urlscan.io logo urlscan.io
SecurityTrails logo

vymaps.com Open in urlscan Pro
148.72.210.237  Public Scan

Go To Rescan Add Verdict Report
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Submission: On March 18 via api from BR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 60 IPs in 12 countries across 50 domains to perform 248 HTTP transactions. The main IP is 148.72.210.237, located in Singapore, Singapore and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is vymaps.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 18th 2021. Valid for: 3 months.
This is the only time vymaps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 148.72.210.237 26496 (AS-26496-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
2 2600:9000:218... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
5 2001:978:2:2c... 174 (COGENT-174)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a04:4e42:1b:... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.196.233.38 16509 (AMAZON-02)
26 142.250.185.162 15169 (GOOGLE)
10 78.140.185.32 35415 (WEBZILLA)
1 2a04:4e42:1b:... 54113 (FASTLY)
3 185.184.8.30 204995 (RTB-HOUSE...)
3 185.64.189.112 62713 (AS-PUBMATIC)
3 37.157.4.24 198622 (ADFORM)
3 213.19.147.210 3356 (LEVEL3)
7 51.38.120.206 16276 (OVH)
6 15 185.33.220.242 29990 (ASN-APPNEX)
3 178.250.0.165 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 33 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::1c 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 104.108.144.214 16625 (AKAMAI-AS)
3 104.108.144.200 16625 (AKAMAI-AS)
3 185.64.189.115 62713 (AS-PUBMATIC)
4 4 213.155.156.184 1299 (TELIANET ...)
11 185.64.190.80 62713 (AS-PUBMATIC)
2 178.250.2.151 44788 (ASN-CRITE...)
14 14 142.250.186.34 15169 (GOOGLE)
1 4 2606:4700:10:... 13335 (CLOUDFLAR...)
2 4 77.243.60.138 42697 (NETIC-AS)
4 4 35.201.96.126 15169 (GOOGLE)
2 185.64.189.249 62713 (AS-PUBMATIC)
2 169.50.137.190 36351 (SOFTLAYER)
4 5 37.157.2.235 198622 (ADFORM)
11 185.64.189.110 62713 (AS-PUBMATIC)
4 4 63.32.128.23 16509 (AMAZON-02)
3 3 185.29.133.199 30419 (MEDIAMATH...)
3 3 52.28.120.199 16509 (AMAZON-02)
2 2 54.194.211.3 16509 (AMAZON-02)
2 185.64.190.81 62713 (AS-PUBMATIC)
5 5 52.214.70.9 16509 (AMAZON-02)
1 1 185.86.139.115 201081 (SMARTADSE...)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 51.210.112.63 16276 (OVH)
2 185.64.189.114 62713 (AS-PUBMATIC)
1 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 18.156.0.31 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 2 151.101.14.49 54113 (FASTLY)
1 1 2001:678:cb4:... 56396 (TURN)
1 1 159.65.197.210 14061 (DIGITALOC...)
2 2 66.155.71.25 13768 (COGECO-PEER1)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
248 60
4    148.72.210.237 (Singapore, Singapore)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-148-72-210-237.ip.secureserver.net
vymaps.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:206f:800:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
2    2600:9000:2182:f600:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
4    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2001:978:2:2c::172:d (United States)

ASN174 (COGENT-174, US)
www.openstreetmap.org
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    2a04:4e42:1b::729 (United States)

ASN54113 (FASTLY, US)
tile.openstreetmap.org
1    2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    18.196.233.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-233-38.eu-central-1.compute.amazonaws.com
stat.optad360.mgr.consensu.org
26    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
www.googletagservices.com
googleads.g.doubleclick.net
10    78.140.185.32 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: ap8.adplayer.pro
serving.stat-rock.com
1    2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net
prebid-eu.creativecdn.com
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
3    213.19.147.210 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
7    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
15    185.33.220.242 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
3    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
3    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.ch
googleads.g.doubleclick.net
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
33    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
cdn.ampproject.org
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.ch
pagead2.googlesyndication.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
12    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4002:801::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2a00:1450:400a:8::7 (Zurich, Switzerland)

ASN15169 (GOOGLE, US)
r2---sn-1gieen7e.googlevideo.com
1    2a00:1450:4001:53::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r2---sn-4g5ednek.googlevideo.com
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2a00:1450:400c:c1b::65 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
s.youtube.com
3    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
6    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
3    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
8    104.108.144.214 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-214.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    104.108.144.200 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-200.deploy.static.akamaitechnologies.com
acdn.adnxs.com
3    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    213.155.156.184 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com
d5p.de17a.com
11    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
14    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
4    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
4    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
4    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
2    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
5    37.157.2.235 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
11    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
4    63.32.128.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-128-23.eu-west-1.compute.amazonaws.com
match.adsrvr.org
3    185.29.133.199 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    52.28.120.199 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-120-199.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    54.194.211.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ads.avct.cloud
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
5    52.214.70.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-70-9.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dsp.adfarm1.adition.com
1    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: ns3174889.ip-51-210-112.eu
pixel.onaudience.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    2a02:fa8:8806:20::2040 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
Apex Domain
Subdomains		 Transfer
45 googlesyndication.com
dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
551 KB
42 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
aud.pubmatic.com
simage2.pubmatic.com
simage4.pubmatic.com
image4.pubmatic.com
131 KB
41 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
201 KB
28 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn1.gstatic.com
425 KB
18 adnxs.com
ib.adnxs.com
acdn.adnxs.com
64 KB
13 openstreetmap.org
www.openstreetmap.org
tile.openstreetmap.org
53 KB
10 stat-rock.com
serving.stat-rock.com
96 KB
8 adform.net
adx.adform.net
c1.adform.net
3 KB
7 onetag-sys.com
onetag-sys.com
4 KB
6 criteo.com
bidder.criteo.com
gum.criteo.com
dis.criteo.com
1 KB
6 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
306 KB
5 bidr.io
match.prod.bidr.io
2 KB
5 ampproject.org
cdn.ampproject.org
98 KB
4 adsrvr.org
match.adsrvr.org
2 KB
4 fiftyt.com
visitor.fiftyt.com
2 KB
4 semasio.net
uipglob.semasio.net
2 KB
4 zeotap.com
mwzeom.zeotap.com
spl.zeotap.com
2 KB
4 de17a.com
d5p.de17a.com
1 KB
4 vymaps.com
vymaps.com
9 KB
3 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
2 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 googletagservices.com
www.googletagservices.com
99 KB
3 google.com
adservice.google.com
www.google.com
696 B
3 1rx.io
tag.1rx.io
801 B
3 creativecdn.com
prebid-eu.creativecdn.com
516 B
3 optad360.io
cmp.optad360.io
get.optad360.io
295 KB
2 sitescout.com
pixel-sync.sitescout.com
947 B
2 everesttech.net
sync-tm.everesttech.net
724 B
2 avct.cloud
ads.avct.cloud
894 B
2 simpli.fi
um.simpli.fi
1 KB
2 youtube.com
s.youtube.com
2 googlevideo.com
r2---sn-1gieen7e.googlevideo.com
r2---sn-4g5ednek.googlevideo.com
721 KB
2 criteo.net
static.criteo.net
51 KB
2 google.ch
adservice.google.ch
2 KB
2 google-analytics.com
www.google-analytics.com
19 KB
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 turn.com
ad.turn.com
518 B
1 quantserve.com
pixel.quantserve.com
543 B
1 onaudience.com
pixel.onaudience.com
400 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 contextweb.com
bh.contextweb.com
814 B
1 smartadserver.com
rtb-csync.smartadserver.com
762 B
1 ytimg.com
i.ytimg.com
8 KB
1 2mdn.net
s0.2mdn.net
17 KB
1 jsdelivr.net
cdn.jsdelivr.net
948 B
1 consensu.org
stat.optad360.mgr.consensu.org
286 B
1 googletagmanager.com
www.googletagmanager.com
38 KB
0 googleadservices.com Failed
www.googleadservices.com Failed
248 50
Domain Requested by
28 tpc.googlesyndication.com 1 redirects securepubads.g.doubleclick.net
dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
tpc.googlesyndication.com
imasdk.googleapis.com
vymaps.com
16 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
vymaps.com
15 ib.adnxs.com 6 redirects get.optad360.io
acdn.adnxs.com
14 cm.g.doubleclick.net 14 redirects
13 pagead2.googlesyndication.com srcdoc
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.gstatic.com
www.googletagservices.com
11 simage2.pubmatic.com ads.pubmatic.com
image6.pubmatic.com
11 image2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
10 serving.stat-rock.com get.optad360.io
vymaps.com
8 ads.pubmatic.com get.optad360.io
ads.pubmatic.com
8 tile.openstreetmap.org vymaps.com
7 googleads.g.doubleclick.net
7 www.gstatic.com dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
7 onetag-sys.com get.optad360.io
5 match.prod.bidr.io 5 redirects
5 c1.adform.net 4 redirects image6.pubmatic.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 fonts.gstatic.com fonts.googleapis.com
5 www.openstreetmap.org vymaps.com
www.openstreetmap.org
4 match.adsrvr.org 4 redirects
4 visitor.fiftyt.com 4 redirects
4 uipglob.semasio.net 2 redirects ads.pubmatic.com
4 d5p.de17a.com 4 redirects
4 csi.gstatic.com imasdk.googleapis.com
4 dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
4 fonts.googleapis.com vymaps.com
dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
4 vymaps.com vymaps.com
3 x.bidswitch.net 3 redirects
3 sync.mathtag.com 3 redirects
3 mwzeom.zeotap.com ads.pubmatic.com
3 image6.pubmatic.com ads.pubmatic.com
3 acdn.adnxs.com get.optad360.io
3 encrypted-tbn1.gstatic.com dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
3 encrypted-tbn2.gstatic.com dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
3 encrypted-tbn0.gstatic.com dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
3 encrypted-tbn3.gstatic.com dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
3 www.googletagservices.com securepubads.g.doubleclick.net
dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
3 pubads.g.doubleclick.net imasdk.googleapis.com
3 bidder.criteo.com get.optad360.io
3 tag.1rx.io get.optad360.io
3 adx.adform.net get.optad360.io
3 hbopenbid.pubmatic.com get.optad360.io
3 prebid-eu.creativecdn.com get.optad360.io
2 pixel-sync.sitescout.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 simage4.pubmatic.com ads.pubmatic.com
2 ads.avct.cloud 2 redirects
2 um.simpli.fi ads.pubmatic.com
image6.pubmatic.com
2 aud.pubmatic.com ads.pubmatic.com
2 dis.criteo.com image6.pubmatic.com
2 s.youtube.com blank
2 static.criteo.net get.optad360.io
static.criteo.net
2 imasdk.googleapis.com serving.stat-rock.com
imasdk.googleapis.com
2 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
2 adservice.google.ch securepubads.g.doubleclick.net
imasdk.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 get.optad360.io vymaps.com
get.optad360.io
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 gum.criteo.com static.criteo.net
1 r2---sn-4g5ednek.googlevideo.com
1 r2---sn-1gieen7e.googlevideo.com 1 redirects
1 i.ytimg.com
1 www.google.com dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
1 s0.2mdn.net imasdk.googleapis.com
1 cdn.jsdelivr.net get.optad360.io
1 stat.optad360.mgr.consensu.org get.optad360.io
1 stats.g.doubleclick.net www.google-analytics.com
1 cmp.optad360.io vymaps.com
1 www.googletagmanager.com vymaps.com
0 www.googleadservices.com Failed
248 80

This site contains links to these domains. Also see Links.

Domain
www.google.com
w3w.co
www.facebook.com
Subject Issuer Validity Valid
vymaps.com
cPanel, Inc. Certification Authority		 2021-01-18 -
2021-04-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.optad360.io
Amazon		 2020-12-17 -
2022-01-15		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
www.openstreetmap.org
R3		 2021-03-13 -
2021-06-11		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
tile.openstreetmap.org
GlobalSign Atlas R3 DV TLS CA 2020		 2021-02-22 -
2022-03-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
stat.optad360.mgr.consensu.org
R3		 2021-02-27 -
2021-05-28		 3 months crt.sh
serving.stat-rock.com
R3		 2021-02-14 -
2021-05-15		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-09 -
2021-04-17		 a month crt.sh
*.creativecdn.com
RapidSSL RSA CA 2018		 2019-01-11 -
2021-04-11		 2 years crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
onetag-sys.com
R3		 2021-03-16 -
2021-06-14		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.google.ch
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
edgestatic.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.c.docs.google.com
GTS CA 1O1		 2021-03-11 -
2021-05-20		 2 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-05 -
2021-08-05		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh

This page contains 29 frames:

Primary Page: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Frame ID: F12D4EC4A268C830F5AEE6EAB54B5470
Requests: 74 HTTP requests in this frame

Frame: https://vymaps.com/jcl-342/j43/2b1569cdb2/BR-19339109/
Frame ID: 140DB9DB17033BD0B2DD26D8C3F4E628
Requests: 1 HTTP requests in this frame

Frame: https://www.openstreetmap.org/export/embed.html?bbox=-46.687517%2C-23.573159%2C-46.685517%2C-23.575159&layer=mapnik&marker=-23.574159%2C-46.686517
Frame ID: 76D248F5C287CC40D693CE6BAB059EAC
Requests: 13 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Frame ID: BF0FDDBBEE14B5EEB590F1810C55E0E0
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7CD3AE4B5A9F965A91D18F189BB2738C
Requests: 1 HTTP requests in this frame

Frame: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 74D8DACD61AF444A08279CDBD2D7B50C
Requests: 31 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 797BF2C316935E323B4743894C5724C7
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=vymaps.com
Frame ID: EAC9AE1E92764E65F89D6FE519B1775B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: A80091AB8E16B1F99C8E55CF019B7C3D
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 3545CA23C556F2A16FC55E63F8531D5C
Requests: 3 HTTP requests in this frame

Frame: https://s.youtube.com/api/stats/playback?ns=yt&fexp=44729226&el=adunit&cpn=rXp-5YgnZysnzII7&docid=i53AjFqkSic&ver=2&cmt=0.193&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fvymaps.com%2F&len=21.060&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=19&rtn=10
Frame ID: 8BCB83FC31B4D8D04CD3762818A70DA0
Requests: 1 HTTP requests in this frame

Frame: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 5821E315A2A4275AB1B3680D8E0A2BF9
Requests: 32 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 36D2DC4372646D6D4EC9CC103559D758
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1616096632634
Frame ID: 1F994335D8A105F294AB63CB5E6F4B33
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 164EF6F60060FAD70A7A554396FC1028
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 83DD8C96069855A01F24BF7FE980B282
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1721A05089A52FCF415633B83895ECED
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1616096632652
Frame ID: 09C2FB984CDB2EAA7494661E57D731D2
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1616096632635
Frame ID: CAA8C236FE1327EC31C7862CA6EBB03E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0F5958CCA4306316483D3A9609043606
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7EC2A65CABFD9B2A4638C4D014E4B98F
Requests: 16 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5284218716346721713
Frame ID: BE4AB4AB9CB211236DC9B9ED05829404
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: EA2997267649E4DBD5F2D925E96F6D46
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=06B97C60-4211-473D-A6AA-B7992F841E06
Frame ID: E44F1096C0121A4E30559B9DF8DE4972
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABVYU7Ap1sAABVreCjpVw
Frame ID: 304F78CDA91F0F43B6B6002E8881C531
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941082211690543257
Frame ID: EF6843AB0511871D07F7F664B1BC967F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4420371981592730093
Frame ID: 99E2F18572102DED43F6E0974F046F67
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 9A9CA20C659494EECFF86C5EF39987F3
Requests: 1 HTTP requests in this frame

Frame: https://s.youtube.com/api/stats/watchtime?rti=10&st=0.000&et=10.176&rtn=20.000&ns=yt&fexp=44729226&el=adunit&cpn=rXp-5YgnZysnzII7&docid=i53AjFqkSic&ver=2&cmt=10.176&fmt=18&rt=9.000&adformat=2_2_1&euri=https%3A%2F%2Fvymaps.com%2F&len=21.060&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Frame ID: 1ACF4268AA25534C0B205113D6226CBF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

