-48c3-9b43-82fd2ea8d89a
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 01 Feb 2024 09:29:16 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=525832562408744480&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
cookie-sync
match.prod.bidr.io/ Frame D1E0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEV21VN0xkc2tBQUJNYkNOMkNIdw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?uid=AADWmU7LdskAABMbCN2CHw&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_cu...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
0
0

b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 1F3D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
259 B
Document
General
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZbtkbAABn5lYuwAg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 01 Feb 2024 09:29:17 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4575-YYZ
x-timer
S1706779757.403747,VS0,VE21

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Thu, 01 Feb 2024 09:29:16 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZbtkbAABn5lYuwAg
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4575-YYZ
x-timer
S1706779757.929223,VS0,VE20
ecm3
s.amazon-adsystem.com/ Frame 995B
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 01 Feb 2024 09:29:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
PP1S7C6GXFH3F40F7HQA
insync
thrtle.com/ Frame A915
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E&vxii_pid=12&vxii_pid1=10067&vxii_rcid=3ba50b95-95ad-4ce1-bfa3-6e5593618ddc
43 B
295 B
Image
General
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E&vxii_pid=12&vxii_pid1=10067&vxii_rcid=3ba50b95-95ad-4ce1-bfa3-6e5593618ddc
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
34.235.77.155 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Thu, 01 Feb 2024 09:29:17 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E&vxii_pid=12&vxii_pid1=10067&vxii_rcid=3ba50b95-95ad-4ce1-bfa3-6e5593618ddc
date
Thu, 01 Feb 2024 09:29:17 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame A915
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame A915
43 B
359 B
Image
General
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.246.215 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:17 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame A915
0
425 B
Image
General
Full URL
https://sync.bfmio.com/sync?pid=187&uid=0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.97.47 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 01 Feb 2024 09:29:16 GMT
SPug
image4.pubmatic.com/AdServer/ Frame A915
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Bp_PKgJE2uUmQKesg.fUNZkkcftZ0cE-~A&gdpr=0
0
260 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Bp_PKgJE2uUmQKesg.fUNZkkcftZ0cE-~A&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.84 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:29:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Bp_PKgJE2uUmQKesg.fUNZkkcftZ0cE-~A&gdpr=0
date
Thu, 01 Feb 2024 09:29:16 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame A915
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2f15aa26-92b4-4adc-a698-dbc5c1764a93&gdpr=0&gdpr_consent=
1 B
236 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2f15aa26-92b4-4adc-a698-dbc5c1764a93&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 01 Feb 2024 09:29:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2f15aa26-92b4-4adc-a698-dbc5c1764a93&gdpr=0&gdpr_consent=
Date
Thu, 01 Feb 2024 09:29:17 GMT