248
Requests

99 %
HTTPS

50 %
IPv6

50
Domains

80
Subdomains

60
IPs

12
Countries

3186 kB
Transfer

6531 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114
  • https://r2---sn-1gieen7e.googlevideo.com/videoplayback?expire=1616125433&ei=ea1TYMzaFM_K1gKp1afwCw&ip=185.156.175.187&id=8b9dc08c5aa44a27&itag=22&source=youtube&requiressl=yes&mh=sn&mm=31&mn=sn-1gieen7e&ms=au&mv=m&mvi=2&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=21.130&lmt=1612700569107278&mt=1616096460&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAP0Whv74tjGG3TfgEbfnGrTzVTH15u2gVTYeua2kM3cjAiEA9EqOuKOau54AGrY6GvqE9O24y4eD_3Nv7AgwfZE1o-c=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgFhqRtyYqJ6qX0p-mps42HIV7sv7yXPWX8xV0fih3Gh0CIHarf9wQ6tsWXmJNkO7uXaSTeAyT7_dsQqt1Q36LMiBF&cpn=rXp-5YgnZysnzII7 HTTP 302
  • https://r2---sn-4g5ednek.googlevideo.com/videoplayback?expire=1616125433&ei=ea1TYMzaFM_K1gKp1afwCw&ip=185.156.175.187&id=8b9dc08c5aa44a27&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=21.130&lmt=1612700569107278&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAP0Whv74tjGG3TfgEbfnGrTzVTH15u2gVTYeua2kM3cjAiEA9EqOuKOau54AGrY6GvqE9O24y4eD_3Nv7AgwfZE1o-c=&cpn=rXp-5YgnZysnzII7&redirect_counter=1&rm=sn-1gies7l&req_id=b43f603a584436e2&cms_redirect=yes&ipbypass=yes&mh=sn&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednek&ms=au&mt=1616096460&mv=m&mvi=2&pl=47&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgN3nEBkSTAm61lEqUzsjMsqazGXxC6EaoQvRGfPcG5ZkCIEvmCa9-fM9WbRVWXs4PaV74lmSTYvXy0zYHy_2A4S3r
Request Chain 179
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDH-PuvLhCgBhigBjIIWRPH1URgOt0 HTTP 301
  • https://tpc.googlesyndication.com/simgad/17271363063767141871
Request Chain 199
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 200
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 201
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 202
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5284218716346721713
Request Chain 204
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Brl8YEIRRz2mqreZL4QeBg%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Brl8YEIRRz2mqreZL4QeBg%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 206
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=06B97C60-4211-473D-A6AA-B7992F841E06&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=06B97C60-4211-473D-A6AA-B7992F841E06&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 207
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=06B97C60-4211-473D-A6AA-B7992F841E06&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=06B97C60-4211-473D-A6AA-B7992F841E06&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=06B97C60-4211-473D-A6AA-B7992F841E06&addseg=31
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDZCOTdDNjAtNDIxMS00NzNELUE2QUEtQjc5OTJGODQxRTA2&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDZCOTdDNjAtNDIxMS00NzNELUE2QUEtQjc5OTJGODQxRTA2&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKa24CV-2eDfvRfjMiWPtsY&google_cver=1
Request Chain 211
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1642447523310932682
Request Chain 212
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c28e7aeb-01ee-4a51-a3a9-a80e6e872286
Request Chain 213
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2b126053-ad7b-4100-9bf3-e59bae5074c8&gdpr=0&gdpr_consent=
Request Chain 214
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3592681305984275541&gdpr=0&gdpr_consent=
Request Chain 215
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=e66cfc78-072c-4f5d-ab67-7d0c9cf0d2c3&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=db63e6b7-f7c5-4625-8cea-61b7a9026ace&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 226
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCVllVN0FwMXNBQUJWcmVDanBWdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABVYU7Ap1sAABVreCjpVw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2993226759592927215 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABVYU7Ap1sAABVreCjpVw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D2993226759592927215%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=2993226759592927215&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABVYU7Ap1sAABVreCjpVw&pid=558502&do=add HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABVYU7Ap1sAABVreCjpVw
Request Chain 227
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941082211690543257
Request Chain 228
  • https://pixel.onaudience.com/?partner=214&mapped=06B97C60-4211-473D-A6AA-B7992F841E06 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=faa625f8ab3016fa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=833ee649-4a7d-4c15-7639-3c76d8613a2d&reqId=ab264912-914a-4f1d-7486-6846a95e26f8&zcluid=faa625f8ab3016fa&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEMp6ZbQqRZOvAqEucsk4fL0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=833ee649-4a7d-4c15-7639-3c76d8613a2d&reqId=ab264912-914a-4f1d-7486-6846a95e26f8&zcluid=faa625f8ab3016fa&zdid=1332
Request Chain 229
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2b126053-ad7b-4100-9bf3-e59bae5074c8
Request Chain 231
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=06B97C60-4211-473D-A6AA-B7992F841E06&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=06B97C60-4211-473D-A6AA-B7992F841E06&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RAuJy7NE2uWZ3eoNd7zkFtMmyGdBUss-~A&gdpr=0&gdpr_consent=
Request Chain 232
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9NrNhqOOz9Pv2c-C-tzVh6DSwdDvjs6A99LRCOaf
Request Chain 233
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YFOtfwAAAHnOfVZV HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFOtfwAAAHnOfVZV&gdpr=0&gdpr_consent=&_test=YFOtfwAAAHnOfVZV
Request Chain 234
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2539042921190263156&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 235
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b46025a3-6bdb-4112-af0c-5b6a57957b54&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 236
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=b4a1c601-896d-408e-9deb-e72b0506ac92-6053ad7f-4348&gdpr=0&gdpr_consent=
Request Chain 243
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIKq6QnPM0XQDwitsXb9OMg&google_cver=1
Request Chain 245
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4420371981592730093
Request Chain 246
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8977510431312260086
Request Chain 247
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9c44303c-4762-4e20-a8c6-e5666b90c8cf
Request Chain 249
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:cb3e6053-ad81-4300-9479-fae0050c69bc&gdpr=0&gdpr_consent=
Request Chain 250
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7034786816750057570&gdpr=0&gdpr_consent=
Request Chain 251
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Wk5ZGML6Q8qdP0VCA9w_LQ%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Wk5ZGML6Q8qdP0VCA9w_LQ%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 253
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=5A4E5918-C2FA-43CA-9D3F-454203DC3F2D&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=5A4E5918-C2FA-43CA-9D3F-454203DC3F2D&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 254
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=5A4E5918-C2FA-43CA-9D3F-454203DC3F2D&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=5A4E5918-C2FA-43CA-9D3F-454203DC3F2D&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=5A4E5918-C2FA-43CA-9D3F-454203DC3F2D&addseg=31
Request Chain 255
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUE0RTU5MTgtQzJGQS00M0NBLTlEM0YtNDU0MjAzREMzRjJE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUE0RTU5MTgtQzJGQS00M0NBLTlEM0YtNDU0MjAzREMzRjJE&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 256
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpubmatic%26bsw_param%3D8ff7e4e0-278b-4c07-949a-dcf387dd6bad%26gdpr%3D0%26consent%3D%26gdpr_pd%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=771952a45c9e44cb9b116ca11254bdb0&ssp=pubmatic&bsw_param=8ff7e4e0-278b-4c07-949a-dcf387dd6bad&gdpr=0&consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8ff7e4e0-278b-4c07-949a-dcf387dd6bad&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 257
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=CM1eVea1TYP2zCP7H7_UPud-ZiA2l0qDoYb2D5t-ADfS7q7KrCRABIOqa_Cdg9ZXOgeAEoAGcr_uoAsgBBeACAKgDAZgEAKoEkgJP0AM9oRCv2fTExEd8wwcFqV9htw2D6bQUZtEgF5fQrsuAAkgtdV-f5enq9W-xGPT9DN3K0Gn1CmiW5a0YGh4F7xp0R73Pwsfje3MB3MBXScaftGz5q7EUJKa1gKtcUVuoJdL3NqKhUKJuvab2UaU040z7AvyE8dZ9Ny2aZs_qLBx9Apq8hNy53V9L4cZ-zfajsKKRLQhT-lVqgqPHYSsJH-4Xi_lmOQcDX9hjALCUktSi4AfbOMCrNFgsRJWT8aUyqNt0D1lygOeaKgr-yQa74lGpl3-e65gErAcCLuwg_4pGXYgP4WZ7VKNnyRZu-87yllqETFzSRQFurRKrhRSZun44jU5cEZMCrjt73wb-prPWwAT5w6TEvwPgBAGgBlSAB8zQhNcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTgzOTQ5MjMwMTA5Nzg5NDWxCcgCX2Uj2yNqgAoDmAsByAsB0AsOuAwB2BMN0BUB4hYCCAGAFwE&num=1&cid=CAASPeRoRaZLO8Osugo3TTVMuXYtbkMDrsgPidmyCowZU-PigsLSiub2p2KVItp1sf375f1oHgcNYtDzvzTShyU&sig=AOD64_3EIxwl5CU8bTomYfinh11S7N52dA&client=ca-pub-2382012522979108&adurl=https://hero-wars.com/%3Fhl%3Den%26l%3Dloot%26m%3Dregistration%26nx_source%3Dadx_adwordsyoutube.hw_wb_u7_-.cc-ww_en.g-m.a-2554.au-all.opt-cpa.com-newac.lp-loot.cr-mightysticks8_h_21.dt-youtube.cid-12269775001.csd-050221.-%26l%3Dloot%26cp%3D-.cid-12269775001.agid-120133853689.tgid-.intgeo-.phgeo-1003297.ngr-vp.devt-c.devm-.gcid-%7Bgclid%7D.adId-496751852377.pt-vymaps.com_pt.ptc-.-&ctype=110&label=video_10s_engaged_view&ad_mt=10176&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D869,825,1149,1305%26p0%3D869,825,1149,1305%26p1%3D869,825,1149,1305%26tos%3D10246,0,0,0,0%26mtos%3D10246,10246,10246,10246,10246%26amtos%3D0,0,0,0,0%26mtos1%3D5496,0,0%26mcvt%3D10246%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10246%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2237%26pst%3D425%26dur%3D21060%26vmtime%3D10176%26is%3D275%26i0%3D275%26i1%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26c1%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4750,4750,4750,4750,4750%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D552%26femvt%3D0%26emc%3D53%26emuc%3D0%26emb%3D53,0,0,0,0%26avms%3Dexc%26qi%3D239139568%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D1616096644110%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10246%26ss0%3D0.07%26ss1%3D0.07&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.07%26t%3D1616096633601 HTTP 302
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=CPkfIea1TYP2zCP7H7_UPud-ZiA2l0qDoYb2D5t-ADfS7q7KrCRABIOqa_Cdg9ZXOgeAEoAGcr_uoAsgBBeACAKgDAZgEAKoEkgJP0AM9oRCv2fTExEd8wwcFqV9htw2D6bQUZtEgF5fQrsuAAkgtdV-f5enq9W-xGPT9DN3K0Gn1CmiW5a0YGh4F7xp0R73Pwsfje3MB3MBXScaftGz5q7EUJKa1gKtcUVuoJdL3NqKhUKJuvab2UaU040z7AvyE8dZ9Ny2aZs_qLBx9Apq8hNy53V9L4cZ-zfajsKKRLQhT-lVqgqPHYSsJH-4Xi_lmOQcDX9hjALCUktSi4AfbOMCrNFgsRJWT8aUyqNt0D1lygOeaKgr-yQa74lGpl3-e65gErAcCLuwg_4pGXYgP4WZ7VKNnyRZu-87yllqETFzSRQFurRKrhRSZun44jU5cEZMCrjt73wb-prPWwAT5w6TEvwPgBAHABW6gBlSAB8zQhNcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTgzOTQ5MjMwMTA5Nzg5NDWaCRZodHRwczovL2hlcm8td2Fycy5jb20vsQnIAl9lI9sjaoAKA5gLAcgLAdALDrgMAdgTDdAVAeIWAggBgBcB&num=1&cid=CAASPeRoRaZLO8Osugo3TTVMuXYtbkMDrsgPidmyCowZU-PigsLSiub2p2KVItp1sf375f1oHgcNYtDzvzTShyU&client=ca-pub-2382012522979108&ctype=110&label=video_10s_engaged_view&ad_mt=10176&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D869,825,1149,1305%26p0%3D869,825,1149,1305%26p1%3D869,825,1149,1305%26tos%3D10246,0,0,0,0%26mtos%3D10246,10246,10246,10246,10246%26amtos%3D0,0,0,0,0%26mtos1%3D5496,0,0%26mcvt%3D10246%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10246%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2237%26pst%3D425%26dur%3D21060%26vmtime%3D10176%26is%3D275%26i0%3D275%26i1%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26c1%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4750,4750,4750,4750,4750%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D552%26femvt%3D0%26emc%3D53%26emuc%3D0%26emb%3D53,0,0,0,0%26avms%3Dexc%26qi%3D239139568%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D1616096644110%26pngs%3D9s,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10246%26ss0%3D0.07%26ss1%3D0.07&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.07%26t%3D1616096633601&dblrd=1&uid=Ci0AZWm_UkHbS4rXq8xo0w2on98xLAP0_csk-JEpA4bYZNubQsK1bSUR_swM1tIQ-drOggYYDw&sig=AOD64_1J6FAGab7NM2vT_RvpDtje-9HPUQ&adurl=https://hero-wars.com/%3Fhl%3Den%26l%3Dloot%26m%3Dregistration%26nx_source%3Dadx_adwordsyoutube.hw_wb_u7_-.cc-ww_en.g-m.a-2554.au-all.opt-cpa.com-newac.lp-loot.cr-mightysticks8_h_21.dt-youtube.cid-12269775001.csd-050221.-%26l%3Dloot%26cp%3D-.cid-12269775001.agid-120133853689.tgid-.intgeo-.phgeo-1003297.ngr-vp.devt-c.devm-.gcid-%7Bgclid%7D.adId-496751852377.pt-vymaps.com_pt.ptc-.-

248 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/ 		17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
148.72.210.237 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-148-72-210-237.ip.secureserver.net
Software
Apache /
Resource Hash
1a86a0edff4a9ef945303720bc37980aadd31bde286b4c726fb5be33e490f340
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Host
vymaps.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com

Response headers

Date
Thu, 18 Mar 2021 19:43:51 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Encoding
gzip
Vary
Accept-Encoding,User-Agent
Set-Cookie
PHPSESSID=c3e366bbe080dfe0f58c61a38f1b9b10; path=/
Strict-Transport-Security
max-age=63072000
Access-Control-Allow-Origin
*
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-39508141-54
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
77c96ab73449d4f738af48ae6fc8c6df49b681f4013f5c112506efef1c811f50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39098
x-xss-protection
0
last-modified
Thu, 18 Mar 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 18 Mar 2021 19:43:52 GMT
92986e6c-8a5a-4ac6-9bf7-c57b71d34e5b.min.js
cmp.optad360.io/items/ 		247 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/92986e6c-8a5a-4ac6-9bf7-c57b71d34e5b.min.js
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:800:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4dde88cb60ed88aed07a5fb3ea6bcb3dd22b9dfb335ef84a11e1cf7e41e98e1

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:24:26 GMT
content-encoding
gzip
last-modified
Thu, 05 Nov 2020 11:58:40 GMT
server
AmazonS3
age
1167
etag
W/"3fac6ae9f253f0c364d85a26f6e2df0a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
zeS2nOeG8cJrr074c3jgMvHyGzuF-KJQ8S0nC8XFMxC7cm-jONMitA==
plugin.min.js
get.optad360.io/sf/275b7f3a-9183-4674-9018-4fd64bab25ef/ 		328 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/275b7f3a-9183-4674-9018-4fd64bab25ef/plugin.min.js
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:f600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89642fbbf4feeb496871605d6d9c64b0e285ad6edfc3f3fb874ee1e0bfc26734

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:39:11 GMT
content-encoding
gzip
last-modified
Wed, 17 Mar 2021 11:13:56 GMT
server
AmazonS3
age
282
etag
W/"b432f92992c62380549669c147e3e830"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
H4aNFckcuN1anWXOd5MEyGPpIHuh21fu5DvqKGPRvPrxpWP0o3qJQg==
skeleton_nov26_critical.css
vymaps.com/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vymaps.com/css/skeleton_nov26_critical.css
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
148.72.210.237 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-148-72-210-237.ip.secureserver.net
Software
Apache /
Resource Hash
17a9002ac8a52b211e82e6dad93f710c6a396e2cafc546ec2a61fcc35c82ef50
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:43:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Mar 2020 14:45:02 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Connection
close
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=2628000, public
Strict-Transport-Security
max-age=63072000
Accept-Ranges
bytes
Content-Length
1719
css
fonts.googleapis.com/ 		5 KB
681 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,300,600
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0b061d883fdd93ccb59569ff3fa3614c36af5e71537ab328440602624e52ffcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Mar 2021 19:36:52 GMT
server
ESF
date
Thu, 18 Mar 2021 19:43:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Mar 2021 19:43:52 GMT
normalize.css
vymaps.com/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vymaps.com/css/normalize.css
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
148.72.210.237 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-148-72-210-237.ip.secureserver.net
Software
Apache /
Resource Hash
56c6b95dccc628d32c02b1838e32ffbf2aba49b2012e72829d9566ba0a30d450
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:43:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Mar 2020 14:45:02 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Connection
close
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=2628000, public
Strict-Transport-Security
max-age=63072000
Accept-Ranges
bytes
Content-Length
870
/
vymaps.com/jcl-342/j43/2b1569cdb2/BR-19339109/ Frame 140D 		0
435 B 		Document
General
Check archive.org
Download Go to
Full URL
https://vymaps.com/jcl-342/j43/2b1569cdb2/BR-19339109/
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
148.72.210.237 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-148-72-210-237.ip.secureserver.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Host
vymaps.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PHPSESSID=c3e366bbe080dfe0f58c61a38f1b9b10
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/

Response headers

Date
Thu, 18 Mar 2021 19:43:52 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Encoding
gzip
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=63072000
Access-Control-Allow-Origin
*
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
embed.html
www.openstreetmap.org/export/ Frame 76D2 		445 B
620 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.openstreetmap.org/export/embed.html?bbox=-46.687517%2C-23.573159%2C-46.685517%2C-23.575159&layer=mapnik&marker=-23.574159%2C-46.686517
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:978:2:2c::172:d , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
f1f3fd9aa5d2f2ecb632ad80ec2f1ba327594d36088e6f26a56f811db239db50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
www.openstreetmap.org
:scheme
https
:path
/export/embed.html?bbox=-46.687517%2C-23.573159%2C-46.685517%2C-23.575159&layer=mapnik&marker=-23.574159%2C-46.686517
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
object
referer
https://vymaps.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://vymaps.com/

Response headers

date
Thu, 18 Mar 2021 19:43:52 GMT
server
Apache/2.4.41 (Ubuntu)
strict-transport-security
max-age=31536000; includeSubDomains; preload
expect-ct
max-age=0, report-uri="https://openstreetmap.report-uri.com/r/d/ct/reportOnly"
last-modified
Wed, 17 Mar 2021 20:05:54 GMT
etag
"1bd-5bdc102a419e0-gzip"
accept-ranges
bytes
cache-control
max-age=604800
expires
Thu, 25 Mar 2021 19:43:52 GMT
vary
Accept-Encoding
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v19/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,300,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://vymaps.com
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 18:26:50 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:37:32 GMT
server
sffe
age
263822
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47272
x-xss-protection
0
expires
Tue, 15 Mar 2022 18:26:50 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-39508141-54
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
6077
date
Thu, 18 Mar 2021 18:02:35 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Thu, 18 Mar 2021 20:02:35 GMT
embed-3bc695f160cd85c274c263ac12ae2a2fe41eb7d00a33e49d4ffad209dcd1196c.css
www.openstreetmap.org/assets/ Frame 76D2 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.openstreetmap.org/assets/embed-3bc695f160cd85c274c263ac12ae2a2fe41eb7d00a33e49d4ffad209dcd1196c.css
Requested by
Host: www.openstreetmap.org
URL: https://www.openstreetmap.org/export/embed.html?bbox=-46.687517%2C-23.573159%2C-46.685517%2C-23.575159&layer=mapnik&marker=-23.574159%2C-46.686517
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:978:2:2c::172:d , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
96a72659a5c7711afb54369e2dcb9e1568bc720022a7dff6cd0d86a99f3fc982
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:52 GMT
content-encoding
gzip
server
Apache/2.4.41 (Ubuntu)
etag
"a07"
expect-ct
max-age=0, report-uri="https://openstreetmap.report-uri.com/r/d/ct/reportOnly"
vary
Accept-encoding
content-type
text/css
cache-control
immutable, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
2567
expires
Fri, 18 Mar 2022 19:43:52 GMT
embed-f0f32f2f1928d8da7d9c17bb07d0e797d6f74a48da45e8549873a943d50d85aa.js
www.openstreetmap.org/assets/ Frame 76D2 		175 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.openstreetmap.org/assets/embed-f0f32f2f1928d8da7d9c17bb07d0e797d6f74a48da45e8549873a943d50d85aa.js
Requested by
Host: www.openstreetmap.org
URL: https://www.openstreetmap.org/export/embed.html?bbox=-46.687517%2C-23.573159%2C-46.685517%2C-23.575159&layer=mapnik&marker=-23.574159%2C-46.686517
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:978:2:2c::172:d , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6be976f68ea8f7910100178760a6be09f7a85a35bec4ceb610569007b288e989
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:52 GMT
content-encoding
gzip
server
Apache/2.4.41 (Ubuntu)
etag
"be35"
expect-ct
max-age=0, report-uri="https://openstreetmap.report-uri.com/r/d/ct/reportOnly"
vary
Accept-encoding
content-type
text/javascript
cache-control
immutable, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
48693
expires
Fri, 18 Mar 2022 19:43:52 GMT
collect
www.google-analytics.com/j/ 		2 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=118568431&t=pageview&_s=1&dl=https%3A%2F%2Fvymaps.com%2FBR%2FParana-Banco-S-a-Jardim-Paulistano-1134816926595973%2F&ul=en-us&de=UTF-8&dt=Paran%C3%A1%20Banco%20S.A.%20-%20Jardim%20Paulistano%2C%20S%C3%A3o%20Paulo%20(%2B551130628865)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1583833542&gjid=546557428&cid=1154705324.1616096632&tid=UA-39508141-54&_gid=880302521.1616096632&_r=1&gtm=2ou3a0&z=1133284430
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vymaps.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
37185.png
tile.openstreetmap.org/16/24268/ Frame 76D2 		14 B
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tile.openstreetmap.org/16/24268/37185.png
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
278f003df0c26e51fe43b2666704d4c59cd2ab4bd4b5981d36ce889ba45990d8

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616096632.480591,VS0,VE0
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
14
retry-after
0
x-served-by
cache-hhn4074-HHN
37185.png
tile.openstreetmap.org/16/24269/ Frame 76D2 		14 B
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tile.openstreetmap.org/16/24269/37185.png
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
278f003df0c26e51fe43b2666704d4c59cd2ab4bd4b5981d36ce889ba45990d8

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616096632.480623,VS0,VE0
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
14
retry-after
0
x-served-by
cache-hhn4074-HHN
37186.png
tile.openstreetmap.org/16/24268/ Frame 76D2 		14 B
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tile.openstreetmap.org/16/24268/37186.png
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
278f003df0c26e51fe43b2666704d4c59cd2ab4bd4b5981d36ce889ba45990d8