Connection
keep-alive
X-CI-RTID
01ddf435-1445-4e1f-9f3d-baea180a8836
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame A915
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8820268196091734302&gdpr=0&gdpr_consent=&us_privacy=
1 B
218 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8820268196091734302&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 01 Feb 2024 09:29:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8820268196091734302&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 01 Feb 2024 09:29:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
collect
analytics.google.com/g/
0
17 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-VJN3X16J7Y&gtm=45je41v0v897582120&_p=1706779748806&gcs=G111&gcd=11t1t1p1p5&npa=1&dma_cps=-&dma=0&tcfd=1000g&gdid=dMmY1Mm&cid=1136395905.1706779750&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEI&_s=3&sid=1706779749&sct=1&seg=0&dl=https%3A%2F%2Fwww.tuasaude.com%2F&dt=Tua%20Sa%C3%BAde%20-%20Informa%C3%A7%C3%A3o%20de%20confian%C3%A7a%20sobre%20sa%C3%BAde%2C%20nutri%C3%A7%C3%A3o%20e%20bem%20estar&en=ad_impression&ep.query_id=CJnTtYbqiYQDFdaegwgdfn0EtQ&_et=1616&tfd=9820
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJN3X16J7Y&l=tsDataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tuasaude.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 09:29:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tuasaude.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=935aafec-4bc0-4340-8a19-bd7f02a666a6&expiration=1709371753&gdpr=0&gdpr_consent=
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| objectToFormData object| googletag object| ads object| options number| useAmazonMultiFormatAds boolean| isMobile object| googleAds object| amazonAds function| showad object| apstag object| ajax object| backoffice function| createStore object| googleAdsRefresh function| recaptchaCheck object| tsReCaptcha object| utils object| FormValidations object| quizStarter function| hj object| _hjSettings object| crossDataLayer object| tsDataLayer object| ggeac object| google_tag_data object| google_js_reporting_queue object| _aps boolean| apstagLOADED object| apscustom object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_manager function| pintrk string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady undefined| google_measure_js_timing object| d number| n number| refreshRate number| refreshMinimumVisible number| refreshMinimumVisibleContinous string| refreshMaximumProgression number| refreshMinimumScrollStill number| multiplier boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL object| gaplugins object| gaGlobal object| gaData function| CookieScript object| dataLayer function| gtag string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ODMwYzA1N2NjYTU2OTRlY2xvYWRlcl9qcw== string| ODMwYzA1N2NjYTU2OTRlY2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT object| CE_API number| google_unique_id object| tagConfig object| pdKeyObject boolean| 04a1dc03-c345-4776-af5e-9abadce324fb boolean| google_empty_script_included

117 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CgASDw2eVdUNEggKBgiTARCMFw
.tuasaude.com/ Name: _gid
Value: GA1.2.1663641267.1706779750
.tuasaude.com/ Name: _gat_UA-130025901-22
Value: 1
.tuasaude.com/ Name: _ga
Value: GA1.1.1136395905.1706779750
.tuasaude.com/ Name: _ga_KMLKQF5N2B
Value: GS1.1.1706779749.1.0.1706779749.60.0.0
www.tuasaude.com/ Name: CookieScriptConsent