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616096632.480617,VS0,VE0
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
14
retry-after
0
x-served-by
cache-hhn4074-HHN
37186.png
tile.openstreetmap.org/16/24269/ Frame 76D2 		14 B
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tile.openstreetmap.org/16/24269/37186.png
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
278f003df0c26e51fe43b2666704d4c59cd2ab4bd4b5981d36ce889ba45990d8

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616096632.480890,VS0,VE0
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
14
retry-after
0
x-served-by
cache-hhn4074-HHN
37185.png
tile.openstreetmap.org/16/24267/ Frame 76D2 		14 B
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tile.openstreetmap.org/16/24267/37185.png
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
278f003df0c26e51fe43b2666704d4c59cd2ab4bd4b5981d36ce889ba45990d8

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616096632.480635,VS0,VE0
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
14
retry-after
0
x-served-by
cache-hhn4074-HHN
37185.png
tile.openstreetmap.org/16/24270/ Frame 76D2 		14 B
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tile.openstreetmap.org/16/24270/37185.png
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
278f003df0c26e51fe43b2666704d4c59cd2ab4bd4b5981d36ce889ba45990d8

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616096632.480886,VS0,VE0
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
14
retry-after
0
x-served-by
cache-hhn4074-HHN
37186.png
tile.openstreetmap.org/16/24267/ Frame 76D2 		14 B
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tile.openstreetmap.org/16/24267/37186.png
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
278f003df0c26e51fe43b2666704d4c59cd2ab4bd4b5981d36ce889ba45990d8

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616096632.480575,VS0,VE0
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
14
retry-after
0
x-served-by
cache-hhn4074-HHN
37186.png
tile.openstreetmap.org/16/24270/ Frame 76D2 		14 B
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tile.openstreetmap.org/16/24270/37186.png
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
278f003df0c26e51fe43b2666704d4c59cd2ab4bd4b5981d36ce889ba45990d8

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616096632.480552,VS0,VE0
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
14
retry-after
0
x-served-by
cache-hhn4074-HHN
marker-icon-3d253116ec4ba0e1f22a01cdf1ff7f120fa4d89a6cd0933d68f12951d19809b4.png
www.openstreetmap.org/assets/leaflet/dist/images/ Frame 76D2 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.openstreetmap.org/assets/leaflet/dist/images/marker-icon-3d253116ec4ba0e1f22a01cdf1ff7f120fa4d89a6cd0933d68f12951d19809b4.png
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:978:2:2c::172:d , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
574c3a5cca85f4114085b6841596d62f00d7c892c7b03f28cbfa301deb1dc437
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:52 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"5ba"
expect-ct
max-age=0, report-uri="https://openstreetmap.report-uri.com/r/d/ct/reportOnly"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
cache-control
immutable, max-age=31536000
accept-ranges
bytes
content-length
1466
expires
Fri, 18 Mar 2022 19:43:52 GMT
marker-shadow-a2d94406ba198f61f68a71ed8f9f9c701122c0c33b775d990edceae4aece567f.png
www.openstreetmap.org/assets/leaflet/dist/images/ Frame 76D2 		618 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.openstreetmap.org/assets/leaflet/dist/images/marker-shadow-a2d94406ba198f61f68a71ed8f9f9c701122c0c33b775d990edceae4aece567f.png
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:978:2:2c::172:d , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
264f5c640339f042dd729062cfc04c17f8ea0f29882b538e3848ed8f10edb4da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:52 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"26a"
expect-ct
max-age=0, report-uri="https://openstreetmap.report-uri.com/r/d/ct/reportOnly"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
cache-control
immutable, max-age=31536000
accept-ranges
bytes
content-length
618
expires
Fri, 18 Mar 2022 19:43:52 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
81 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-39508141-54&cid=1154705324.1616096632&jid=1583833542&gjid=546557428&_gid=880302521.1616096632&_u=IEBAAUAAAAAAAC~&z=16016892
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 18 Mar 2021 19:43:52 GMT
content-type
text/plain
access-control-allow-origin
https://vymaps.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
stat.optad360.mgr.consensu.org/ 		20 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.optad360.mgr.consensu.org/
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/275b7f3a-9183-4674-9018-4fd64bab25ef/plugin.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.196.233.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-233-38.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1df95b226ba28a770a8d3aae9105878511a0b8eb6cdc9a4d15d4d89d26ffda0b

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 18 Mar 2021 19:43:52 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/275b7f3a-9183-4674-9018-4fd64bab25ef/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
0551c68481c29ba9c5daec9c488f380352b81235602f6dcc0b33ff2f0c29c0c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"816 / 367 of 1000 / last-modified: 1616091821"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19850
x-xss-protection
0
expires
Thu, 18 Mar 2021 19:43:52 GMT
prebid4.19.0.js
get.optad360.io/sf/ 		410 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid4.19.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/275b7f3a-9183-4674-9018-4fd64bab25ef/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:f600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
257579348172eb9f739308373580772054c0b671f63e8f002aed9f9774a6272e

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 23:57:32 GMT
content-encoding
gzip
last-modified
Thu, 17 Dec 2020 09:52:06 GMT
server
AmazonS3
age
589581
etag
W/"08b0612ac0c68ebf519b28323f4e2aa2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
cache-control
public, max-age=604800
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
-nQJ2gtyb5rd7LJfj1Np0hgkwBCm4DLpHArFhQ6UitfHEq9RxVOY4A==
optad360.js
serving.stat-rock.com/player/ 		302 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serving.stat-rock.com/player/optad360.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/275b7f3a-9183-4674-9018-4fd64bab25ef/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
4ca8ee087d2ab929975531c89f721db12ccf2de9f3184174ae9cc80e046c026d

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:52 GMT
content-encoding
gzip
last-modified
Tue, 02 Mar 2021 13:49:28 GMT
server
nginx
etag
W/"603e4268-4b67b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		1 KB
948 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210318
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
334263ebd77a6466a27c622d0463d832649879f48eb70221e7db0650c430e1e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
31265
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
767
etag
W/"53f-3g+qkvrx39vV/xG6Te0bpbbMCMs"
x-served-by
cache-fra19146-FRA, cache-hhn4024-HHN
date
Thu, 18 Mar 2021 19:43:52 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vymaps.com
date
Thu, 18 Mar 2021 19:43:52 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vymaps.com
date
Thu, 18 Mar 2021 19:43:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
adx.adform.net/adx/ 		10 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc4ODE2MCZ0cmFuc2FjdGlvbklkPTZjZDEyMjcxLWM1NzgtNDkwYi1iYThjLWQwMjdiYzk2NmMwMiZyY3VyPVBMTg%3D%3D&bWlkPTc4ODE2MCZ0cmFuc2FjdGlvbklkPWU2MzYxN2U5LTBkNmQtNGJkNi1iMWE0LThmNmI3MWVhYmY3MCZyY3VyPVBMTg%3D%3D&pt=gross&stid=18aac84e-671a-44d7-8b6f-0aa8eb1619ca&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:52 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://vymaps.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
10
expires
-1
mvo
tag.1rx.io/rmp/216032/0/ 		0
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216032/0/mvo?z=1r&hbv=4.19,2.1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://vymaps.com
Pragma
no-cache
Date
Thu, 18 Mar 2021 19:43:52 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://vymaps.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
prebid
ib.adnxs.com/ut/v3/ 		250 B
942 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d548d1205700925bbe9816591f74ff101f4e590fdc098d67c4256c8a16e2c70a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 19:43:52 GMT
X-Proxy-Origin
185.156.175.187; 185.156.175.187; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.134:80
AN-X-Request-Uuid
ec915e2e-aec6-4361-b99f-b7f37972e163
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://vymaps.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
250
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.19.0&cb=42999117323
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vymaps.com
date
Thu, 18 Mar 2021 19:43:51 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		248 B
940 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d384f44a80c581a8bc4eaa797e89471744206743c9ba9cd1c889020fa71a085d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 19:43:52 GMT
X-Proxy-Origin
185.156.175.187; 185.156.175.187; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.135:80
AN-X-Request-Uuid
067206c3-3e49-4bc7-abfb-4a75a30ecfb8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://vymaps.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
248
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/216032/0/ 		0
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216032/0/mvo?z=1r&hbv=4.19,2.1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://vymaps.com
Pragma
no-cache
Date
Thu, 18 Mar 2021 19:43:52 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
cdb
bidder.criteo.com/ 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.19.0&cb=19784776396
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vymaps.com
date
Thu, 18 Mar 2021 19:43:51 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
/
adx.adform.net/adx/ 		10 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc4ODE2MCZ0cmFuc2FjdGlvbklkPTA5YWVlODFlLWY0ZDAtNDk1NS1hNDc1LTIzNmNjNWVlMThkOCZyY3VyPVBMTg%3D%3D&bWlkPTc4ODE2MCZ0cmFuc2FjdGlvbklkPWNkNWQ1MDUzLWFmMDktNDAyMy04OGQ2LWUxZWM3ZjBlOTI1MyZyY3VyPVBMTg%3D%3D&pt=gross&stid=ae0cf518-0412-40a2-ae02-c99fdec1b34d&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:52 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://vymaps.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
10
expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vymaps.com
date
Thu, 18 Mar 2021 19:43:52 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vymaps.com
date
Thu, 18 Mar 2021 19:43:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://vymaps.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vymaps.com
date
Thu, 18 Mar 2021 19:43:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vymaps.com
date
Thu, 18 Mar 2021 19:43:52 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.19.0&cb=9480979774
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vymaps.com
date
Thu, 18 Mar 2021 19:43:52 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
mvo
tag.1rx.io/rmp/216032/0/ 		0
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216032/0/mvo?z=1r&hbv=4.19,2.1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://vymaps.com
Pragma
no-cache
Date
Thu, 18 Mar 2021 19:43:52 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
/
adx.adform.net/adx/ 		10 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc4ODE2MCZ0cmFuc2FjdGlvbklkPTZmOWMxZDczLWNhODUtNGY3OC04YjZhLWVhZjExZDUyMGY4MyZyY3VyPVBMTg%3D%3D&bWlkPTc4ODE2MCZ0cmFuc2FjdGlvbklkPWE4MGIyNTZmLTk2MmItNDI0Ni04NTllLTUzNWYzNzM3MTc1ZSZyY3VyPVBMTg%3D%3D&pt=gross&stid=ce3bdbdc-cd71-41aa-8325-7c58242416fe&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:52 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://vymaps.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
10
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		250 B
942 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
324304300b8ff46b6520090aed400c5044f17673cdd930d9431dccc32c19ef34
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 19:43:52 GMT
X-Proxy-Origin
185.156.175.187; 185.156.175.187; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.138:80
AN-X-Request-Uuid
76d63ccf-92d0-4dd0-89fc-d3bbee26ce8e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://vymaps.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
250
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://vymaps.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
pubads_impl_2021031501.js
securepubads.g.doubleclick.net/gpt/ 		283 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
7da22511eaa997140ea43f7c0e5f732df19e1910c5cf8bdfc3e3b2782cd7b782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 08:44:09 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102037
x-xss-protection
0
expires
Thu, 18 Mar 2021 19:43:52 GMT
integrator.js
adservice.google.ch/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=vymaps.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Mar 2021 19:43:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=vymaps.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Mar 2021 19:43:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		257 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3739828141085810&correlator=1017845170982179&output=ldjh&impl=fif&eid=21068530%2C31060313%2C21068030%2C31060367%2C31060506%2C44739387&vrg=2021031501&ptt=17&sc=1&sfv=1-0-37&ecs=20210318&iu_parts=121764058%2Cvymaps.com%2Cvymaps.com_Multiplex&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&cookie_enabled=1&bc=31&abxe=1&lmt=1616096632&dt=1616096632748&dlt=1616096632125&idt=603&frm=20&biw=1600&bih=1200&oid=3&adxs=300&adys=1387&adks=1531579298&ucis=1&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fvymaps.com%2FBR%2FParana-Banco-S-a-Jardim-Paulistano-1134816926595973%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1000x0&msz=1000x0&ga_vid=1154705324.1616096632&ga_sid=1616096633&ga_hid=118568431&ga_fc=false&fws=128&ohw=0&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
7172296fa04b1488df5301a51e10cf3ce973bf51ce7946f2616b557e7ade8fb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32060
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vymaps.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		52 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3739828141085810&correlator=1017845170982179&output=ldjh&impl=fif&eid=21068530%2C31060313%2C21068030%2C31060367%2C31060506%2C44739387&vrg=2021031501&ptt=17&sc=1&sfv=1-0-37&ecs=20210318&iu_parts=121764058%2Cvymaps.com%2Cvymaps.com_adi_S2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90%7C750x100%7C750x200%7C750x300%7C970x200%7C970x250%7C970x300&cookie_enabled=1&bc=31&abxe=1&lmt=1616096632&dt=1616096632762&dlt=1616096632125&idt=603&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1326&adks=145136379&ucis=2&ifi=2&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fvymaps.com%2FBR%2FParana-Banco-S-a-Jardim-Paulistano-1134816926595973%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=970x90&ga_vid=1154705324.1616096632&ga_sid=1616096633&ga_hid=118568431&ga_fc=false&fws=128&ohw=0&btvi=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e62520b5dfa269873d8a80d515353b5b874e30330e51025a17209cadbdaf9c19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11919
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vymaps.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		447 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3739828141085810&correlator=1017845170982179&output=ldjh&impl=fif&eid=21068530%2C31060313%2C21068030%2C31060367%2C31060506%2C44739387&vrg=2021031501&ptt=17&sc=1&sfv=1-0-37&ecs=20210318&iu_parts=121764058%2Cvymaps.com_SF2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x100%7C970x90&cookie_enabled=1&bc=31&abxe=1&lmt=1616096632&dt=1616096632776&dlt=1616096632125&idt=603&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1110&adks=2058165071&ucis=3&ifi=3&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fvymaps.com%2FBR%2FParana-Banco-S-a-Jardim-Paulistano-1134816926595973%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=728x-1&ga_vid=1154705324.1616096632&ga_sid=1616096633&ga_hid=118568431&ga_fc=false&fws=640&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
84b45efa47684164dffe494b30409dc7b6c805efa89eea530ced8900797ffe58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vymaps.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		107 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3739828141085810&correlator=1017845170982179&output=ldjh&impl=fif&eid=21068530%2C31060313%2C21068030%2C31060367%2C31060506%2C44739387&vrg=2021031501&ptt=17&sc=1&sfv=1-0-37&ecs=20210318&iu_parts=121764058%2Cvymaps.com%2Cvymaps.com_adi_S1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C336x280%7C360x300&cookie_enabled=1&bc=31&abxe=1&lmt=1616096632&dt=1616096632783&dlt=1616096632125&idt=603&frm=20&biw=1600&bih=1200&oid=3&adxs=390&adys=854&adks=3182777670&ucis=4&ifi=4&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fvymaps.com%2FBR%2FParana-Banco-S-a-Jardim-Paulistano-1134816926595973%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=300x250&ga_vid=1154705324.1616096632&ga_sid=1616096633&ga_hid=118568431&ga_fc=false&fws=128&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
3eef03a0d3e4806139fe69a24d8c8017d666bc7ffae9b2b8b6566268adbe9d8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18593
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vymaps.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		630 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		330 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ab8d4672e4e6dddaffe2961db019619fddee5fdad48793107e3ef3065239f68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116759
x-xss-protection
0
expires
Thu, 18 Mar 2021 19:43:52 GMT
1
serving.stat-rock.com/v1/log/js/ 		35 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1616096632793.1394&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fvymaps.com%2FBR%2FParana-Banco-S-a-Jardim-Paulistano-1134816926595973%2F&t=130&v=82.opt&width=480&z=p%3Adf%3Bv%3AinBanner%3B&r=0.9423872034497216
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin
https://vymaps.com
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:52 GMT
server
nginx
srvb
127.0.0.1:8082
access-control-max-age
86400
content-type
image/gif
access-control-allow-origin
*
srvf
78.140.185.32
content-length
35
bridge3.447.1_en.html
imasdk.googleapis.com/js/core/ Frame BF0F 		576 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.447.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vymaps.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://vymaps.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192496
date
Sun, 14 Mar 2021 13:29:38 GMT
expires
Mon, 14 Mar 2022 13:29:38 GMT
last-modified
Sun, 14 Mar 2021 13:23:56 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
368054
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Thu, 18 Mar 2021 19:43:52 GMT
1
serving.stat-rock.com/v1/log/js/ 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1616096632793.1394&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fvymaps.com%2FBR%2FParana-Banco-S-a-Jardim-Paulistano-1134816926595973%2F&t=220&v=82.opt&width=480&z=p%3Adf%3Bv%3AinBanner%3Bc%3Agoogima%3B&r=0.16845631683974727
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin
https://vymaps.com
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:52 GMT
server
nginx
srvb
127.0.0.1:8082
access-control-max-age
86400
content-type
image/gif
access-control-allow-origin
*
srvf
78.140.185.32
content-length
35
integrator.js
adservice.google.ch/adsid/ 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=vymaps.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Mar 2021 19:43:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=vymaps.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Mar 2021 19:43:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
1
serving.stat-rock.com/v1/log/js/ 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1616096632793.1394&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fvymaps.com%2FBR%2FParana-Banco-S-a-Jardim-Paulistano-1134816926595973%2F&t=235&v=82.opt&width=480&z=p%3Adf%3Bv%3AinBanner%3Bc%3Agoogima%3B&r=0.6997683531958294
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin
https://vymaps.com
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:52 GMT
server
nginx
srvb
127.0.0.1:8082
access-control-max-age
86400
content-type
image/gif
access-control-allow-origin
*
srvf
78.140.185.32
content-length
35
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7CD3 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:27:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
986
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Thu, 18 Mar 2021 20:27:26 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame BF0F 		68 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F121764058%2Fvymaps.com_video_intext_AdPlayer&url=https%3A%2F%2Fvymaps.com%2FBR%2FParana-Banco-S-a-Jardim-Paulistano-1134816926595973%2F&description_url=https%3A%2F%2Fvymaps.com%2F&tfcd=0&npa=0&sz=300x250%7C400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&nofb=1&vpa=auto&osd=2&frm=0&vis=1&sdr=1&is_amp=0&sdkv=h.3.447.1&hl=en&afvsz=200x200%2C450x50&u_so=l&ctv=0&sdki=44d&adk=1380289063&sdk_apis=2%2C8&sid=72450AEC-C711-4361-8010-43A300DFE93E&eid=44729226&dt=1616096633088&cookie_enabled=1&correlator=1206386531100222&scor=3615663071872462&ged=ve4_td1_tt0_pd1_la1000_er869.825.1022.1125_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
7c7c5d803f05b77dc31c4184e5fcf8b206806a1a99ab7569f64d6867e2bf6134
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14056
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 74D8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vymaps.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://vymaps.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Thu, 18 Mar 2021 19:43:52 GMT
expires
Fri, 18 Mar 2022 19:43:52 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980824644616"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28204
x-xss-protection
0
expires
Thu, 18 Mar 2021 19:43:53 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83009062173e38bd4d51ca32a45b229a36ff7e08d5f537f7258ae4e4cff5dffa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Mar 2021 19:43:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6552
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Thu, 18 Mar 2021 19:43:53 GMT
86645057ba4817bae9835c203c8960c4.js
www.gstatic.com/mysidia/ Frame 74D8 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/86645057ba4817bae9835c203c8960c4.js?tag=client_fast_engine_2019
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
393c0a39f41e5b14bdc33e5f5093a0d3ee0fb50eb4043d35e8a1995b5d2dd371
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 11:21:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 Mar 2021 03:37:36 GMT
server
sffe
age
30123
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2784
x-xss-protection
0
expires
Wed, 16 Jun 2021 11:21:50 GMT
2dbca8cb297416d34da77e803ffe365c.js
www.gstatic.com/mysidia/ Frame 74D8 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/2dbca8cb297416d34da77e803ffe365c.js?tag=core/maui_alpha_v3
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0a069cfa2640a6aa77d8cef1f436cdae102ba2ada68a29f1b9c3223c804dbbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 11:08:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Mar 2021 03:13:35 GMT
server
sffe
age
30932
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2290
x-xss-protection
0
expires
Wed, 16 Jun 2021 11:08:21 GMT
css
fonts.googleapis.com/ Frame 74D8 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Mar 2021 19:07:41 GMT
server
ESF
date
Thu, 18 Mar 2021 19:43:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Mar 2021 19:43:53 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 74D8 		2 KB
988 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:40:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
891
x-xss-protection
0
server
cafe
etag
8551179781376740118
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Apr 2021 19:40:59 GMT
1f199a2bb232146b8a1b2d122d2e271a.js
www.gstatic.com/mysidia/ Frame 74D8 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1f199a2bb232146b8a1b2d122d2e271a.js?tag=exit_2019
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef543d178ff58f0265fd09ec0eae0616d0e7d526e4263bb5faf166e5bba4fb2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 11:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 Mar 2021 03:37:36 GMT
server
sffe
age
30121
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7790
x-xss-protection
0
expires
Wed, 16 Jun 2021 11:21:52 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 74D8 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:39:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7120
x-xss-protection
0
server
cafe
etag
15132876316592709121
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Apr 2021 19:39:39 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 74D8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:41:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Apr 2021 19:41:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 74D8 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Thu, 18 Mar 2021 19:43:53 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 74D8 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5991
x-xss-protection
0
server
cafe
etag
8832118191516519848
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Apr 2021 19:43:02 GMT
l
www.google.com/ads/measurement/ Frame 74D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQkzfBn_crLaeWIxLiZHm9OKUQC-TapcPBfqdeEjgedkEWKNCO9tIkEN0MyE3oWqM4iQnll
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
downsize_200k_v1
tpc.googlesyndication.com/simgad/18301580687081277311/ Frame 74D8 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18301580687081277311/downsize_200k_v1?w=400&h=209
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f27de7fccfd62b872b9aa0b61085ecf5b07fe8841b4c7eb4243406d7158fe6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 12:54:02 GMT
x-content-type-options
nosniff
age
110991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16838
x-xss-protection
0
last-modified
Tue, 27 Oct 2020 12:24:54 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 12:54:02 GMT
container.html
dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 74D8 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2973
x-xss-protection
0
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
server
sffe
vary
Accept-Encoding
content-type
text/html
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Mar 2022 19:43:52 GMT
truncated
/ Frame 74D8 		277 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0951a64df50b284305037a7d7603ad6dc669654d79740455feb3c7d37dd3b05