Value: {"googleconsentmap":{"ad_storage":"targeting","analytics_storage":"performance","ad_user_data":"targeting","ad_personalization":"targeting","functionality_storage":"functionality","personalization_storage":"functionality","security_storage":"functionality"}}
.tuasaude.com/ Name: _pin_unauth
Value: dWlkPU1ESXlPVEF3WlRJdE9HTTVZUzAwTTJRMkxUZ3lOalV0WkRBNVlXTmtZV1UyTUdNeA
.pinterest.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUn37nlN-HiEa_sj705jkXHirmdPPZonHxo6p1-NLzkBFK0L4xn_3jaLjzMJ4zM
.tuasaude.com/ Name: __gads
Value: ID=09caa24749b9a4c1:T=1706779751:RT=1706779751:S=ALNI_MYO06BYbxUuJtSV95KwkcDftB8YrQ
.tuasaude.com/ Name: __gpi
Value: UID=00000a0a66699bb9:T=1706779751:RT=1706779751:S=ALNI_MZ1gNg56-B0ElAiUnCZ8FqTleVygw
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSZleXFCa2YzalNZdWxPWkF2V2pBU2pqYStwNVhZdFJxSFhNYmZvWW5ZaHRhWW0zVU04c3Q5WXlGQlR4eTBpN1NDOWwxRGN2MUl1V2tPaVBOTk9KK3c5TFlsMjJaWWh2WEZYYTlLS0YrRnJEUT0mUFNVdkJueW5CUldxNFdWaUY3eXRIajZLbXVvPQ=="
.tuasaude.com/ Name: _ga_VJN3X16J7Y
Value: GS1.1.1706779749.1.0.1706779751.58.0.0
.tuasaude.com/ Name: _ce.clock_event
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: AyJC4hSo20q9jvRbuZz3P94
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.tuasaude.com/ Name: FCNEC
Value: %5B%5B%22AKsRol__Up4pbzh3h2pNz-eU8x9JQEPGFzEzRw_h91_IrC8_-1HAooKQnrMl1XhwJInOc1RWu3i64G1UfIhD7K34PliFMWHTAd4qQICgM1ez6gHAr72QxZisDNOG4NsEFpaY-HLnYWvQhedAQ7Rcihi12QF9haJudg%3D%3D%22%5D%5D
.tuasaude.com/ Name: _ce.clock_data
Value: 151%2C166.0.205.4%2C1%2C09dd4f7e094d0daae996260c074cbdea
.tuasaude.com/ Name: cebsp_
Value: 1
.tuasaude.com/ Name: _ce.s
Value: lcw~1706779752899~v11.cs~436597~v11.s~5c519130-c0e4-11ee-96a9-312d918a84f9~lcw~1706779752900
.smaato.net/ Name: SCM
Value: 7610120411
.smaato.net/ Name: SCMaps
Value: 7610120411
.openx.net/ Name: i
Value: 5437b027-6339-0b37-0be7-f003f6b46ae9|1706779752
.yahoo.com/ Name: A3
Value: d=AQABBGhku2UCEJInRkmDiLGHw-dj1scT77kFEgEBAQG1vGXFZdxZ0iMA_eMAAA&S=AQAAAghBGeZAmDXGuYZS-ixXrWo
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.mediago.io/ Name: __mguid_
Value: 09dd4f7e581e03f12x7ikv00ls30lhwt
.simpli.fi/ Name: suid
Value: 49BAECB5249A4B74B3D94B2820C391F5
.smartadserver.com/ Name: pid
Value: 4248769777910856124
.zemanta.com/ Name: zuid
Value: nwi0pDfVBtfy8QsdOEzQ
.sharethrough.com/ Name: stx_user_id
Value: 94e2f529-4f50-40c3-b075-fb9a159cfa99
.openx.net/ Name: pd
Value: v2|1706779753|vMgavPkWgy
.contextweb.com/ Name: V
Value: sWhHaNZoZyfL
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 513b585de6980205
.3lift.com/ Name: tluid
Value: 322994420782635318201
.adingo.jp/ Name: ID
Value: d1cdb0c5e8de4f778d96474084289ab9
.media.net/ Name: visitor-id
Value: 3497813537034006000V10
.media.net/ Name: data-g
Value: CAESEDtxucwYEgvqjibfZZpS5l0~~3
.adnxs.com/ Name: XANDR_PANID
Value: 7QbhdEiSsg8rPh-Lj-Ksr_B24YGTkYqQCWiYW_0IQ0B9N5g_q9n6uh3XDqGlgLl8spQw0NR4yjOPsZ605Rd07XEDLePkxjytumP-2JXEj80.
.adnxs.com/ Name: uuid2
Value: 525832562408744480
.yandex.ru/ Name: yuidss
Value: 5606030061706779753
.yandex.ru/ Name: yandexuid
Value: 5606030061706779753
.casalemedia.com/ Name: CMPS
Value: 3806
.tribalfusion.com/ Name: ANON_ID
Value: a8ntuJw5EGiAaINQfTsPVNwhLFe2UeLPgVMBFUWDYG1WF28cATMtF1SohP9MZbeHnZaHJN3NfySaQWQS1Tmc1QEJKi
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.demdex.net/ Name: demdex
Value: 09045649034869678044209367568300571168
.scotiabank.demdex.net/ Name: scotiabank
Value: 09045649034869678044209367568300571168
.adsrvr.org/ Name: TDID
Value: 935aafec-4bc0-4340-8a19-bd7f02a666a6