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
downsize_200k_v1
tpc.googlesyndication.com/simgad/8283669012514977447/ Frame 74D8 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8283669012514977447/downsize_200k_v1?w=400&h=209
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
222b380d438f6508ba0a3d4bdb1bc659b83fb162ba2754985b9407d8f10812c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 19:35:15 GMT
x-content-type-options
nosniff
age
432518
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15335
x-xss-protection
0
last-modified
Wed, 05 Aug 2020 16:10:55 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Mar 2022 19:35:15 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/1770827894509302768/ Frame 74D8 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1770827894509302768/downsize_200k_v1?w=400&h=209
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4351e7c75c168f06ebad7d5e80be6197991771f0888476daff4bdf6dbe504151
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 18:08:43 GMT
x-content-type-options
nosniff
age
178510
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17246
x-xss-protection
0
last-modified
Thu, 18 Feb 2021 15:57:17 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Mar 2022 18:08:43 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/16493305593707511028/ Frame 74D8 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16493305593707511028/downsize_200k_v1?w=400&h=209
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2fc52067ea3825be6de3639082f0909c1e19a5568a4bea8d7501c0c79622ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:38:55 GMT
x-content-type-options
nosniff
age
75898
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15219
x-xss-protection
0
last-modified
Fri, 26 Apr 2019 08:32:42 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 22:38:55 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/16789124375836857341/ Frame 74D8 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16789124375836857341/downsize_200k_v1?w=400&h=209
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8a8dafea85147b7a14a0fe4f8292c63b605d93c1cad2d02e1d92ad3599d189
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 18:58:39 GMT
x-content-type-options
nosniff
age
434714
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22717
x-xss-protection
0
last-modified
Mon, 02 Sep 2019 14:36:27 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Mar 2022 18:58:39 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/3584797382411702240/ Frame 74D8 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3584797382411702240/downsize_200k_v1?w=400&h=209
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a16b1047e87c9487d366e371712da2f654c3b09f5fc5b2e43817b92ec88ba7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 10:33:28 GMT
x-content-type-options
nosniff
age
33025
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20770
x-xss-protection
0
last-modified
Mon, 29 Apr 2019 12:13:57 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Mar 2022 10:33:28 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/7736036349102863089/ Frame 74D8 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7736036349102863089/downsize_200k_v1?w=400&h=209
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b99dc37e5c848d50b7a4b3565d3ca152589cc7da67c02c3d05b60237e83c7b3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 06:35:43 GMT
x-content-type-options
nosniff
age
565690
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18175
x-xss-protection
0
last-modified
Tue, 15 Dec 2020 09:43:05 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Mar 2022 06:35:43 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/2999182660240600186/ Frame 74D8 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2999182660240600186/downsize_200k_v1?w=400&h=209
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
667f630979c24c0380420f9bb950167914b71e0b4007fbb9c71c4e4b8f5e9f12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 00:15:22 GMT
x-content-type-options
nosniff
age
588511
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9901
x-xss-protection
0
last-modified
Thu, 10 Dec 2020 16:37:02 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Mar 2022 00:15:22 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 74D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C97LxeK1TYPOKMdXz3wPPtahAn_C07GHC8oyEpgyWgs2FiBYQASCqgMMiKAhg9ZXOgeAEoAGI0NS5A8gBBqkCsZ4Lu_ITsj7gAgCoAwHIA5sEqgT-AU_QfYPdOBvExeLUV-JK2pCac53ys6DKiy8l_UvmZEtye2JJ_LjY_Mpf3xyU3F6woG-1VqOXkqxEyuFRdNOk495hppNVom4O_PyfsL6dlBPacsuF0WGTDli9Oqou-pMI6otkhVcxheW3Gcxgn2WnuTtn1EyTmoh_yfi8mNvAGtmFwXJM93ZjuHAuYp1K1TR0ARmRnIk_lsvuACOKEeELTJtPqHFp0h5kBVkaLzOgtYXnGLUHMBBd5ksL3WU8zrvcK2orNkDPMEHevf59mgKFVkh_-epdZe02qjXmac0fACiQScX8XCFzAYUCT0gXJjji7E43t4y2FlqS4Bxg50p1wASih6uwiQPgBAGSBQQIBBgBkgUECAUYBKAGN4AH4K-rRqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBD9sgvSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTgzOTQ5MjMwMTA5Nzg5NDWACgPICwHCEwYYiNDUuQPYEw2IFA3QFQGAFwGyFxoKGAgAEhRwdWItNTUxMjM5MDcwNTEzNzUwNw&sigh=zz0bgphGJW8&template_id=492&tpd=AGWhJmvYM47saqPgnRbKUCfmz94XIa5_N0_df2NlfyYIf5GZ-A
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 74D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CoP1AeK1TYPOKMdXz3wPPtahA8YjW_l7v2Nqy2wvb2R4QAiCqgMMiKAhg9ZXOgeAEoAHfnofOA8gBBqkCsZ4Lu_ITsj7gAgCoAwHIA5sEqgT_AU_QYfbfOBjExeLUV-JK2pCac53ys6DKiy8l_UvmZEtye2JJ_LjY_Mpf3xyU3F6woG-1VqOXkqxEyuFRdNOk495hppNVom4O_PyfsL6dlBPacsuF0WGTDli9Oqou-pMI6otkhVcxheW3Gcxgn2WnuTtn1EyTmohgyfjg3roA8TGN8nhN8HFmuHAgajzZWr7qmpYbcmKrLA4Fj61g-hvwpnDDI4Cf0V4kQejsrLOgtXAREz2HNOGr5U8N35DKjfvcK5_dN2LvMLQovv59mPVzVUh_-R-rZ-w2qv0qbB7IBzqAqSMyCj3m_kAQpgSjg6jn6-Iks9NNDIjny36O0LmkF8AEhZ7hyvgC4AQBiAWr1rTdA5IFCggDEAIYAToCCAWSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHieH4MagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBD9sgvSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTgzOTQ5MjMwMTA5Nzg5NDWACgPICwHCEwYY356HzgPYEw2IFAfQFQGAFwGyFxoKGAgAEhRwdWItNTUxMjM5MDcwNTEzNzUwNw&sigh=ZHoxghHwjHw&template_id=492&tpd=AGWhJmvtDc40u0Zn0bbvVh7KSLNwt2Whp_zVYUT9MIg2MxywHA
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 74D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CbahVeK1TYPOKMdXz3wPPtahAq5rB8GH3gKK2nA2Wgs2FiBYQAyCqgMMiKAhg9ZXOgeAEoAHunYLZA8gBBqkCsZ4Lu_ITsj7gAgCoAwHIA5sEqgT_AU_QEMHoOB_ExeLUV-JK2pCac53ys6DKiy8l_UvmZEtye2JJ_LjY_Mpf3xyU3F6woG-1VqOXkqxEyuFRdNOk495hppNVom4O_PyfsL6dlBPacsuF0WGTDli9Oqou-pMI6otkhVcxheW3Gcxgn2WnuTtn1EyTmoh_yfi07bwa6DGN8nhN8HFmuHAgajzZWr7qmpYbcmKrLA4Fj61g-hvwpnDDI4Cf0V4kQejsrLOgtXAREz2HNOGr5U8N35DKjfvcK5_dN2LvMLQovv59mPVzVUh_-R-rZ-w2qv0qbB7IBzqAqSMyCUzx60AQW6vwg6jn6-Jk4JZnB4ip6V6k3rmkF8AE19Gn5rgD4AQBkgUECAQYAZIFBAgFGASgBjeAB_rh_SaoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ_bIL0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi04Mzk0OTIzMDEwOTc4OTQ1gAoDyAsBwhMGGO6dgtkD2BMNiBQC0BUBgBcBshcaChgIABIUcHViLTU1MTIzOTA3MDUxMzc1MDc&sigh=7X6J9Sa4grI&template_id=492&tpd=AGWhJmuZmI9ui0Aqs2rCuzAqepOvdHOLZFwh_E9aEXPz_wAs0Q
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 74D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CLNV8eK1TYPOKMdXz3wPPtahA0bmgvWDm4LeIjQrb2R4QBCCqgMMiKAhg9ZXOgeAEoAGDvtTuA8gBBqkCH4hqndqtQz7gAgCoAwHIA5sEqgT9AU_QJuQpKgL7_VBnXJ5FzpyLcMC_v6IdMCYc_EvmLAdwfouSt5rE_M5clgmUhVGkrH62C-6bkO4p2pwuRcC37NEtybBar2JMgoLT_Nm2hwXXdov44HWKC0K6L6UvuI8I6IxojFA-juG0FcBskWG7brpkVY6QX0Jn9nH7_Blf8tG2y3NL8HNjuH4mww7FX6rvjpN_dx2FUyBhjslh6xrhpxfEWYdqkl4gtK-ZrzOgQHPskDUDweZe4k0JKJN_jrvc3pwqFGDPxbfdvf5_bfSGVkh_DBxfZO02YvnjuhoYEjhwrw7bFsL4xI0YkP2ytj3lfTYHtm6sg26yrN5ZRJvABIHtrLAb4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB-XBqxGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ_bIL0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi04Mzk0OTIzMDEwOTc4OTQ1gAoDyAsBwhMGGIO-1O4D2BMNiBQF0BUBgBcBshcaChgIABIUcHViLTU1MTIzOTA3MDUxMzc1MDc&sigh=Hoj_gQNIx5s&template_id=492&tpd=AGWhJmu8lB_MpW6uzpq9Z9TML2T-f2GLQYlwEHUItRsoNzxjrg
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 74D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ctcy7eK1TYPOKMdXz3wPPtahA7vLfqWHu5uadiQqWgs2FiBYQBSCqgMMiKAhg9ZXOgeAEoAGK1tPKA8gBBqkCs5V9nB4DtD7gAgCoAwHIA5sEqgSEAk_QA8nZOBzExeLUV-JK2pCac53ys6DKiy8l_UvmZEtye2JJ_LjY_Mpf3xyU3F6woG-1VqOXkqxEyuFRdNOk495hppNVom4O_PyfsL6dlBPacsuF0WGTDli9Oqou-pMI6otkhVcxheW3Gcxgn2WnuTtn1EyTmoh_yfiiycHzGtmFwXJM93ZjuHAuYp1K1TR0ARmRnIk_lsvuACOKEeELTJtPqHFp0h5kBVkaLzOgtYXnGLUHMBBd5ksL3WU8zrvcK2orNkDPMEHevf59mgKFVkh_-epdZe02qjXmac0fACiQScXKZ0UDAYUYkL1oJjj47FBb6eu2FkOx0Eluz3igzIqJ9x-0wATb3N34owLgBAGIBdeRnJAYkgUKCAMQARgBOgIIBZIFBAgEGAGSBQQIBRgEoAY3gAfeqaw1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEP2yC9IICQiA4YBAEAEYHfIIG2FkeC1zdWJzeW4tODM5NDkyMzAxMDk3ODk0NYAKA8gLAcITBhiK1tPKA9gTDYgUAdAVAYAXAbIXGgoYCAASFHB1Yi01NTEyMzkwNzA1MTM3NTA3&sigh=89-WNI5TzKA&template_id=492&tpd=AGWhJmsUuXYyvlguYdYQMsE5GLQuweLKf1EH6Rvz8hhtf9wy-g
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 74D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CzB2QeK1TYPOKMdXz3wPPtahA-6Pa5VuZuuLFpwmWgs2FiBYQBiCqgMMiKAhg9ZXOgeAEoAGxn5LEA8gBBqkCs5V9nB4DtD7gAgCoAwHIA5sEqgSGAk_QCd3WOBnExeLUV-JK2pCac53ys6DKiy8l_UvmZEtye2JJ_LjY_Mpf3xyU3F6woG-1VqOXkqxEyuFRdNOk495hppNVom4O_PyfsL6dlBPacsuF0WGTDli9Oqou-pMI6otkhVcxheW3Gcxgn2WnuTtn1EyT-ojVzfH8Sht98mROVxyUwE5tvHUiYTp-bgvdkpYbchKrNyUFj7ZP-huFpnDDVYaC0dFgtK8Z7zPkQHNkEDUHweZWZk8NKJM_irnc3pxoNGDPxbffnf59bfSGVkh9DBxeZO02X_7jaB8agjyRYcc1AdU33I34ljrWaAgg7OrkXDY-FI969zTDEYt_gr81XayWZerABLqTzOmBAuAEAZIFBAgEGAGSBQQIBRgEoAY3gAe34O07qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEP2yC9IICQiA4YBAEAEYHfIIG2FkeC1zdWJzeW4tODM5NDkyMzAxMDk3ODk0NYAKA8gLAcITBhixn5LEA9gTDIgUB9AVAYAXAbIXGgoYCAASFHB1Yi01NTEyMzkwNzA1MTM3NTA3&sigh=lxdxip1etwI&template_id=492&tpd=AGWhJmvtWZTkrgbaFq9JS-YFIAwwPoIHSDBT0AY_UTcZ_qLGYw
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 74D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CSxsTeK1TYPOKMdXz3wPPtahAh9eNomHV2-y4-Qz8wbWrrgEQByCqgMMiKAhg9ZXOgeAEoAGZra_YA8gBBqkCs5V9nB4DtD7gAgCoAwHIA5sEqgT8AU_QNprPOB7ExeLUV-JK2pCac53ys6DKiy8l_UvmZEtye2JJ_LjY_Mpf3xyU3F6woG-1VqOXkqxEyuFRdNOk495hppNVom4O_PyfsL6dlBPacsuF0WGTDli9Oqou-pMI6otkhVcxheW3Gcxgn2WnwThnlEyUkoj17FaUUOu3-uK8ynRM9XNjtnaHUIFPwTFgBH2U46dAuK_vZCKbEPAKK5w1r4Qq0hqRQiwZrzNVtnhkEDHyN-Va5E_83tA_jrspKJ0INGA6M7TdvfyIm_eGVkiK-h5eZO3-rvwwbR0KAtiWJ0zz9R09zI0Y0CciszocSnR6RX4YjyLYaufcxcAExv-t7JgD4AQBiAWCmcz1J5IFCggDEAEYAToCCAWSBQQIBBgBkgUECAUYBKAGN4AHhvLdJagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBD9sgvSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTgzOTQ5MjMwMTA5Nzg5NDWACgPICwHCEwYYma2v2APYEw2IFAHQFQGAFwGyFxoKGAgAEhRwdWItNTUxMjM5MDcwNTEzNzUwNw&sigh=1U2N5JjZXIQ&template_id=492&tpd=AGWhJmvzlPZT8GgjosQQ4b4DCGtIU-JL4rl6-RaMv_G3kTEi0w
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 74D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ce9OreK1TYPOKMdXz3wPPtahAzouvwmDokonHmg2i8OTVgh8QCCCqgMMiKAhg9ZXOgeAEoAHpufHHAsgBBqkCs5V9nB4DtD7gAgCoAwHIA5sEqgSGAk_QaeLZOBLExeLUV-JK2pCac53ys6DKiy8l_UvmZEtye2JJ_LjY_Mpf3xyU3F6woG-1VqOXkqxEyuFRdNOk495hppNVom4O_PyfsL6dlBPacsuF0WGTDli9Oqou-pMI6otkhVcxheW3Gcxgn2WnuTtn1EyTmohgyfiXg9Qo8jGN8nhN8HFmuHAgajzZWr7qmpYbcmKrLA4Fj61g-hvwpnDDI4Cf0V4kQejsrLOgtXAREz2HNOGr5U8N35DKjfvcK5_dN2LvMLQovv59mPVzVUh_-R-rZ-w2qv0qbB7IBzqAqSMyWCGFdIzVmFGtLQ137v_s15V3qZV62GytK4F_vsgvOaKWZerABN_rxZWpA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAf_xY64AagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBD9sgvSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTgzOTQ5MjMwMTA5Nzg5NDWACgPICwHCEwYY6bnxxwLYEw2IFATQFQGAFwGyFxoKGAgAEhRwdWItNTUxMjM5MDcwNTEzNzUwNw&sigh=lJEfPAfV2SQ&template_id=492&tpd=AGWhJmuHoCVRMOsT46KzPh3LDTYckDeDyeUro3929Ezkzb39Xw
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 74D8 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7dc1e23e30b5dfc5c8cdfd0d9699dfe5383e0c7d2a2fe29beb3d473ca45927f4