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 0B5DD217-B1FB-4BA3-8F3F-B8F64B16369E
.quantserve.com/ Name: d
Value: EFUBDQGFK7jvsQA
.quantserve.com/ Name: mc
Value: 65bb6469-d2655-3c721-ad21b
.lijit.com/ Name: ljt_reader
Value: IFo5APZHuBsBWGRkR42ZdOx3
.bidswitch.net/ Name: tuuid
Value: 2a66c61c-2db3-4b9f-8483-c292eb5cc82a
.bidswitch.net/ Name: c
Value: 1706779753
.openx.net/ Name: univ_id
Value: 537072971|935aafec-4bc0-4340-8a19-bd7f02a666a6|1706779754104410
.liadm.com/ Name: lidid
Value: 11576094-0321-4f4d-b7a9-111a8604c80b
.dotomi.com/ Name: DotomiTest
Value: 5a200f0083a1162
.bidswitch.net/ Name: tuuid_lu
Value: 1706779754
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjKxVLIyNDcwt7SwNDY10VGyMEblGxoYoSkwR%2BVbosjXAgC04hDN
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-7962a1a7-1e58-516b-4700-bc856d02dbfd.Tw%2BgFhS8In5UKjFy4ynad1tzMaqi7aCvAO764WX9R5o
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-7962a1a7-1e58-516b-4700-bc856d02dbfd.Tw%2BgFhS8In5UKjFy4ynad1tzMaqi7aCvAO764WX9R5o
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AeWKhpx5YUWtHALyFbQLb_aYAzQQ.YeW%2FxOOtm%2Bkqv5cGLarkf%2FDwJYHs1v3C0m3lQ4IXHFQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AeWKhpx5YUWtHALyFbQLb_aYAzQQ.YeW%2FxOOtm%2Bkqv5cGLarkf%2FDwJYHs1v3C0m3lQ4IXHFQ
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIJ85bsj6fwdS3p5jkthfJEE2gxZPmW3l2NserUFwPyYSEHwYBCDqyO2tBjABOgQ7vvenQgR4EvtP.ex0ZzonOQ%2BHQ9X1q%2BCajESOTnhoQa7INMrYY8mgMEwE
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIJ85bsj6fwdS3p5jkthfJEE2gxZPmW3l2NserUFwPyYSEHwYBCDqyO2tBjABOgQ7vvenQgR4EvtP.ex0ZzonOQ%2BHQ9X1q%2BCajESOTnhoQa7INMrYY8mgMEwE
.sitescout.com/ Name: ssi
Value: 623434d3-9858-4572-b7e5-dd150750dd4b#1706779754290
.lijit.com/ Name: _ljtrtb_92
Value: 525832562408744480
.lijit.com/ Name: _ljtrtb_49
Value: sWhHaNZoZyfL
.sitescout.com/ Name: _ssuma
Value: eyIyNyI6MTcwNjc3OTc1NDYxNywiMzkiOjE3MDY3Nzk3NTQ2MTcsIjciOjE3MDY3Nzk3NTQ2MTd9
.tapad.com/ Name: TapAd_TS
Value: 1706779754554
.tapad.com/ Name: TapAd_DID
Value: 2d811491-3403-4dc5-9367-a948602b734a
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEFVekcuTpBc-lgfGWfaj5A8&KRTB&23025-CAESEFVekcuTpBc-lgfGWfaj5A8&KRTB&23386-CAESEFVekcuTpBc-lgfGWfaj5A8
.pubmatic.com/ Name: PugT
Value: 1706779754
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:49BAECB5249A4B74B3D94B2820C391F5&KRTB&23486-uid:49BAECB5249A4B74B3D94B2820C391F5&KRTB&23489-uid:49BAECB5249A4B74B3D94B2820C391F5&KRTB&23539-uid:49BAECB5249A4B74B3D94B2820C391F5
.mfadsrvr.com/ Name: tuuid
Value: aea435a7-180a-4199-bdf7-aedae9b0669c
.mfadsrvr.com/ Name: c
Value: 1706779754
.krushmedia.com/ Name: krm_usr
Value: 52cd0cb0-9f66-5a9e-bc72-ec6f5759964b
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-935aafec-4bc0-4340-8a19-bd7f02a666a6&KRTB&22918-935aafec-4bc0-4340-8a19-bd7f02a666a6&KRTB&22926-935aafec-4bc0-4340-8a19-bd7f02a666a6&KRTB&23031-935aafec-4bc0-4340-8a19-bd7f02a666a6
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjkk5mYycTRPBAFEhYKB3J1Ymljb24SCwia2IWhycTRPBAFGAEgAigCMgsI8Imcxd_E0TwQBTgBWghwdWJtYXRpY2AC
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!777
.mfadsrvr.com/ Name: tuuid_lu
Value: 1706779755
.mfadsrvr.com/ Name: ssh
Value: !sovrn,1706779755
.lijit.com/ Name: _ljtrtb_87
Value: aea435a7-180a-4199-bdf7-aedae9b0669c
.lijit.com/ Name: 3pids
Value: 8100:c8ab20e8d968bc912f3965a8327879c8,,a157568fff57e49c6d1502661b07b920b71f9506,,203dda47d3eaced2b662e5f4f7a25ed70d18795c80515a0a7aa5e4c7f97386b5,,