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 74D8 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 18:27:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:37 GMT
server
sffe
age
263774
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15872
x-xss-protection
0
expires
Tue, 15 Mar 2022 18:27:39 GMT
csi
csi.gstatic.com/ Frame BF0F 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kmfa7isc&c=3673274459425&slotId=1836637229712.5&qqid=CL3U9o3Nuu8CFf7juwgduW8G0Q&gqid=ea1TYPj6BtGQ7_UP17CW2Ac&fb=ima-html5&sdkv=h.3.447.1&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44729226&met.4=ghmsh_s.kmfa7j30~ghmsh_s.kmfa7j31&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=rXp-5YgnZysnzII7
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4002:801::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame BF0F 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CM1eVea1TYP2zCP7H7_UPud-ZiA2l0qDoYb2D5t-ADfS7q7KrCRABIOqa_Cdg9ZXOgeAEoAGcr_uoAsgBBeACAKgDAZgEAKoEkgJP0AM9oRCv2fTExEd8wwcFqV9htw2D6bQUZtEgF5fQrsuAAkgtdV-f5enq9W-xGPT9DN3K0Gn1CmiW5a0YGh4F7xp0R73Pwsfje3MB3MBXScaftGz5q7EUJKa1gKtcUVuoJdL3NqKhUKJuvab2UaU040z7AvyE8dZ9Ny2aZs_qLBx9Apq8hNy53V9L4cZ-zfajsKKRLQhT-lVqgqPHYSsJH-4Xi_lmOQcDX9hjALCUktSi4AfbOMCrNFgsRJWT8aUyqNt0D1lygOeaKgr-yQa74lGpl3-e65gErAcCLuwg_4pGXYgP4WZ7VKNnyRZu-87yllqETFzSRQFurRKrhRSZun44jU5cEZMCrjt73wb-prPWwAT5w6TEvwPgBAGgBlSAB8zQhNcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTgzOTQ5MjMwMTA5Nzg5NDWxCcgCX2Uj2yNqgAoDmAsByAsB0AsOuAwB2BMN0BUB4hYCCAGAFwE&sigh=a1dvqyatKmI&label=show_ad&acvw=&sdkv=h.3.447.1&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ0Njg3NzQ5OTgzNzIMNDk2NzUxODUyMzc3QM8CUh0QDyUAALBBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame BF0F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CNU7Cea1TYP2zCP7H7_UPud-ZiA2l0qDoYb2D5t-ADfS7q7KrCRABIOqa_Cdg9ZXOgeAEoAGcr_uoAsgBBeACAKgDAZgEAKoEjwJP0AM9oRCv2fTExEd8wwcFqV9htw2D6bQUZtEgF5fQrsuAAkgtdV-f5enq9W-xGPT9DN3K0Gn1CmiW5a0YGh4F7xp0R73Pwsfje3MB3MBXScaftGz5q7EUJKa1gKtcUVuoJdL3NqKhUKJuvab2UaU040z7AvyE8dZ9Ny2aZs_qLBx9Apq8hNy53V9L4cZ-zfajsKKRLQhT-lVqgqPHYSsJH-4Xi_lmOQcDX9hjALCUktSi4AfbOMCrNFgsRJWT8aUyqNt0D1lygOeaKgr-yQa74lGpl3-e65gErAcCLuwg_4pGXYgP4WZ7VKNnyRZu-87yllqETFzSRVlvXzmj77WXKLXPFBCziN-lIDDSeUjkwAT5w6TEvwPgBAGgBlSAB8zQhNcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RvYBwHyBwQQ-tsWqAgB0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi04Mzk0OTIzMDEwOTc4OTQ1gAoDyAsBwhMGGJyv-6gC2BMN0BUB4hYCCAGAFwGyFxoKGAgAEhRwdWItNTUxMjM5MDcwNTEzNzUwNw&sigh=ij323On3Wd8&cmd=Ch1jYS12aWRlby1wdWItNTUxMjM5MDcwNTEzNzUwNxAAGAI&vt=10&sdkv=h.3.447.1&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ0Njg3NzQ5OTgzNzIMNDk2NzUxODUyMzc3QM8CUh0QDyUAALBBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
hqdefault.jpg
i.ytimg.com/vi/i53AjFqkSic/ Frame BF0F 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/i53AjFqkSic/hqdefault.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bbaf85ccece0099002a190bb3790357b82142b6fe0506c1e222cee8984e6ff2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:42 GMT
x-content-type-options
nosniff
server
sffe
age
11
etag
"0"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7935
x-xss-protection
0
expires
Thu, 18 Mar 2021 21:43:42 GMT
truncated
/ Frame BF0F 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 797B 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vymaps.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://vymaps.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Thu, 18 Mar 2021 15:12:08 GMT
expires
Fri, 18 Mar 2022 15:12:08 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
16305
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1
serving.stat-rock.com/v1/log/js/ 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1616096632793.1394&type=LOADED&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fvymaps.com%2FBR%2FParana-Banco-S-a-Jardim-Paulistano-1134816926595973%2F&t=899&v=82.opt&width=480&z=p%3Adf%3Bv%3AinBanner%3Bc%3Agoogima%3B&r=0.31322658417993865
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin
https://vymaps.com
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:53 GMT
server
nginx
srvb
127.0.0.1:8082
access-control-max-age
86400
content-type
image/gif
access-control-allow-origin
*
srvf
78.140.185.32
content-length
35
csi
csi.gstatic.com/ 		0
318 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kmfa7inv&c=3673274459425&slotId=1836637229712.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4002:801::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BF0F 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.447.1&e=44729226&id=ima_html5&c=2002325534646289&domain=vymaps.com
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:53 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 19:43:53 GMT
videoplayback
r2---sn-4g5ednek.googlevideo.com/
Redirect Chain
  • https://r2---sn-1gieen7e.googlevideo.com/videoplayback?expire=1616125433&ei=ea1TYMzaFM_K1gKp1afwCw&ip=185.156.175.187&id=8b9dc08c5aa44a27&itag=22&source=youtube&requiressl=yes&mh=sn&mm=31&mn=sn-1gi...
  • https://r2---sn-4g5ednek.googlevideo.com/videoplayback?expire=1616125433&ei=ea1TYMzaFM_K1gKp1afwCw&ip=185.156.175.187&id=8b9dc08c5aa44a27&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&cti...
719 KB
720 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5ednek.googlevideo.com/videoplayback?expire=1616125433&ei=ea1TYMzaFM_K1gKp1afwCw&ip=185.156.175.187&id=8b9dc08c5aa44a27&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=21.130&lmt=1612700569107278&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAP0Whv74tjGG3TfgEbfnGrTzVTH15u2gVTYeua2kM3cjAiEA9EqOuKOau54AGrY6GvqE9O24y4eD_3Nv7AgwfZE1o-c=&cpn=rXp-5YgnZysnzII7&redirect_counter=1&rm=sn-1gies7l&req_id=b43f603a584436e2&cms_redirect=yes&ipbypass=yes&mh=sn&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednek&ms=au&mt=1616096460&mv=m&mvi=2&pl=47&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgN3nEBkSTAm61lEqUzsjMsqazGXxC6EaoQvRGfPcG5ZkCIEvmCa9-fM9WbRVWXs4PaV74lmSTYvXy0zYHy_2A4S3r
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:53::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
9005b1572402e9923bb99215d054f12e24a60b61293c00dd8337a1d19534d454
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:43:53 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 07 Feb 2021 12:22:49 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-736291/736292
Cache-Control
private, max-age=28500
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
736292
Expires
Thu, 18 Mar 2021 19:43:53 GMT

Redirect headers

Date
Thu, 18 Mar 2021 19:43:53 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/html
Location
https://r2---sn-4g5ednek.googlevideo.com/videoplayback?expire=1616125433&ei=ea1TYMzaFM_K1gKp1afwCw&ip=185.156.175.187&id=8b9dc08c5aa44a27&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=21.130&lmt=1612700569107278&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAP0Whv74tjGG3TfgEbfnGrTzVTH15u2gVTYeua2kM3cjAiEA9EqOuKOau54AGrY6GvqE9O24y4eD_3Nv7AgwfZE1o-c=&cpn=rXp-5YgnZysnzII7&redirect_counter=1&rm=sn-1gies7l&req_id=b43f603a584436e2&cms_redirect=yes&ipbypass=yes&mh=sn&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednek&ms=au&mt=1616096460&mv=m&mvi=2&pl=47&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgN3nEBkSTAm61lEqUzsjMsqazGXxC6EaoQvRGfPcG5ZkCIEvmCa9-fM9WbRVWXs4PaV74lmSTYvXy0zYHy_2A4S3r
Cache-Control
private, max-age=900
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
Expires
Thu, 18 Mar 2021 19:43:53 GMT
q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js
pagead2.googlesyndication.com/bg/ Frame 797B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 06:31:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
47531
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5697
x-xss-protection
0
expires
Fri, 18 Mar 2022 06:31:42 GMT
syncframe
gum.criteo.com/ Frame EAC9 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=vymaps.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=vymaps.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vymaps.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://vymaps.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1527
date
Thu, 18 Mar 2021 19:43:53 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:53 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 19:43:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031501&jk=3739828141085810&bg=!g4ClgMTNAAbUo7L91KM7ACkAdvg8WtIRVtIYEMNT2m2hQ9vjesTrZ4YV9K19KcTL95CRBVBs6w1PpAIAAABtUgAAAAtoAQcKAX5gAIRF5ypNovH02CIjOhfu1u26BSbK8lSk9NOU4Vg2r4NPZ4aXZxl1GfZpDckUrfaDFX6M2osp1itzwHb-URykNVnBUzct-yy2XGI2Jg6xNJErO2ql20nJXyjCNnrEhsKZFURzGcEs2jVeZJoUXNXf8YadK7fMXW4n5iw8tM-GgEJoGHu7LBD1VQzAlByZMgzMZtAnhTh3L2vG4cUzyll4nbqUlqrg2vvUm18DBw4wsqb226P1oI153BAE3zCW-d8ZlrBO5Duqb3XZFKUvpSU6bhRGOzJF07mmH9ZADtP9qEcTEe38HnHWfjL1R_2Y1yI7T_5FIaSkn3AG9-vScnaryJX8DS71yGkucam-onAMgKgWKsIvJ0pOENsqQhjfzx6zrkhtW09tY-l2I5yBqtoxB37knnESRNyBSrJmPgaeRL80PZXkYqcyoGeWUtKuUYdVob_NvJAhQMXYON1F8YAyYbA5qbBg31uEAn_f5vA1TVWeD_l7ygiLV7XI2_DjmQHEJb3H0OhvzU1X3y-tr2qNE_uKaoJliG6fmKXOk78JaZMpoTzjnmBCf4ys-vqr3EuNx-YDOneFZwhQPfs2AUNlwsHxoAbs-si_vJjT8k4yPaBtyfwKtYFt-m70PN4s_RtSytTvwkZ6wyXHUlvkAocMFmhN6ArDDAK2DB_Ir3fg0fgFiQ7yvihhlZXOcjqiou7UQdrRxVyV0aleKhpoWOqVy8cX4qWG2Zad0mzLb4rcEPqOHsAFQYLfBMB7gYrulA4FL78gOfh2ZGIpuy8BO-hhvypPFUHXYq8g6_Slf3TTMEi8bomNZzUfycN0Gt3Ivu-LuP1Z61DUv2vgjps9kL_4uysUQJ50CU5pZj5Wjnn10pjK7NW-r351VgUTCRQ426XMOjuPJVCC0wtXM32a9QefmrMhQ92BuMIjNyHJNeo6gM_ygslj-LrN6azKIF8S8ZeQ22QodhwtHnYl4JOqa8dlNGOEZFg7GF_nYaXMylBlhQc2nIFQEgwEZUOR7QtBOlunJ4M3uXat1iLbjE8E_vg9Lb44tvlimHiGUkcLgP6GMGmCfWdBRb2_uK0XbVuuTDSR_VrLnFS8iSZfeLyrYc-h2tz15Tg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame BF0F 		42 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CM1eVea1TYP2zCP7H7_UPud-ZiA2l0qDoYb2D5t-ADfS7q7KrCRABIOqa_Cdg9ZXOgeAEoAGcr_uoAsgBBeACAKgDAZgEAKoEkgJP0AM9oRCv2fTExEd8wwcFqV9htw2D6bQUZtEgF5fQrsuAAkgtdV-f5enq9W-xGPT9DN3K0Gn1CmiW5a0YGh4F7xp0R73Pwsfje3MB3MBXScaftGz5q7EUJKa1gKtcUVuoJdL3NqKhUKJuvab2UaU040z7AvyE8dZ9Ny2aZs_qLBx9Apq8hNy53V9L4cZ-zfajsKKRLQhT-lVqgqPHYSsJH-4Xi_lmOQcDX9hjALCUktSi4AfbOMCrNFgsRJWT8aUyqNt0D1lygOeaKgr-yQa74lGpl3-e65gErAcCLuwg_4pGXYgP4WZ7VKNnyRZu-87yllqETFzSRQFurRKrhRSZun44jU5cEZMCrjt73wb-prPWwAT5w6TEvwPgBAGgBlSAB8zQhNcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTgzOTQ5MjMwMTA5Nzg5NDWxCcgCX2Uj2yNqgAoDmAsByAsB0AsOuAwB2BMN0BUB4hYCCAGAFwE&sigh=a1dvqyatKmI&label=video_ad_loaded&acvw=&sdkv=h.3.447.1&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ0Njg3NzQ5OTgzNzIMNDk2NzUxODUyMzc3QM8CUh0QDyUAANhBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame BF0F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Mar 2022 19:41:25 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame BF0F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CNU7Cea1TYP2zCP7H7_UPud-ZiA2l0qDoYb2D5t-ADfS7q7KrCRABIOqa_Cdg9ZXOgeAEoAGcr_uoAsgBBeACAKgDAZgEAKoEjwJP0AM9oRCv2fTExEd8wwcFqV9htw2D6bQUZtEgF5fQrsuAAkgtdV-f5enq9W-xGPT9DN3K0Gn1CmiW5a0YGh4F7xp0R73Pwsfje3MB3MBXScaftGz5q7EUJKa1gKtcUVuoJdL3NqKhUKJuvab2UaU040z7AvyE8dZ9Ny2aZs_qLBx9Apq8hNy53V9L4cZ-zfajsKKRLQhT-lVqgqPHYSsJH-4Xi_lmOQcDX9hjALCUktSi4AfbOMCrNFgsRJWT8aUyqNt0D1lygOeaKgr-yQa74lGpl3-e65gErAcCLuwg_4pGXYgP4WZ7VKNnyRZu-87yllqETFzSRVlvXzmj77WXKLXPFBCziN-lIDDSeUjkwAT5w6TEvwPgBAGgBlSAB8zQhNcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RvYBwHyBwQQ-tsWqAgB0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi04Mzk0OTIzMDEwOTc4OTQ1gAoDyAsBwhMGGJyv-6gC2BMN0BUB4hYCCAGAFwGyFxoKGAgAEhRwdWItNTUxMjM5MDcwNTEzNzUwNw&sigh=ij323On3Wd8&cmd=Ch1jYS12aWRlby1wdWItNTUxMjM5MDcwNTEzNzUwNxAAGAI&tpd=AGWhJmtrnKmdX3yjGsGm7pPSoS7vaLj6WcLw67jmp7oulQuKTA&sdkv=h.3.447.1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame BF0F 		42 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGjRyea1TYP2zCP7H7_UPud-ZiA2l0qDoYb2D5t-ADfS7q7KrCRABIOqa_Cdg9ZXOgeAEoAGcr_uoAsgBBeACAKgDAZgEAKoEjwJP0AM9oRCv2fTExEd8wwcFqV9htw2D6bQUZtEgF5fQrsuAAkgtdV-f5enq9W-xGPT9DN3K0Gn1CmiW5a0YGh4F7xp0R73Pwsfje3MB3MBXScaftGz5q7EUJKa1gKtcUVuoJdL3NqKhUKJuvab2UaU040z7AvyE8dZ9Ny2aZs_qLBx9Apq8hNy53V9L4cZ-zfajsKKRLQhT-lVqgqPHYSsJH-4Xi_lmOQcDX9hjALCUktSi4AfbOMCrNFgsRJWT8aUyqNt0D1lygOeaKgr-yQa74lGpl3-e65gErAcCLuwg_4pGXYgP4WZ7VKNnyRZu-87yllqETFzSRVlvXzmj77WXKLXPFBCziN-lIDDSeUjkwAT5w6TEvwPgBAGgBlSAB8zQhNcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTgzOTQ5MjMwMTA5Nzg5NDWACgPICwHYEw3QFQHiFgIIAYAXAQ&sigh=WPvjfyKDRDA&cmd=Ch1jYS12aWRlby1wdWItNTUxMjM5MDcwNTEzNzUwNxAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D889%26cb%3Dj%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D869,825,1149,1305%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D21060%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D552%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D239139568%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1616096633871%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.07%26t%3D1616096633601&sdkv=h.3.447.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ0Njg3NzQ5OTgzNzIMNDk2NzUxODUyMzc3QM8CUiAQDyUAANhBKAE6B3Vua25vd25CB3Vua25vd25IygJQABgB
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BF0F 		42 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttR8FmCxV9tzcUlzEA64_fFjK8uzaGz7NDa1khhoXenxgU8eUoOuYw_KJ6FxRlP_VhoonrnmzXcMgqwmE-uHapEhs8hOoxUhGrzr91DqbLTbU4yWrz52wQLSGM6w&sai=AMfl-YQeDXpis1DEAv6sFWiCMCiSFHbBNhkXJ62OI8UG9s5sU9LncYY1DYr9CBKeCcChtumHAm1SHsi1yeMwGg09pg0za04o0hTlrK6meIIH7Z2bLJrGt32a6KVHD5QLRCKT&sig=Cg0ArKJSzDf6vyiMO4X7EAE&cid=CAASPeRoRaZLO8Osugo3TTVMuXYtbkMDrsgPidmyCowZU-PigsLSiub2p2KVItp1sf375f1oHgcNYtDzvzTShyU&id=lidarv&acvw=sv%3D889%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D869,825,1149,1305%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D21060%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D552%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D239139568%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1616096633873%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.07%26t%3D1616096633601&avm=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame BF0F 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGjRyea1TYP2zCP7H7_UPud-ZiA2l0qDoYb2D5t-ADfS7q7KrCRABIOqa_Cdg9ZXOgeAEoAGcr_uoAsgBBeACAKgDAZgEAKoEjwJP0AM9oRCv2fTExEd8wwcFqV9htw2D6bQUZtEgF5fQrsuAAkgtdV-f5enq9W-xGPT9DN3K0Gn1CmiW5a0YGh4F7xp0R73Pwsfje3MB3MBXScaftGz5q7EUJKa1gKtcUVuoJdL3NqKhUKJuvab2UaU040z7AvyE8dZ9Ny2aZs_qLBx9Apq8hNy53V9L4cZ-zfajsKKRLQhT-lVqgqPHYSsJH-4Xi_lmOQcDX9hjALCUktSi4AfbOMCrNFgsRJWT8aUyqNt0D1lygOeaKgr-yQa74lGpl3-e65gErAcCLuwg_4pGXYgP4WZ7VKNnyRZu-87yllqETFzSRVlvXzmj77WXKLXPFBCziN-lIDDSeUjkwAT5w6TEvwPgBAGgBlSAB8zQhNcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTgzOTQ5MjMwMTA5Nzg5NDWACgPICwHYEw3QFQHiFgIIAYAXAQ&sigh=WPvjfyKDRDA&cmd=Ch1jYS12aWRlby1wdWItNTUxMjM5MDcwNTEzNzUwNxAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D889%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D869,825,1149,1305%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D21060%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D552%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D239139568%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1616096633876%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.07%26t%3D1616096633601&sdkv=h.3.447.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ0Njg3NzQ5OTgzNzIMNDk2NzUxODUyMzc3QM8CUiAQDyUAANhBKAE6B3Vua25vd25CB3Vua25vd25IygJQABgB
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BF0F 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.447.1&e=44729226&id=ima_html5&c=2002325534646289&domain=vymaps.com
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame BF0F 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGjRyea1TYP2zCP7H7_UPud-ZiA2l0qDoYb2D5t-ADfS7q7KrCRABIOqa_Cdg9ZXOgeAEoAGcr_uoAsgBBeACAKgDAZgEAKoEjwJP0AM9oRCv2fTExEd8wwcFqV9htw2D6bQUZtEgF5fQrsuAAkgtdV-f5enq9W-xGPT9DN3K0Gn1CmiW5a0YGh4F7xp0R73Pwsfje3MB3MBXScaftGz5q7EUJKa1gKtcUVuoJdL3NqKhUKJuvab2UaU040z7AvyE8dZ9Ny2aZs_qLBx9Apq8hNy53V9L4cZ-zfajsKKRLQhT-lVqgqPHYSsJH-4Xi_lmOQcDX9hjALCUktSi4AfbOMCrNFgsRJWT8aUyqNt0D1lygOeaKgr-yQa74lGpl3-e65gErAcCLuwg_4pGXYgP4WZ7VKNnyRZu-87yllqETFzSRVlvXzmj77WXKLXPFBCziN-lIDDSeUjkwAT5w6TEvwPgBAGgBlSAB8zQhNcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTgzOTQ5MjMwMTA5Nzg5NDWACgPICwHYEw3QFQHiFgIIAYAXAQ&sigh=WPvjfyKDRDA&cmd=Ch1jYS12aWRlby1wdWItNTUxMjM5MDcwNTEzNzUwNxAAGAI&label=admute&ad_mt=0&acvw=sv%3D889%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D869,825,1149,1305%26tos%3D23,0,0,0,0%26mtos%3D23,23,23,23,23%26amtos%3D0,0,0,0,0%26mcvt%3D23%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D23%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D23%26pst%3D-1%26dur%3D21060%26vmtime%3D-1%26dvs%3D23%26dfvs%3D23%26dvpt%3D23%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D552%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D239139568%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1616096633887%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,23&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.07%26t%3D1616096633601&sdkv=h.3.447.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ0Njg3NzQ5OTgzNzIMNDk2NzUxODUyMzc3QM8CUiAQDyUAANhBKAE6B3Vua25vd25CB3Vua25vd25IygJQABgB
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52f714c3f78011bc97493a37219e75e9edf220b7e9de5e7c3f40d6644c7a3232