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.lijit.com/ Name: _ljtrtb_83
Value: LS30LJR6-1Z-BJML
.casalemedia.com/ Name: CMID
Value: ZbtkaVB9m3c7.WwQstJupgAA
.casalemedia.com/ Name: CMPRO
Value: 1411
.linkedin.com/ Name: bcookie
Value: "v=2&983b9417-bf11-4be7-8f25-9ca0df4204d2"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3166:u=1:x=1:i=1706779755:t=1706866155:v=2:sig=AQEkkP5E9kxUR7Pngwex4WCbYQmMSFf8"
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: bd8b207cd261647c3f4ae1ead55d12db
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSEqxSDIyME9OMTIzNDMxTzZOM0lMNUxNTDE1TTE0SkliAILU3SnZIBoKAGcsC1I%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI3Z2SDaSgAAAYYAHw"
.intentiq.com/ Name: intentIQ
Value: T2Wl4nxbnE
.intentiq.com/ Name: IQver
Value: 1.9
.rubiconproject.com/ Name: khaos
Value: LS30LJAZ-1F-7RX9
.bidr.io/ Name: bito
Value: AADWmU7LdskAABMbCN2CHw
.bidr.io/ Name: bitoIsSecure
Value: ok
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1pg4|2N.0.AAAG71FAtdubuwNZvvU0AAAAAAA|3oy.0.623434d3-9858-4572-b7e5-dd150750dd4b-65bb646a-4341|4is.0.CAESEDSBYiq76fhpi8qDffnCpfM|7TY.0|7dW.0.1
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
.intentiq.com/ Name: IQPData
Value: 2785070340#1706779756044#0#1706779756044
.intentiq.com/ Name: intentIQCDate
Value: 1706779756045
.intentiq.com/ Name: IQadv
Value: 1706779756045
.rubiconproject.com/ Name: audit
Value: 1|2oQA6JwJ5gFvBVqMncTdjK82qNFHrEQvu7lghNHtK8IQ1nTWsk2hDdBsr0LS6admuBzG+BcfeIvqFTrNE4+z9qDrxqInxg513OlDu/ORdD8=
.ads.pubmatic.com/ Name: KCCH
Value: YES
.lijit.com/ Name: ljtrtb
Value: eJwVyzEOwjAMQNG7eK4lJ3ESm5GpqgIDDJWyuTQVGwNTVXH3hvU%2F%2FQNY4QLf%2BT3avX7qvhUYQH1v0UcJPibPJJmZhbpI6FKegcr0SOgqXqfb%2F5DcuzXjEC2jEzJkp4rLumW0tlrThVLSF%2FxOWGwciw%3D%3D
.lijit.com/ Name: _ljtrtb_80
Value: LS30LJAZ-1F-7RX9
.adnxs.com/ Name: anj
Value: dTM7k!M40]D>6NRF']wIg2E>9nuKNd!]tb$8i_iqf!oN/@E'zz<*Z0Q<._+OjEZ0kT!tAmZb8jKQh+5E%ZzBC0k5#?TD._*Pl[h>o'uTXn^*dj5I*)uIkEJ*JSR+]QUijB#([#<>w-/6b5u+6
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxTMzBMSkFaLTFGLTdSWDkiLCJleHBpcmVzIjoiMjAyNC0wNS0wMVQwOToyOToxNloifX0sImJpcnRoZGF5IjoiMjAyNC0wMi0wMVQwOToyOToxNloifQ==
sync-dmp.mobtrakk.com/ Name: pid
Value: NjJmOTRmNjE2Njg5NTZkYw
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 156011:4
.pubmatic.com/ Name: DPSync3
Value: 1707955200%3A263_262_261_260_259_201%7C1706832000%3A248%7C1707350400%3A265
.pubmatic.com/ Name: SyncRTB3
Value: 1707955200%3A13_250_166_22_220_21_54_71_104_3%7C1707350400%3A223_2
.primis.tech/ Name: csuuid
Value: 65bb646c50e41
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2gi9:18vk~2gi9:19e0~2gi9:18z8~2gi9"
.krushmedia.com/ Name: krm_r
Value: 572|339

2 Console Messages

Source Level URL
Text
security error URL: https://cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Message:
Refused to execute script from 'https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=190868996&d_campaign=29828495&d_placement=365566471&d_site=3375178&d_aid=6105106&d_bust=2895251668' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%200B5DD217-B1FB-4BA3-8F3F-B8F64B16369E&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
an.yandex.ru
analytics.google.com
ap.lijit.com
api.intentiq.com
assets-tracking.crazyegg.com
b1sync.zemanta.com
bh.contextweb.com
c.amazon-adsystem.com
cada46c81b254ce9478a55ebdcede2e3.safeframe.googlesyndication.com
capi.connatix.com
cc.adingo.jp
ce.lijit.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
crb.kargo.com
cs.krushmedia.com
cs.media.net
ct.pinterest.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fundingchoicesmessages.google.com
geo.cookie-script.com
googleads.g.doubleclick.net
hb.yahoo.net
he.lijit.com
i.liadm.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
live.primis.tech
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
pagead2.googlesyndication.com
pagestates-tracking.crazyegg.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
rtb.adentifi.com
rtb.mfadsrvr.com
s.ad.smaato.net
s.amazon-adsystem.com
s.pinimg.com
s.tribalfusion.com
s0.2mdn.net
scotiabank.demdex.net
script.crazyegg.com
script.hotjar.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-us.smartadserver.com
ssum-sec.casalemedia.com
static.hotjar.com
static.tuasaude.com
stats.g.doubleclick.net
sync-dmp.mobtrakk.com
sync-tm.everesttech.net
sync.bfmio.com
sync.crwdcntrl.net
sync.intentiq.com
sync.ipredictive.com
sync.srv.stackadapt.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
tracking.crazyegg.com
tuasaude.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
us01.z.antigena.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.temu.com
www.tuasaude.com
x.bidswitch.net
dsum-sec.casalemedia.com
match.prod.bidr.io
104.18.36.155
104.18.41.104
104.36.113.107
104.36.113.112
107.23.6.4
151.101.130.49
172.253.62.157
172.253.63.149
172.64.151.101
18.235.96.255
184.84.136.23
188.226.136.4
198.148.27.131
20.121.97.20
2001:4860:4802:34::181
207.198.113.87
213.19.162.80
23.105.14.101
23.193.120.208
23.39.185.6
23.40.207.42
23.50.125.215
2400:52e0:1a00::1069:1
2600:1f18:4e9:5a07:83b2:f27c:d7f2:6412
2600:9000:2009:d000:1a:5235:f980:93a1
2600:9000:2073:8a00:1b:6b7d:2300:93a1
2600:9000:215f:d800:1b:5138:8a40:93a1
2606:4700::6812:18ad
2606:4700::6813:9408
2606:ae80:1450:16::2010
2607:5300:203:437::
2607:f8b0:4004:c06::66
2607:f8b0:4004:c06::95
2607:f8b0:4004:c07::69
2607:f8b0:4004:c07::84
2607:f8b0:4004:c08::9c
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c0b::5e
2607:f8b0:4004:c19::84
2607:f8b0:4004:c19::8b
2607:f8b0:4004:c1b::61
2607:f8b0:4004:c1b::9a
2620:112:f002:bbbb::21
2620:116:800b:21:4cb8:1820:80ca:50f7
2620:1ec:21::14
2a02:6b8::90
2a04:4e42:79::84
3.129.86.126
3.161.212.32
3.161.213.118
3.161.213.18
3.162.3.18
3.162.3.96
3.18.9.101
3.214.126.113
3.33.220.150
34.111.113.62
34.200.162.145
34.200.65.202
34.204.246.215
34.233.79.12
34.235.77.155
34.98.64.218
35.194.66.159
35.207.24.140
35.208.249.213
35.211.178.172
35.71.139.29
40.76.134.238
44.198.88.161
44.216.238.183
5.161.187.67
52.46.130.91
52.55.97.47
52.7.200.174
52.87.115.253
52.95.125.22
54.146.37.4
54.161.125.195
54.192.51.57
54.192.51.94
54.230.49.33
68.67.160.132
69.173.151.100
70.42.32.191
8.2.108.194
8.2.110.134
8.28.7.84
8.43.72.97
00e055020368816daf8c19674e3d5e109ea891718d2b2f833777ee3fdc90a338
00e766390b8dac53213575375ac0a9d5d2db8de96af998570b7c82b276ea4666
029548e6933ae9083b9be422ed6f21b9c6f492d7f1649df1b04a6fbd64f9e425
0357553d29e095108429cd116b9a07a2e50a7f24228acc5f11f8ab4032323d23
0422cbacbda7a913a58ccacd095653c2948be84dd7786a3bc33075fad99e0a94
042b7d00ca0f379dbbb7481252f962201031a0f2dc9799527d7d136a12546ae3
04473f08a550c0b8b92ea45ea1007d2a5c47d9a11c80d0091eb55983ad6143d1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db140656425451b7a0dc41ba473789d24ef841fcfb3dd3768d4e66be077ad4a
0ea5d5b963a524c63f0060d4481921b45a93f73fd826f58d4cbefb3740f3a02f
0feb535616a6ad1e694fbb599d9f9b311ae3a0a83351489679b4f615fe38889d
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17a2c8839c06eff676ed0fdd505723cb7bd5315b5e6aa91bee364fe8e1a4b610