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		441 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fab90b20a6be53c102880f2f8ab5e73e7bd5848490bb42745de18a576d13fdd3

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		674 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a59e8d8491b501831dd2cb45a4ef16eb2aa3c8c52a80d185d39e257917472bd7

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
1
serving.stat-rock.com/v1/log/js/ 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1616096632793.1394&type=STARTED&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=IMA&u=https%3A%2F%2Fvymaps.com%2FBR%2FParana-Banco-S-a-Jardim-Paulistano-1134816926595973%2F&t=1219&v=82.opt&width=480&z=p%3Adf%3Bv%3AinBanner%3Bc%3Agoogima%3B&r=0.9756779040138055
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin
https://vymaps.com
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:53 GMT
server
nginx
srvb
127.0.0.1:8082
access-control-max-age
86400
content-type
image/gif
access-control-allow-origin
*
srvf
78.140.185.32
content-length
35
1
serving.stat-rock.com/v1/log/js/ 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1616096632793.1394&type=IMPRESSION&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fvymaps.com%2FBR%2FParana-Banco-S-a-Jardim-Paulistano-1134816926595973%2F&t=1220&v=82.opt&width=480&z=p%3Adf%3Bv%3AinBanner%3Bc%3Agoogima%3B&r=0.5900338926043973
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin
https://vymaps.com
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:53 GMT
server
nginx
srvb
127.0.0.1:8082
access-control-max-age
86400
content-type
image/gif
access-control-allow-origin
*
srvf
78.140.185.32
content-length
35
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012101070013000/ Frame A800 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
119071
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53820
x-xss-protection
0
server
sffe
date
Wed, 17 Mar 2021 10:39:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee5348f2de7cdf64"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 10:39:22 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame A800 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
119071
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Wed, 17 Mar 2021 10:39:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 10:39:22 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame A800 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
119071
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Wed, 17 Mar 2021 10:39:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 10:39:22 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame A800 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
119072
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Wed, 17 Mar 2021 10:39:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 10:39:21 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame A800 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
119071
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Wed, 17 Mar 2021 10:39:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 10:39:22 GMT
css
fonts.googleapis.com/ Frame A800 		6 KB
691 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e47a27d91c2487289d6607ee10d7cb7b31944a5ed3ff5ffc86ec8526e9374af0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Mar 2021 19:13:35 GMT
server
ESF
date
Thu, 18 Mar 2021 19:43:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Mar 2021 19:43:53 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/17000995938453099090/ Frame A800 		185 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17000995938453099090/downsize_200k_v1
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dc94345d16989d047afacd8eda3677bc5a3cc46cd330e4c03ddac5aa5f16a98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 08:46:49 GMT
x-content-type-options
nosniff
age
39424
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
189056
x-xss-protection
0
last-modified
Tue, 27 Oct 2020 12:16:19 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Mar 2022 08:46:49 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/16978573578475526454/ Frame A800 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16978573578475526454/downsize_200k_v1?w=100&h=100
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
024196ff47e620c1e0164da3573b4ef81956ee0664df5bfe9f6e2431b55b40b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 04:36:27 GMT
x-content-type-options
nosniff
age
140846
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2865
x-xss-protection
0
last-modified
Tue, 27 Oct 2020 10:19:06 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 04:36:27 GMT
truncated
/ Frame A800 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A800 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73f5f00a595a534c43e2bf470375be89ad32a37625e5d38552a91572641a225e

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A800 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Mar 2021 19:41:52 GMT
x-content-type-options
nosniff
server
cafe
age
121
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2886
x-xss-protection
0
expires
Fri, 19 Mar 2021 19:41:52 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A800 		344 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Mar 2021 09:05:22 GMT
x-content-type-options
nosniff
server
cafe
age
38311
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 19 Mar 2021 09:05:22 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A800 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CJpwhea1TYMicCpqs3gORwobYCZ_wtOxhwvKMhKYMloLNhYgWEAEgqoDDImD1lc6B4ASgAYjQ1LkDyAEJqQKxngu78hOyPuACAKgDAcgDCqoEgwJP0MkO1ybC8gLrAOK2dIoX-NrI7O9Hdj0Mn0YsYm5XktM1D8ceIeY5LRztR2nFrfwGTscX5z9iQO716OWKL8BbzFvV_HAh5-OftfZAqwMYVm4d-v8ggTcLZMPj81fINciXfktlIxoOQBELVcawlXJf8gUZwbENfAPALiNyOs_G1dfRG3_ExaUpEWF2MAPqlo1518IQGiQcBTa0ho1ZjShBQFIxUlrJNZq_A2_rWzu9TjPy2py4DrKiTl6ucgYDHDHygbtwGeMnTHbGSPggsAkGD95VEXlS9m6Dm-YLVd4QqPGVWUmghUJyKOjBgp7lObpycvMbYFGpKE_MZGH45MPE5-DJwASih6uwiQPgBAGSBQQIBBgBkgUECAUYBKAGLoAH4K-rRqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDK4hjSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTgzOTQ5MjMwMTA5Nzg5NDWACgPICwHYEw2IFA2yFxoKGAgAEhRwdWItNTUxMjM5MDcwNTEzNzUwNw&sigh=qxFGfeYkn44&template_id=484&tpd=AGWhJmuPVnd5rhlEoOd9tdwUDAx26fAn8bFwta-DwyQfuOwRiw
Requested by
Host: vymaps.com
URL: https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 3545 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/hhrtBw21.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://imasdk.googleapis.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://imasdk.googleapis.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8727
date
Fri, 12 Mar 2021 19:00:47 GMT
expires
Sat, 12 Mar 2022 19:00:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
520986
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A800 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://vymaps.com
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:41:50 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:55 GMT
server
sffe
age
75723
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15784
x-xss-protection
0
expires
Thu, 17 Mar 2022 22:41:50 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A800 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://vymaps.com
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 19:52:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
age
85882
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
expires
Thu, 17 Mar 2022 19:52:31 GMT
1
serving.stat-rock.com/v1/log/js/ 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1616096632793.1394&type=VIEWED_0&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&typeA=PRE&contentTypeA=VIDEO&u=https%3A%2F%2Fvymaps.com%2FBR%2FParana-Banco-S-a-Jardim-Paulistano-1134816926595973%2F&t=1336&v=82.opt&width=480&z=p%3Adf%3Bv%3AinBanner%3Bc%3Agoogima%3B&r=0.379322673664658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin
https://vymaps.com
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:54 GMT
server
nginx
srvb
127.0.0.1:8082
access-control-max-age
86400
content-type
image/gif
access-control-allow-origin
*
srvf
78.140.185.32
content-length
35
kkn9n4GD9OXgriPD4kOG_dPH557D54jLHxFIPOGmCpU.js
pagead2.googlesyndication.com/bg/ Frame 3545 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/kkn9n4GD9OXgriPD4kOG_dPH557D54jLHxFIPOGmCpU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9249fd9f8183f4e5e0ae23c3e24386fdd3c7e79ec3e788cb1f11483ce1a60a95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 10:41:24 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
32550
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5656
x-xss-protection
0
expires
Fri, 18 Mar 2022 10:41:24 GMT
playback
s.youtube.com/api/stats/ Frame 8BCB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/playback?ns=yt&fexp=44729226&el=adunit&cpn=rXp-5YgnZysnzII7&docid=i53AjFqkSic&ver=2&cmt=0.193&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fvymaps.com%2F&len=21.060&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=19&rtn=10
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::65 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame BF0F 		0
44 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kmfa7j5f&c=3673274459425&slotId=1836637229712.5&qqid=CL3U9o3Nuu8CFf7juwgduW8G0Q&gqid=ea1TYPj6BtGQ7_UP17CW2Ac&fb=ima-html5&sdkv=h.3.447.1&mrd=4&aab=1&itv=1&met.4=ghmsh_s.kmfa7j5h~vss_tr.ha~vss_pp.xu
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4002:801::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
21 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kmfa7j75&c=3673274459425&slotId=1836637229712.5&ps=0x0&met.4=hvd_lc.kmfa7j75~hvd_ad.kmfa7j75~hvd_mad.kmfa7j75~hvd_admu.kmfa7j75~hvd_src.kmfa7j75
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4002:801::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3545 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.447.1&bgai=BeMSVea1TYP2zCP7H7_UPud-ZiA0AAAAAOAG6BRMIuJv1jc267wIVUci7CB1XmAV7&bg=!bm2lbSnNAAbUo7L91KM7ACkAdvg8Wtq1rdBTytknOP8hwDE3OfWPzpco4wNP8_Kbb972qsw3J-dmBAIAAACCUgAAAAxoAQcKAKTpB8F2PdbDScq0ex4i0i2OIV9wfBLvDpr9Ncj3k5FR8pqrRZLu8cy_JK3iUDtEClwMZ-RrXD_znYQMTAcQDPW7y6V7Ly-nD-5LMdsjpA_YnF9_WEE3i4ew7BaOSwRzxXqF41S9KT6ukGdOG01MwN8vA3XVM4d1zVKla-9fJoex9BMfrfDdF26YxBJjWxwt69zP0EhHJmGFUUitX-vaohVX0FFCx5kB5dSgw6--uLYHnOcAywFjj12x5RDhxEf8F6aEw1POWRxwAY6sD6GigMZ65FKPzcQ7lZ8h5FUVGBtsOmGqbUjnbHnaCC17xTFrjhNrzUiCawHym7xBLqUQ5GE7qPn53v7VD8D9TzoQXlSudSryMcnoc9NzNPbjkYvVD8qWecyow2nRdGLDw_ys11tWKIZvnHwn0dE2xg6HPNDmGC0atZMd01QwLNOKnfIE6XMb5dmmFg120yZcAJhVNew-0SNWH5ENReqsi5HLbJwVKtQD4i4sC98B5T0EdnsXlVzb3W3kOheoJrPP4L1havwlRWZuQvANSgXK0IP2gHDWbO8iMzNSAxMRu86IfOXUw6bjHurItEHx_Lzr6lYQE8fof5N7xmQUay3ymN-I4QkwShjlIPR6GmWYOBfjzwhHc1dv_tbJyEgnU95CC5xQyrRvqdrTsxxrkv3ianoXV5MUo4gIQcaCVgwOMItW0TItJ-Q5WhNBriCvk_xnu8wCruaRDY6c4mQi0m72xepmKNW4TMTqZxEYdJJyC1eb8zr6C5nGbxNk7YQpfOH5MGwmzHWhTLWf2_J1Lw6ejL5esqTK8Ho39c_TuncywaYmbJp-pzLFugTyc57VEdWjnUXaKWYS2H-W3DQ7HKAgJ1I6
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 5821 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vymaps.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://vymaps.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Thu, 18 Mar 2021 19:43:52 GMT
expires
Fri, 18 Mar 2022 19:43:52 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
86645057ba4817bae9835c203c8960c4.js
www.gstatic.com/mysidia/ Frame 5821 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/86645057ba4817bae9835c203c8960c4.js?tag=client_fast_engine_2019
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
393c0a39f41e5b14bdc33e5f5093a0d3ee0fb50eb4043d35e8a1995b5d2dd371
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 11:21:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 Mar 2021 03:37:36 GMT
server
sffe
age
30124
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2784
x-xss-protection
0
expires
Wed, 16 Jun 2021 11:21:50 GMT
3aa3fb99195f3894d7dec54cc5b479a1.js
www.gstatic.com/mysidia/ Frame 5821 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
677344a87e7abb166df42f9a2ceb8b02a66936840d76889e2506bc6524a8d2b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 15:32:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Mar 2021 09:49:38 GMT
server
sffe
age
187884
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3798
x-xss-protection
0
expires
Mon, 14 Jun 2021 15:32:30 GMT
css
fonts.googleapis.com/ Frame 5821 		2 KB
599 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Mar 2021 19:11:21 GMT
server
ESF
date
Thu, 18 Mar 2021 19:43:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Mar 2021 19:43:54 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 5821 		2 KB
988 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:40:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
891
x-xss-protection
0
server
cafe
etag
8551179781376740118
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Apr 2021 19:40:59 GMT
6248eab49cfd09ff78cd9d1acc91b01c.js
www.gstatic.com/mysidia/ Frame 5821 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6248eab49cfd09ff78cd9d1acc91b01c.js?tag=analytics_pingback_2019
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa388a51fe3addb4ba88cb62bcc412cfce9417210198fbb269a1d1ac75e490ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 18:15:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Mar 2021 03:13:35 GMT
server
sffe
age
264500
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1296
x-xss-protection
0
expires
Sun, 13 Jun 2021 18:15:34 GMT
enabler_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/mysidia/ Frame 5821 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/mysidia/enabler_fy2019.js
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11776a02549cb7f5387e0635ffddf291e6a935f912058d075e1c686259b8bf1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 18:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2773
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1609
x-xss-protection
0
server
cafe
etag
7970124482520132131
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Apr 2021 18:57:41 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 5821 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:39:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7120
x-xss-protection
0
server
cafe
etag
15132876316592709121
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Apr 2021 19:39:39 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 5821 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:41:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
158
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Apr 2021 19:41:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5821 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Thu, 18 Mar 2021 19:43:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 5821 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5991
x-xss-protection
0
server
cafe
etag
8832118191516519848
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Apr 2021 19:43:02 GMT
957c89dfc9e78dd5a0a3956da91f5358.js
www.gstatic.com/mysidia/ Frame 5821 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 10:35:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Mar 2021 03:13:35 GMT
server
sffe
age
32934
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10839
x-xss-protection
0
expires
Wed, 16 Jun 2021 10:35:00 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 5821 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQLxhELE048bakBIkkQUXBv7jn2ny727axSmi62XHS891bjJjadZjUdzGbOkV4&usqp=CAI
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f50cc663449462859420593b729f41a1ff3638b4461de30050d6adbc507f2602
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 05:12:41 GMT
x-content-type-options
nosniff
last-modified
Wed, 20 Nov 2019 11:11:46 GMT
server
sffe
age
52273
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18165
x-xss-protection
0
expires
Fri, 18 Mar 2022 05:12:41 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 5821 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQ_fLDFdoc9KAtc33B_sdsDPGfsNUDawVValWC1QBv4XszlBgWF_2nYR4Kw1pM&usqp=CAI
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
577421ce333170329437a2889557a5fd04bfd5237d9e9dc16d9a675c781169e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:23:13 GMT
x-content-type-options
nosniff
last-modified
Wed, 12 Jun 2019 09:17:20 GMT
server
sffe
age
602441
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15468
x-xss-protection
0
expires
Fri, 11 Mar 2022 20:23:13 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 5821 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTBAW5Nip7Rn4XvFasFJbIY6jK-x2RKQfCx4qXvlXLeh0YktqNuYz1pRFyPnA&usqp=CAI
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
415c91ff601b858a9997389a8d10ebbed5d71c78318dd2f9518f6137a1f09e83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 11:32:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 May 2020 07:27:09 GMT
server
sffe
age
461456
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43834
x-xss-protection
0
expires
Sun, 13 Mar 2022 11:32:58 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 5821 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSUxgFcKJMBl1Kh7pnm7Sljvc2YAMWEwrtieWjynWx8MmOOeWAmOCpQMAGU9SU&usqp=CAI
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7460a80706fd2a5bfd0aa9d6ee5de0a81941a9cc1dc02962b6f2caa2d3d03fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 06:03:01 GMT
x-content-type-options
nosniff
last-modified
Fri, 17 May 2019 08:07:35 GMT
server
sffe
age
567653
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22700
x-xss-protection
0
expires
Sat, 12 Mar 2022 06:03:01 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 5821 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSxZmwu1Azmcpbh-5J4rgo5O40l6c3G31_GPnEWIdPip4iw0K_IwxJBlt1Gow&usqp=CAI
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a654597d3e7f218e69d41dc01dfc5819782705e8608a4263db54d185a25da225
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 07:53:51 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 May 2019 07:31:39 GMT
server
sffe
age
561003
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14781
x-xss-protection
0
expires
Sat, 12 Mar 2022 07:53:51 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 5821 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSmYFnST2E5H_AcZicl7tOEcbj39eUl5IDbkbXruRQxhqE4MsB50jjlrHKVdg&usqp=CAI
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cab4de1078adaacfae986bd8b6f86d4b71e1d85af41f99a1a6a7dc89e32512b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 11:04:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 11 Oct 2020 09:22:01 GMT
server
sffe
age
463179
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24111
x-xss-protection
0
expires
Sun, 13 Mar 2022 11:04:15 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 5821 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTVxnrarcGBCxzJRass8FhiMo1DUxtoaPaUp3D3_qxX9n9ffam5BehtzfqxHg&usqp=CAI
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0967cf1e69f29a627ac161e46eae701f97f2199abf98c70409578ed7bd184771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 06:34:34 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Aug 2019 07:42:06 GMT
server
sffe
age
47360
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23084
x-xss-protection
0
expires
Fri, 18 Mar 2022 06:34:34 GMT
truncated
/ Frame 5821 		358 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab103b78b0000b1b51f2eac11be2a925823e2c0eaa336c3c277486cb393dfddd