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a6ebb4518836d555784198267dca7de180f0609ef867c693c729abe0855301d
1ca974f6ef834764cabf96a57be6a0a2c73ecc84aec3f65e4042535ccb9fe62a
1e3e3afeb810f4956781e00e559550988d43b941fa4940d30d5909b24903c36f
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
21c5ec67ba1bad191886f86a9ff26d695e5947256d85e466159a81ab87883262
25788721fd0396ed6c4037d6031619f4516d0b7014f4a1d8ff87e72e831dba45
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775
30f3d85b576477b20a3c14a04b2a2e0ff421e05a116fc5e4c9b5c07c54a3bf38
30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
325280478007a0dae5311804afa6b94e7d31b766da3392658403c074f6c79ba2
33ede053d1bfa921c3b4fc4fe6aff4e660632b8f008cbae4c09997f94e82e7a7
3655530d4f9d9fd5a26b438174ae835607e9f8b5a037a0030d76090565517f26
36eca59a20fd826ca7e79c3a4c51de839b9e5b774b6f6662d6e2c53fb3b5b18f
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
382b24ad719e3498fbfa6097e755f424f2a54c3ec3dd779802e76fa07c1360f2
3a0789ead2b2e18b2e26385e69821ff4e5b7be1a68bd5ed41e63046951008eb4
3b4da84cd97e5f50e5836241ca182b802c8a50cc9a267833aae22d3167b00c52
3d4c99cc1a41d123c79d56e45e09a4c4fefdf057188c31519a53891f99fa2120
3e376deaeb30858026260be3d2bd058d03c0b007cb7133c0d6fea15d775afd86
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
401b21044c57b66122ccd86dbef85bd0b6089ec1ba77157747ef13ac4bec92b0
4170fcbc3da033feb8aff5893a0de7e01eb21602022c03281000478f0c862f59
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4403aa17a6898022bf1f51f2cf57da5e70cc8f0457730e34d313b91f492be0d5
45f265d91f0d046e0bf176d32af863a7e497d1c4fa27b488cb0d7a0f539c21e3
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46e514dcf05baf3b1f7479aab9eafc1a4a9bbca66dc5b1078b8c6b339af91ba8
47d24db335482f177a1e8b3263c3f96be06366a1a307503e60c555d32ab2d937
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b8b16f32c5a471d7aac969d8678784b1be8df6bfe3e0c0f7a77c0d3f196c7b8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9e9b49b3150784d7ed7f1f12094309babd4950d74d868de13ffcec06b4bedd
4f0774541d8c5075dfef4b5d9c5a9781dee68fb8452ecd9e3b36ba774ca1a590
51c26a4edf83b71291b96f28986daca11436ea7bcb5fa634dc8e306eb85bf2bf
5375d866257acc6b4eefbc17a3dff56e6533f4666d1ddf82bd41da0873c8d179
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
590ec920f36aa1901c72013f82a86891dcf6584db069e3900104456f0f9ae1d7
592427bb157b1bfad216acd68f53d12420908b817d1fe0a88d645d9dd5a8ace5
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6130b0b996b9206b3a3a3882177a56f3b11aa70074feb1a6a9367539bccbfee6
633c70ffd8ecbb4b8f9905cf1948b910fed8b6b1bb1ddee8721d52d4e98d3acb
63d8142c6bb5b436123f6da5581948c2e1c68ed85ba9d533c34e47b70afc2ddf
6672c66da37c824863f5c87967540777ffc1043f7c9f4aa49c4605cb0e98fa87
670c1134d0415d8b8ca194eada70d7769e5f7b672abead1f5109b192e6d7d6be
6800769c94bb6c61478754ac50e07bccab7ecdb2c23a548c1b88d56926d7f1de
6afd7d1b8256961098a3b36843d8ba6cc8846d0d5fd3d120f49090cb8b81483e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8ad294d31414d322c34bc442f77da851847ebd0a44b5d867e06358783d5653
6da79300102cf0298246c53fa6a72b5d526c1ff506733cf537ea5889ce17e8d4
6ee04346ea6d6b67889969ec6ad3e62c3f0a3c6139417e3bd6fa40b15e63d46b
72eca2dc8243007f7ecc2329b5a32a9a6c3dd1d18dbfa78069776f84d86bd810
73580c7d0159344bf2d1ef7474a9e961996f4aab94b38f28f84c0024a8440d56
74f14362693befca74ad6882a3e6f048743408b954813c1c3498a2e95004d135
75314c825d5ffb0c101df1e3746c54d0445152cbca2c850ad224b9b5aff7fc72