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
shopping
encrypted-tbn2.gstatic.com/ Frame 5821 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcS2_WE4r-Oc6dQzyz6uQySmBzJF4MArNG8PXDP-eFrGkQyUTKzu_58csL8whw&usqp=CAI
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f4218e52d8e82f75c9f9a1436fde2f05eb743b58aae5700372aebcb8a01643f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 20:32:40 GMT
x-content-type-options
nosniff
last-modified
Fri, 17 May 2019 07:59:30 GMT
server
sffe
age
256274
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17285
x-xss-protection
0
expires
Tue, 15 Mar 2022 20:32:40 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 5821 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQ9bSfegR7lPgnqZeQFBAFKFZPHnnmlRs4HRSPJewZOHWfbtoTaCJ7Ld3ag9A&usqp=CAI
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cf669457b26696a284b598af8f97011be1f84a2072dc75a56dca30bf50c5d19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 21:50:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 Dec 2020 09:24:05 GMT
server
sffe
age
597189
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26773
x-xss-protection
0
expires
Fri, 11 Mar 2022 21:50:45 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 5821 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSMGiKrP8EH9NLAjIb-AqEyKm7JCgn9-zKs2yKEB9ndRUhTCPSKdEOGFMPFW78&usqp=CAI
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d8c0279f591db1b173de5f4783736805aa5fa74dfa07d538b1f9636cb00ab0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 06:59:40 GMT
x-content-type-options
nosniff
last-modified
Sat, 20 Apr 2019 04:37:18 GMT
server
sffe
age
45854
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32450
x-xss-protection
0
expires
Fri, 18 Mar 2022 06:59:40 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 5821 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRlq6IXHawiaA-8Wix5ub6lGebzrqNeg_LTf-SB8--nwuYkbFPfXD6B6LyfrPQ&usqp=CAI
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e01b572b7d5c9adc7ad416d210eb05cbc0806c17139676e0201faa9523c6fd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 18:50:48 GMT
x-content-type-options
nosniff
last-modified
Sat, 10 Oct 2020 09:14:04 GMT
server
sffe
age
89586
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13848
x-xss-protection
0
expires
Thu, 17 Mar 2022 18:50:48 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 5821 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRRheOXeWKqvS7_Gez3pQdfus-yzHvuL_woS0g9fcZDZEvCwVVJqBPfMtfE6jU&usqp=CAI
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44f0d67d23965ac989b7cca090c3bce1b1b588abde02ec18eb3c820d26327fbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 08:00:24 GMT
x-content-type-options
nosniff
last-modified
Sat, 30 Dec 2017 09:18:06 GMT
server
sffe
age
560610
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30617
x-xss-protection
0
expires
Sat, 12 Mar 2022 08:00:24 GMT
17271363063767141871
tpc.googlesyndication.com/simgad/ Frame 5821
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDH-PuvLhCgBhigBjIIWRPH1URgOt0
  • https://tpc.googlesyndication.com/simgad/17271363063767141871
114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17271363063767141871
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cdb45d2633aa6601e268bcca4ad41eb5d45347c4f691f2e22234806e9137fcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 18:28:37 GMT
x-content-type-options
nosniff
age
263717
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116546
x-xss-protection
0
last-modified
Wed, 29 May 2019 13:54:25 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Mar 2022 18:28:37 GMT

Redirect headers

timing-allow-origin
*
date
Thu, 18 Mar 2021 19:43:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/17271363063767141871
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 17 Apr 2021 19:43:54 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5821 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Crdwdeq1TYLW0BeSDjuwP1-CewAXwpJOOX_CF15T2CbzZ_-7BFxABIKqAwyJg9ZXOgeAEoAGl1pjNA8gBCakCkLwQcdj-sz7gAgCoAwHIA5sEqgT9AU_QPEWSRU5yQeRx5Sdwsxc3Y8hdQHIdc3EE6-1hmIE74ZzSu388O2EpQ810kyhUXoduciQmSIhIJplPC1f6Fw-cDsBp4-yc08BVB50Qe-uQMhfKTnJXk7LstTXrAu4VCD5Dt8al5syrUWvAc1QF75E16NSFsDVbCwko7EARNnZingec5FnMo8Lqk2QXy4ixQrBQbX5DnbAGSDfZsn8WeCHCRAb4NnE_YY35pvWr0PwVZV7Fxr2CPAOA7luU11CWMtqaW4yh42F0M3_QTkeooNQbqgmD25H-x6605pKC0soG8MGGZyG8HlVZ9oPhoK3l2Bti9szG4JUWiNHIsf7ABOLN98ibAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfDqecyqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDmtwvSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTgzOTQ5MjMwMTA5Nzg5NDWACgPICwHYEwuIFASYFgGyFxoKGAgAEhRwdWItNTUxMjM5MDcwNTEzNzUwNw&sigh=bFaJVmc7I5M&template_id=494&tpd=AGWhJmsB9mRhGFpk21Qd-M2ZO_NAHA2URaeUzHgyVyS58YINCQ
Requested by
Host: dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
URL: https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 5821 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31fab3ba40c01a4d075630310584d94910e37b87daf5ea650b35cba7468b3b57

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 5821 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:41:26 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:32 GMT
server
sffe
age
148
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
expires
Fri, 18 Mar 2022 19:41:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5821 		0
23 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChEIASoNdG93ZXIyLXNxdWFyZQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDIKBwgGKgMxMDAKDRADIQAA4AQAsFBAMAQKDRAKIQAAANqjsCdAMAQKDRANIQAAAAA8uY4_MAQKDRAeKgczNjB4MzAwMAQKDRAZKgczNjB4MzAwMAQKDRAOIQAAAABIt44_MAQKDRAQIQAAAAAAcqdAMAQKDRARIQAAAACA7M1AMAQKDRASIQAAAAAAABhAMAQKDRATIQAAAAAAAAhAMAQKDRAEIQAAgIYU1lNAMAQKDRAPIQAAAAAweoQ_MAQKDRAUIQAAAAAAGM9AMAQKDRAVIQAAAAAAACBAMAQKDRAWIQAAAAAAABBAMAQKDRAFIQAAgFmP4lNAMAQKDRAXIQAAIJDCFV1AMAQSGkNMWFpzSTdOdXU4Q0ZlU0Jnd2NkVjdBSFdBIhJncGEvbWF4aW1hbF92MV9vY2goDA==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5821 		0
23 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChEIASoNdG93ZXIyLXNxdWFyZQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDIKBwgGKgMxMDAKDRAYIQAAcPBRxGpAMAQSGkNMWFpzSTdOdXU4Q0ZlU0Jnd2NkVjdBSFdBIhJncGEvbWF4aW1hbF92MV9vY2goDA==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
serving.stat-rock.com/v1/log/js/ 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1616096632793.1394&type=VIEWED_25&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&typeA=PRE&contentTypeA=VIDEO&u=https%3A%2F%2Fvymaps.com%2FBR%2FParana-Banco-S-a-Jardim-Paulistano-1134816926595973%2F&t=2411&v=82.opt&width=480&z=p%3Adf%3Bv%3AinBanner%3Bc%3Agoogima%3B&r=0.600413752124652
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin
https://vymaps.com
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:55 GMT
server
nginx
srvb
127.0.0.1:8082
access-control-max-age
86400
content-type
image/gif
access-control-allow-origin
*
srvf
78.140.185.32
content-length
35
activeview
pagead2.googlesyndication.com/pcs/ Frame 5821 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNdC04dwUUQZ0mvi0iPWxtFY5CABnNhilNsl_hAAwzyt_ipexCJt3tq7dd4vpSe_3kqNuMGmPsgsRAFS1IJCpCMTDj8j-RrcnoQzLePPz35m4FN_f7f8elTj8v9GYD3_gUalXGERHRIIurX9GQ4vkN&sai=AMfl-YT96VlZGNedbZ1aNc1O4rxH572-XSa2V08NEoSwxDntAzgoRNBlr3VY1EfMhaL3FAf3rJYv-bKD_y88WX4g4m4I_AtGysRDa2gu33NVzCfQ5BXLu136_VpQv_Q0pllo&sig=Cg0ArKJSzCh4b3nGYjyWEAE&cid=CAASPeRo8fKjtZD8ilNVEz-PAI_5ZTAnPS1IAF1pG0Ku1RcdFWEj0Peb-eBIMccnvyQgEk0NyJTJh9t_TMpILzw&id=osdim&mcvt=1000&p=854,360,1154,720&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3182777670&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616096634474&dlt=9&rpt=2&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 36D2 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://vymaps.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://vymaps.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=32671
Expires
Fri, 19 Mar 2021 04:48:26 GMT
Date
Thu, 18 Mar 2021 19:43:55 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 1F99 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1616096632634
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1616096632634
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vymaps.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://vymaps.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
showad.js
ads.pubmatic.com/AdServer/js/ Frame 164E 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://vymaps.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://vymaps.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=32671
Expires
Fri, 19 Mar 2021 04:48:26 GMT
Date
Thu, 18 Mar 2021 19:43:55 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 83DD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.200 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-200.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://vymaps.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://vymaps.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Fri, 19 Mar 2021 19:43:57 GMT
Date
Thu, 18 Mar 2021 19:43:55 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1721 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.200 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-200.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://vymaps.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://vymaps.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Fri, 19 Mar 2021 19:43:57 GMT
Date
Thu, 18 Mar 2021 19:43:55 GMT
Connection
keep-alive
/
onetag-sys.com/usync/ Frame 09C2 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1616096632652
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1616096632652
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vymaps.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://vymaps.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame CAA8 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1616096632635
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1616096632635
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vymaps.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://vymaps.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0F59 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.200 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-200.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://vymaps.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://vymaps.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Fri, 19 Mar 2021 19:43:57 GMT
Date
Thu, 18 Mar 2021 19:43:55 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7EC2 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://vymaps.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://vymaps.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=32671
Expires
Fri, 19 Mar 2021 04:48:26 GMT
Date
Thu, 18 Mar 2021 19:43:55 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
onetag-sys.com/usync/ 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame BF0F 		42 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttR8FmCxV9tzcUlzEA64_fFjK8uzaGz7NDa1khhoXenxgU8eUoOuYw_KJ6FxRlP_VhoonrnmzXcMgqwmE-uHapEhs8hOoxUhGrzr91DqbLTbU4yWrz52wQLSGM6w&sai=AMfl-YQeDXpis1DEAv6sFWiCMCiSFHbBNhkXJ62OI8UG9s5sU9LncYY1DYr9CBKeCcChtumHAm1SHsi1yeMwGg09pg0za04o0hTlrK6meIIH7Z2bLJrGt32a6KVHD5QLRCKT&sig=Cg0ArKJSzDf6vyiMO4X7EAE&cid=CAASPeRoRaZLO8Osugo3TTVMuXYtbkMDrsgPidmyCowZU-PigsLSiub2p2KVItp1sf375f1oHgcNYtDzvzTShyU&id=lidarv&acvw=sv%3D889%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D869,825,1149,1305%26tos%3D2039,0,0,0,0%26mtos%3D2039,2039,2039,2039,2039%26amtos%3D0,0,0,0,0%26mcvt%3D2039%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2039%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D431%26pst%3D425%26dur%3D21060%26vmtime%3D1926%26dtos%3D2039%26dtoss%3D1%26dvs%3D2016%26dfvs%3D2016%26dvpt%3D2016%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D552%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D239139568%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1616096635903%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2039&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1616096633601
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 36D2 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=17210685&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
44ca71417185874db163642978c999c2597588018bf2de1ee000ee2edbcda180

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:43:55 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
bounce
ib.adnxs.com/ Frame 1721
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
820 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 19:43:56 GMT
X-Proxy-Origin
185.156.175.187; 185.156.175.187; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.59:80
AN-X-Request-Uuid
38be6273-a868-47b1-b222-91484f93c129
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 19:43:56 GMT
X-Proxy-Origin
185.156.175.187; 185.156.175.187; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.139:80
AN-X-Request-Uuid
5ee2f7cd-22dd-4ef0-9e6b-c821661f11f5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame 83DD
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
821 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 19:43:56 GMT
X-Proxy-Origin
185.156.175.187; 185.156.175.187; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.238:80
AN-X-Request-Uuid
84f5e821-0083-418c-9dde-a42d68d4a8c4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 19:43:56 GMT
X-Proxy-Origin
185.156.175.187; 185.156.175.187; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.52:80
AN-X-Request-Uuid
1ea65f6b-ba1a-4be3-bceb-d403032dee47
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame 0F59
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
821 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 19:43:56 GMT
X-Proxy-Origin
185.156.175.187; 185.156.175.187; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.119:80
AN-X-Request-Uuid
6f994d53-c02d-45e3-9cdc-bf60c079e34b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 19:43:56 GMT
X-Proxy-Origin
185.156.175.187; 185.156.175.187; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.109:80
AN-X-Request-Uuid
c83a0d9e-bd4d-4f2b-8fc0-d4921ed364a0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame BE4A
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5284218716346721713
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5284218716346721713
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=17210685&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=160120:2; KADUSERCOOKIE=06B97C60-4211-473D-A6AA-B7992F841E06; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1616889600%3A63%7C1617235200%3A13_56_7_3_220_21_161_54%7C1617321600%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 19:43:56 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-5284218716346721713; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 19:43:56 GMT; path=/ PugT=1616096636; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 19:43:56 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 19:43:56 GMT; path=/
X-lat
lhrpug014:0:373
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5284218716346721713
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame EA29 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=17210685&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Thu, 18 Mar 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1276
x-powered-by
ASP.NET
date
Thu, 18 Mar 2021 19:43:55 GMT
content-length
43
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 36D2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Brl8YEIRRz2mqreZL4QeBg%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Brl8YEIRRz2mqreZL4QeBg%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:43:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=37144
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Fri, 19 Mar 2021 06:03:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 36D2 		95 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=06B97C60-4211-473D-A6AA-B7992F841E06
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.google.com
access-control-allow-credentials
true
cf-ray
6320f3e7ebed9716-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08e876c4ef000097166a8c2000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 36D2
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=06B97C60-4211-473D-A6AA-B7992F841E06&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=06B97C60-4211-473D-A6AA-B7992F841E06&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=06B97C60-4211-473D-A6AA-B7992F841E06&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:53 GMT
frontend-id
13
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:53 GMT
frontend-id
12
location
/pubmatic/1/info2?sType=sync&sExtCookieId=06B97C60-4211-473D-A6AA-B7992F841E06&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 36D2
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=06B97C60-4211-473D-A6AA-B7992F841E06&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=06B97C60-4211-473D-A6AA-B7992F841E06&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=06B97C60-4211-473D-A6AA-B7992F841E06&addseg=31
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=06B97C60-4211-473D-A6AA-B7992F841E06&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:43:56 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Thu, 18 Mar 2021 19:43:56 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=06B97C60-4211-473D-A6AA-B7992F841E06&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 36D2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDZCOTdDNjAtNDIxMS00NzNELUE2QUEtQjc5OTJGODQxRTA2&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDZCOTdDNjAtNDIxMS00NzNELUE2QUEtQjc5OTJGODQxRTA2&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:43:56 GMT
X-lat
lhrpug020:0:356
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 36D2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKa24CV-2eDfvRfjMiWPtsY&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKa24CV-2eDfvRfjMiWPtsY&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:43:56 GMT
X-lat
lhrpug008:0:430
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKa24CV-2eDfvRfjMiWPtsY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 36D2 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:56 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 17 Mar 2021 19:43:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 36D2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1642447523310932682
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1642447523310932682
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:43:54 GMT
X-lat
amspug016:0:422
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:56 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1642447523310932682
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 36D2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c28e7aeb-01ee-4a51-a3a9-a80e6e872286
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c28e7aeb-01ee-4a51-a3a9-a80e6e872286
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:43:54 GMT
X-lat
amspug001:0:366
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:56 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c28e7aeb-01ee-4a51-a3a9-a80e6e872286
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 36D2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2b126053-ad7b-4100-9bf3-e59bae5074c8&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2b126053-ad7b-4100-9bf3-e59bae5074c8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:43:54 GMT
X-lat
amspug001:0:408
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Thu, 18 Mar 2021 19:43:59 GMT
Server
MT3 3611 f10363c master zrh-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2b126053-ad7b-4100-9bf3-e59bae5074c8&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 18 Mar 2021 19:43:58 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 36D2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3592681305984275541&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3592681305984275541&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:43:56 GMT
X-lat
lhrpug012:0:546
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 19:43:56 GMT
X-Proxy-Origin
185.156.175.187; 185.156.175.187; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.155:80
AN-X-Request-Uuid
8e674959-04d1-411a-81aa-496309c615d4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3592681305984275541&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 36D2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=e66cfc78-072c-4f5d-ab67-7d0c9cf0d2c3&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=db63e6b7-f7c5-4625-8cea-61b7a9026ace&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=db63e6b7-f7c5-4625-8cea-61b7a9026ace&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:43:55 GMT
X-lat
amspug015:0:415
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=db63e6b7-f7c5-4625-8cea-61b7a9026ace&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 18 Mar 2021 19:43:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
async_usersync
ib.adnxs.com/ Frame 1721 		0
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 19:43:57 GMT
X-Proxy-Origin
185.156.175.187; 185.156.175.187; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.184:80
AN-X-Request-Uuid
39af9770-3947-445b-b0d4-c0d322667370
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 83DD 		0
748 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 19:43:57 GMT
X-Proxy-Origin
185.156.175.187; 185.156.175.187; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.68:80
AN-X-Request-Uuid
8774ef88-116e-4173-b270-248cd150dadb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0F59 		0
748 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 19:43:57 GMT
X-Proxy-Origin
185.156.175.187; 185.156.175.187; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.41:80
AN-X-Request-Uuid
62518166-2d4a-4401-af41-a2ea5c3877bc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 36D2 		0
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160120&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Thu, 18 Mar 2021 19:43:57 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
truncated
/ 		626 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a77319d6ab3cf3a1c4a4a5ba4e6c5b3ccf689c5269ddb896b93b2393b93d319c