7611d2c5603f8d7109b7af8494acbe4b7a47351494046907088e73fbd9cd0afc
7985d75dbaeedfa0494d934b3d3754602e5b2c345d2a68c0dc680cc974a61029
7af97b8b19167a608044fccb672e2fd97a4ec50492691839752b46d91c2cec5d
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
82d4ec3522b13392f7ec804249564b8c72704d0ffe94ceb7b2d056b5d67cec27
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
85f1c7c65fbe92b8f19ef6bebb0425531282059c70bda2b3761921a34f666e60
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
8a80115655540371008b6a7960f27aa57af11e9082b4547902918e4f27f47260
8e33955f54ef8025b647a6e685fa689a9256fc5c987f7dc98590310ac3c358e5
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
93bdb3f5a6a46c705613077b00b0fa5bd61898c8e84949fc65eb70d4c07281b2
9413ed6eba1ed22c87cc0f2c93632ad8fd673ff6c22c67a017107ced5c6e0326
974e7726b5f9671b9a1bdb1c14e9cc52f41f12d5a7adb35aa2547ecc3b120fd2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9fad5650fd3478296dc04517547d09245fa2cf5b1a77123ebeac0869e66326c6
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a4f0a6ade003597c5d2fcf7c6a8d37832d186af1d447a379b7a14a90752f278d
aa2bab1d6453ef28754df24807c2d48cd309f311a30d609d9123644e502f8046
aace7956dd8e29280f2d8c46b39d938b9607d1443b68cbc7d00f35fa10c406a9
abb677394abc430b543d796a61cafc336d88007be430f1fc53f5093ceaa5a605
ac537c1338bd86914f498cbd9be53afdc02e07fd8ef8f3763b0769f0711e3880
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4289fc38477e0b9a16f4f7fa3c6a2cfef39bcb6f09d163f4150f8c09400dbd0
b8e0f1aa064e3b0bbfeee299209852b47bc75ffda2deb453591da930b3c8f8a0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bedfa12913a6487557445a837e0b2711473b76c454614371985251fcfec6ce13
bf41c0ad17b574c12f3064a4dbab3b1ae4394cdb3b80498674180ef4b5f37150
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c44de879982d22a7af446036bf4f9076fe101a861bf28bc3d4a519e846ed732f
c7dadce1106c1f8289bb8620173727c0385fedba8681b4e93bacb4b7ef173b80
c8ffd0483cb87037b735d0a28e75da79edcb55040c39936d5e62ef206e8da38e
ca3d2caaa7e2036445ed39e948a6f1e7e4aebcaeab56cacf632c07d991f97a59
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb261abb3b3ece858b03bd5516db8887467b20515195ca15bd3a7020ebbfff09
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
cfc2fef80255af53882a3f45528b25df68edcaf99aecd36fe33db811b4cc7254
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0a9573ec0ff3170d5c1823ace7d1e4da3a9ead553899bac177f5765672a7517
d0dd723d13f2ae375d25a3b2e5c305b07e5e657db2c118b950e4161eb94c35ca
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df17aec2792d6f1fd1772dbfc95577c98f2bcac431441afad7720b6fe6a44ae4
df6083bf3cb678020b164c4604c4022c7477463f5d7d04f791d696a3cf947cbc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e9a00a25b65067adc3188475b310d848aa3b84f67d0b309007d7249622e40070
eb4c1e88d8441244b84105fd9409e29323b5b10d63c1b0a960fe1bbd70d6472f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec60bd8c0ab96c9df66c498adc2c85dec31f9e076d988dc76db98684c32c73a0
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed145e651386bef987a862bb9cef6e110decf46bc12e00d0e1298c31672113bc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f2a9b86980722fa3b606ea43a4d9f580df159a769620f5735eb7c45a4dcf24c1
f33dab1f24e5f1ec10057e559f6ee242f32ec18536d2f73a27ae3df10dc4f86a
f4d82d03b6a5353fb476c5f3f66f83f3cb3b4c95ec06771f1d0433756c233dd7
f6f768e09d7cbf7b01c8ca8ceba2fe5ecfa8e085093eb5496cffd7ad380d80f0
fb6f61653ede2f77a88607da92a849534562afef43a8ae0b28fdfdb1e3dc311a
fbd295cef378a24e5ee2c7afbad7403ce7ba94f2739948588185360e509bb150