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
showad.js
ads.pubmatic.com/AdServer/js/ Frame 164E 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=06B97C60-4211-473D-A6AA-B7992F841E06; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1616889600%3A63%7C1617235200%3A13_56_7_3_220_21_161_54%7C1617321600%3A35; KRTBCOOKIE_27=16735-uid:2b126053-ad7b-4100-9bf3-e59bae5074c8&KRTB&16736-uid:2b126053-ad7b-4100-9bf3-e59bae5074c8&KRTB&23019-uid:2b126053-ad7b-4100-9bf3-e59bae5074c8&KRTB&23114-uid:2b126053-ad7b-4100-9bf3-e59bae5074c8; PUBMDCID=3; KRTBCOOKIE_391=22924-1642447523310932682&KRTB&23263-1642447523310932682; KRTBCOOKIE_377=6810-c28e7aeb-01ee-4a51-a3a9-a80e6e872286&KRTB&22918-c28e7aeb-01ee-4a51-a3a9-a80e6e872286&KRTB&23031-c28e7aeb-01ee-4a51-a3a9-a80e6e872286; KRTBCOOKIE_336=5844-5284218716346721713; KRTBCOOKIE_57=22776-3592681305984275541; KRTBCOOKIE_80=16514-CAESEKa24CV-2eDfvRfjMiWPtsY&KRTB&22987-CAESEKa24CV-2eDfvRfjMiWPtsY&KRTB&23025-CAESEKa24CV-2eDfvRfjMiWPtsY; KRTBCOOKIE_466=16530-db63e6b7-f7c5-4625-8cea-61b7a9026ace; PugT=1616096635; SPugT=1616096637; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=32667
Expires
Fri, 19 Mar 2021 04:48:26 GMT
Date
Thu, 18 Mar 2021 19:43:59 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7EC2 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=06B97C60-4211-473D-A6AA-B7992F841E06; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1616889600%3A63%7C1617235200%3A13_56_7_3_220_21_161_54%7C1617321600%3A35; KRTBCOOKIE_27=16735-uid:2b126053-ad7b-4100-9bf3-e59bae5074c8&KRTB&16736-uid:2b126053-ad7b-4100-9bf3-e59bae5074c8&KRTB&23019-uid:2b126053-ad7b-4100-9bf3-e59bae5074c8&KRTB&23114-uid:2b126053-ad7b-4100-9bf3-e59bae5074c8; PUBMDCID=3; KRTBCOOKIE_391=22924-1642447523310932682&KRTB&23263-1642447523310932682; KRTBCOOKIE_377=6810-c28e7aeb-01ee-4a51-a3a9-a80e6e872286&KRTB&22918-c28e7aeb-01ee-4a51-a3a9-a80e6e872286&KRTB&23031-c28e7aeb-01ee-4a51-a3a9-a80e6e872286; KRTBCOOKIE_336=5844-5284218716346721713; KRTBCOOKIE_57=22776-3592681305984275541; KRTBCOOKIE_80=16514-CAESEKa24CV-2eDfvRfjMiWPtsY&KRTB&22987-CAESEKa24CV-2eDfvRfjMiWPtsY&KRTB&23025-CAESEKa24CV-2eDfvRfjMiWPtsY; KRTBCOOKIE_466=16530-db63e6b7-f7c5-4625-8cea-61b7a9026ace; PugT=1616096635; SPugT=1616096637; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=32667
Expires
Fri, 19 Mar 2021 04:48:26 GMT
Date
Thu, 18 Mar 2021 19:43:59 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
googleads.g.doubleclick.net/pagead/interaction/ Frame BF0F 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGjRyea1TYP2zCP7H7_UPud-ZiA2l0qDoYb2D5t-ADfS7q7KrCRABIOqa_Cdg9ZXOgeAEoAGcr_uoAsgBBeACAKgDAZgEAKoEjwJP0AM9oRCv2fTExEd8wwcFqV9htw2D6bQUZtEgF5fQrsuAAkgtdV-f5enq9W-xGPT9DN3K0Gn1CmiW5a0YGh4F7xp0R73Pwsfje3MB3MBXScaftGz5q7EUJKa1gKtcUVuoJdL3NqKhUKJuvab2UaU040z7AvyE8dZ9Ny2aZs_qLBx9Apq8hNy53V9L4cZ-zfajsKKRLQhT-lVqgqPHYSsJH-4Xi_lmOQcDX9hjALCUktSi4AfbOMCrNFgsRJWT8aUyqNt0D1lygOeaKgr-yQa74lGpl3-e65gErAcCLuwg_4pGXYgP4WZ7VKNnyRZu-87yllqETFzSRVlvXzmj77WXKLXPFBCziN-lIDDSeUjkwAT5w6TEvwPgBAGgBlSAB8zQhNcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTgzOTQ5MjMwMTA5Nzg5NDWACgPICwHYEw3QFQHiFgIIAYAXAQ&sigh=WPvjfyKDRDA&cmd=Ch1jYS12aWRlby1wdWItNTUxMjM5MDcwNTEzNzUwNxAAGAI&label=video_skip_shown&ad_mt=5176&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D869,825,1149,1305%26p0%3D869,825,1149,1305%26tos%3D5246,0,0,0,0%26mtos%3D5246,5246,5246,5246,5246%26amtos%3D0,0,0,0,0%26mcvt%3D5246%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5246%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1034%26pst%3D425%26dur%3D21060%26vmtime%3D5176%26is%3D275%26i0%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D5246,5246,5246,5246,5246%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D552%26femvt%3D0%26emc%3D28%26emuc%3D0%26emb%3D28,0,0,0,0%26avms%3Dexc%26qi%3D239139568%26psm%3D-2147483585%26psv%3D-2147483585%26psfv%3D-2147483585%26psa%3D0%26ptlt%3D1616096639110%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5246%26ss0%3D0.07&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.07%26t%3D1616096633601&sdkv=h.3.447.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ0Njg3NzQ5OTgzNzIMNDk2NzUxODUyMzc3QM8CUiAQDyUAANhBKAE6B3Vua25vd25CB3Vua25vd25IygJQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 164E 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=66119263&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
aed32af2d3b1a5d80eb030aa55def1e9208688e3e4cd2d158d5f4e4401b74f47

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:43:57 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame E44F 		35 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=06B97C60-4211-473D-A6AA-B7992F841E06
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=66119263&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=06B97C60-4211-473D-A6AA-B7992F841E06
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=1642447523310932682
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 18 Mar 2021 19:43:59 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=1642447523310932682; expires=Mon, 17 May 2021 19:43:59 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 304F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCVllVN0FwMXNBQUJWcmVDanBWdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABVYU7Ap1sAABVreCjpVw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2993226759592927215
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABVYU7Ap1sAABVreCjpVw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D2993226759592927215%26bee_sync_partners%3Dpm%26bee_sync...
  • https://match.prod.bidr.io/cookie-sync?userid=2993226759592927215&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABVYU7Ap1sAABVreCjpVw&pid=558502&d...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABVYU7Ap1sAABVreCjpVw
42 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABVYU7Ap1sAABVreCjpVw
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=66119263&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=06B97C60-4211-473D-A6AA-B7992F841E06; KRTBCOOKIE_27=16735-uid:2b126053-ad7b-4100-9bf3-e59bae5074c8&KRTB&16736-uid:2b126053-ad7b-4100-9bf3-e59bae5074c8&KRTB&23019-uid:2b126053-ad7b-4100-9bf3-e59bae5074c8&KRTB&23114-uid:2b126053-ad7b-4100-9bf3-e59bae5074c8; PUBMDCID=3; KRTBCOOKIE_391=22924-1642447523310932682&KRTB&23263-1642447523310932682; KRTBCOOKIE_377=6810-c28e7aeb-01ee-4a51-a3a9-a80e6e872286&KRTB&22918-c28e7aeb-01ee-4a51-a3a9-a80e6e872286&KRTB&23031-c28e7aeb-01ee-4a51-a3a9-a80e6e872286; KRTBCOOKIE_336=5844-5284218716346721713; KRTBCOOKIE_57=22776-3592681305984275541; KRTBCOOKIE_80=16514-CAESEKa24CV-2eDfvRfjMiWPtsY&KRTB&22987-CAESEKa24CV-2eDfvRfjMiWPtsY&KRTB&23025-CAESEKa24CV-2eDfvRfjMiWPtsY; KRTBCOOKIE_466=16530-db63e6b7-f7c5-4625-8cea-61b7a9026ace; pi=160120:4; chkChromeAb67Sec=2; DPSync3=1617235200%3A219_197_201_227_226_221%7C1616112000%3A174; SyncRTB3=1617235200%3A54_8_55_3_56_21_161_166_81_7_220_71_22_13%7C1616630400%3A2_15_223%7C1616889600%3A63%7C1618617600%3A203%7C1617321600%3A35; KRTBCOOKIE_153=1923-9NrNhqOOz9Pv2c-C-tzVh6DSwdDvjs6A99LRCOaf&KRTB&19420-9NrNhqOOz9Pv2c-C-tzVh6DSwdDvjs6A99LRCOaf&KRTB&22979-9NrNhqOOz9Pv2c-C-tzVh6DSwdDvjs6A99LRCOaf; KRTBCOOKIE_22=14911-2539042921190263156; KRTBCOOKIE_1101=23040-6941082211690543257; SPugT=1616096638; KRTBCOOKIE_188=3189-b4a1c601-896d-408e-9deb-e72b0506ac92-6053ad7f-4348; PugT=1616096639; KRTBCOOKIE_218=22978-YFOtfwAAAHnOfVZV&KRTB&23194-YFOtfwAAAHnOfVZV&KRTB&23209-YFOtfwAAAHnOfVZV&KRTB&23244-YFOtfwAAAHnOfVZV
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 19:44:00 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_699=22727-AABVYU7Ap1sAABVreCjpVw; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 19:44:00 GMT; path=/ PugT=1616096640; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 19:44:00 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 19:44:00 GMT; path=/
X-lat
lhrpug007:0:591
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Date
Thu, 18 Mar 2021 19:44:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABVYU7Ap1sAABVreCjpVw
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame EF68
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941082211690543257
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941082211690543257
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=66119263&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=06B97C60-4211-473D-A6AA-B7992F841E06; KRTBCOOKIE_27=16735-uid:2b126053-ad7b-4100-9bf3-e59bae5074c8&KRTB&16736-uid:2b126053-ad7b-4100-9bf3-e59bae5074c8&KRTB&23019-uid:2b126053-ad7b-4100-9bf3-e59bae5074c8&KRTB&23114-uid:2b126053-ad7b-4100-9bf3-e59bae5074c8; PUBMDCID=3; KRTBCOOKIE_391=22924-1642447523310932682&KRTB&23263-1642447523310932682; KRTBCOOKIE_377=6810-c28e7aeb-01ee-4a51-a3a9-a80e6e872286&KRTB&22918-c28e7aeb-01ee-4a51-a3a9-a80e6e872286&KRTB&23031-c28e7aeb-01ee-4a51-a3a9-a80e6e872286; KRTBCOOKIE_336=5844-5284218716346721713; KRTBCOOKIE_57=22776-3592681305984275541; KRTBCOOKIE_80=16514-CAESEKa24CV-2eDfvRfjMiWPtsY&KRTB&22987-CAESEKa24CV-2eDfvRfjMiWPtsY&KRTB&23025-CAESEKa24CV-2eDfvRfjMiWPtsY; KRTBCOOKIE_466=16530-db63e6b7-f7c5-4625-8cea-61b7a9026ace; SPugT=1616096637; pi=160120:4; chkChromeAb67Sec=2; DPSync3=1617235200%3A219_197_201_227_226_221%7C1616112000%3A174; SyncRTB3=1617235200%3A54_8_55_3_56_21_161_166_81_7_220_71_22_13%7C1616630400%3A2_15_223%7C1616889600%3A63%7C1618617600%3A203%7C1617321600%3A35; KRTBCOOKIE_153=1923-9NrNhqOOz9Pv2c-C-tzVh6DSwdDvjs6A99LRCOaf&KRTB&19420-9NrNhqOOz9Pv2c-C-tzVh6DSwdDvjs6A99LRCOaf&KRTB&22979-9NrNhqOOz9Pv2c-C-tzVh6DSwdDvjs6A99LRCOaf; KRTBCOOKIE_22=14911-2539042921190263156; PugT=1616096637
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 19:43:57 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6941082211690543257; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 19:43:57 GMT; path=/ PugT=1616096637; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 19:43:57 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 19:43:57 GMT; path=/
X-lat
amspug009:0:500
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Thu, 18 Mar 2021 19:43:59 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6941082211690543257; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941082211690543257
mw
mwzeom.zeotap.com/ Frame 164E
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=06B97C60-4211-473D-A6AA-B7992F841E06
  • https://spl.zeotap.com/?zdid=1332&zcluid=faa625f8ab3016fa
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=833ee649-4a7d-4c15-7639-3c76d8613a2d&reqId=ab264912-914a-4f1d-7486-6846a95e26f8&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEMp6ZbQqRZOvAqEucsk4fL0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=833ee649-4a7d-4c15-7639-3c76d8613a2d&reqId=ab264912-914a-4f1d-7486-684...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEMp6ZbQqRZOvAqEucsk4fL0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=833ee649-4a7d-4c15-7639-3c76d8613a2d&reqId=ab264912-914a-4f1d-7486-6846a95e26f8&zcluid=faa625f8ab3016fa&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:44:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.google.com
access-control-allow-credentials
true
cf-ray
6320f40f8ecf9716-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08e876ddb1000097163c268000000001

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:44:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEMp6ZbQqRZOvAqEucsk4fL0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=833ee649-4a7d-4c15-7639-3c76d8613a2d&reqId=ab264912-914a-4f1d-7486-6846a95e26f8&zcluid=faa625f8ab3016fa&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 164E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2b126053-ad7b-4100-9bf3-e59bae5074c8
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2b126053-ad7b-4100-9bf3-e59bae5074c8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:43:58 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 18 Mar 2021 19:44:02 GMT
Server
MT3 3611 f10363c master zrh-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2b126053-ad7b-4100-9bf3-e59bae5074c8
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 18 Mar 2021 19:44:01 GMT
06B97C60-4211-473D-A6AA-B7992F841E06
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 164E 		43 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/06B97C60-4211-473D-A6AA-B7992F841E06?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:43:59 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 164E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=06B97C60-4211-473D-A6AA-B7992F841E06&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=06B97C60-4211-473D-A6AA-B7992F841E06&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RAuJy7NE2uWZ3eoNd7zkFtMmyGdBUss-~A&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RAuJy7NE2uWZ3eoNd7zkFtMmyGdBUss-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:43:58 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 18 Mar 2021 19:43:59 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RAuJy7NE2uWZ3eoNd7zkFtMmyGdBUss-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 164E
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9NrNhqOOz9Pv2c-C-tzVh6DSwdDvjs6A99LRCOaf
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9NrNhqOOz9Pv2c-C-tzVh6DSwdDvjs6A99LRCOaf
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:43:59 GMT
X-lat
lhrpug015:0:502
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9NrNhqOOz9Pv2c-C-tzVh6DSwdDvjs6A99LRCOaf
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 164E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFOtfwAAAHnOfVZV&gdpr=0&gdpr_consent=&_test=YFOtfwAAAHnOfVZV
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFOtfwAAAHnOfVZV&gdpr=0&gdpr_consent=&_test=YFOtfwAAAHnOfVZV
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:43:59 GMT
X-lat
amspug003:0:456
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:59 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616096640.510105,VS0,VE0
x-served-by
cache-fra19137-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFOtfwAAAHnOfVZV&gdpr=0&gdpr_consent=&_test=YFOtfwAAAHnOfVZV
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 164E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2539042921190263156&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2539042921190263156&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:43:57 GMT
X-lat
amspug006:0:503
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2539042921190263156&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 18 Mar 2021 19:43:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 164E
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b46025a3-6bdb-4112-af0c-5b6a57957b54&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b46025a3-6bdb-4112-af0c-5b6a57957b54&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:43:57 GMT
X-lat
amspug015:0:402
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b46025a3-6bdb-4112-af0c-5b6a57957b54&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 18 Mar 2021 19:43:59 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 164E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=b4a1c601-896d-408e-9deb-e72b0506ac92-6053ad7f-4348&gdpr=0&gdpr_consent=
42 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=b4a1c601-896d-408e-9deb-e72b0506ac92-6053ad7f-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:43:59 GMT
X-lat
lhrpug006:0:510
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:58 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=b4a1c601-896d-408e-9deb-e72b0506ac92-6053ad7f-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame 164E 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=06B97C60-4211-473D-A6AA-B7992F841E06&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:59 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame BF0F 		42 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGjRyea1TYP2zCP7H7_UPud-ZiA2l0qDoYb2D5t-ADfS7q7KrCRABIOqa_Cdg9ZXOgeAEoAGcr_uoAsgBBeACAKgDAZgEAKoEjwJP0AM9oRCv2fTExEd8wwcFqV9htw2D6bQUZtEgF5fQrsuAAkgtdV-f5enq9W-xGPT9DN3K0Gn1CmiW5a0YGh4F7xp0R73Pwsfje3MB3MBXScaftGz5q7EUJKa1gKtcUVuoJdL3NqKhUKJuvab2UaU040z7AvyE8dZ9Ny2aZs_qLBx9Apq8hNy53V9L4cZ-zfajsKKRLQhT-lVqgqPHYSsJH-4Xi_lmOQcDX9hjALCUktSi4AfbOMCrNFgsRJWT8aUyqNt0D1lygOeaKgr-yQa74lGpl3-e65gErAcCLuwg_4pGXYgP4WZ7VKNnyRZu-87yllqETFzSRVlvXzmj77WXKLXPFBCziN-lIDDSeUjkwAT5w6TEvwPgBAGgBlSAB8zQhNcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTgzOTQ5MjMwMTA5Nzg5NDWACgPICwHYEw3QFQHiFgIIAYAXAQ&sigh=WPvjfyKDRDA&cmd=Ch1jYS12aWRlby1wdWItNTUxMjM5MDcwNTEzNzUwNxAAGAI&label=videoplaytime25&ad_mt=5426&acvw=sv%3D889%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D869,825,1149,1305%26tos%3D5496,0,0,0,0%26mtos%3D5496,5496,5496,5496,5496%26amtos%3D0,0,0,0,0%26mcvt%3D5496%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5496%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1235%26pst%3D425%26dur%3D21060%26vmtime%3D5426%26dtos%3D3457%26dtoss%3D2%26dvs%3D3457%26dfvs%3D3457%26dvpt%3D3457%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D5496,5496,5496,5496,5496%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D552%26femvt%3D0%26emc%3D29%26emuc%3D0%26emb%3D29,0,0,0,0%26avms%3Dexc%26qi%3D239139568%26psm%3D-2147483585%26psv%3D-2147483585%26psfv%3D-2147483585%26psa%3D0%26ptlt%3D1616096639361%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5496&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1616096633601&sdkv=h.3.447.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ0Njg3NzQ5OTgzNzIMNDk2NzUxODUyMzc3QM8CUiAQDyUAANhBKAE6B3Vua25vd25CB3Vua25vd25IygJQABgB
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 164E 		0
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160120&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Thu, 18 Mar 2021 19:44:01 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
1
serving.stat-rock.com/v1/log/js/ 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1616096632793.1394&type=VIEWED_50&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&typeA=PRE&contentTypeA=VIDEO&u=https%3A%2F%2Fvymaps.com%2FBR%2FParana-Banco-S-a-Jardim-Paulistano-1134816926595973%2F&t=9011&v=82.opt&width=480&z=p%3Adf%3Bv%3AinBanner%3Bc%3Agoogima%3B&r=0.9691358182927416
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin
https://vymaps.com
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:44:01 GMT
server
nginx
srvb
127.0.0.1:8082
access-control-max-age
86400
content-type
image/gif
access-control-allow-origin
*
srvf
78.140.185.32
content-length
35
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7EC2 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=32664
Expires
Fri, 19 Mar 2021 04:48:26 GMT
Date
Thu, 18 Mar 2021 19:44:02 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 7EC2 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=39555188&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d9a38c28b5fa3e0c25e08321fa3f496524f4034bd1be9c9f83ef0165cb920255

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:44:00 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 7EC2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIKq6QnPM0XQDwitsXb9OMg&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIKq6QnPM0XQDwitsXb9OMg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:44:02 GMT
X-lat
lhrpug018:0:385
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:44:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIKq6QnPM0XQDwitsXb9OMg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 7EC2 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=39555188&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:44:02 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 17 Mar 2021 19:44:02 GMT
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 99E2
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4420371981592730093
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4420371981592730093
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=39555188&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=160120:4; KADUSERCOOKIE=5A4E5918-C2FA-43CA-9D3F-454203DC3F2D; chkChromeAb67Sec=1; DPSync3=1617235200%3A221_201_227_226; SyncRTB3=1617235200%3A13_7_54_3_220_21_161_56%7C1617321600%3A35%7C1616889600%3A63; KRTBCOOKIE_27=16735-uid:cb3e6053-ad81-4300-9479-fae0050c69bc&KRTB&16736-uid:cb3e6053-ad81-4300-9479-fae0050c69bc&KRTB&23019-uid:cb3e6053-ad81-4300-9479-fae0050c69bc&KRTB&23114-uid:cb3e6053-ad81-4300-9479-fae0050c69bc; PugT=1616096641; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 19:44:02 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-4420371981592730093; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 19:44:02 GMT; path=/ PugT=1616096642; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 19:44:02 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 19:44:02 GMT; path=/
X-lat
lhrpug007:0:519
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4420371981592730093
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 7EC2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8977510431312260086
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8977510431312260086
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:44:00 GMT
X-lat
amspug013:0:346
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:44:02 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8977510431312260086
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 7EC2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9c44303c-4762-4e20-a8c6-e5666b90c8cf
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9c44303c-4762-4e20-a8c6-e5666b90c8cf
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:44:00 GMT
X-lat
amspug001:0:378
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:44:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9c44303c-4762-4e20-a8c6-e5666b90c8cf
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
usersync.aspx
dis.criteo.com/dis/ Frame 9A9C 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=39555188&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer
https://www.google.com
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Thu, 18 Mar 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1143
x-powered-by
ASP.NET
date
Thu, 18 Mar 2021 19:44:02 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 7EC2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:cb3e6053-ad81-4300-9479-fae0050c69bc&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:cb3e6053-ad81-4300-9479-fae0050c69bc&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:44:01 GMT
X-lat
amspug020:0:354
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Thu, 18 Mar 2021 19:44:05 GMT
Server
MT3 3611 f10363c master zrh-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:cb3e6053-ad81-4300-9479-fae0050c69bc&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 18 Mar 2021 19:44:04 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7EC2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7034786816750057570&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7034786816750057570&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:44:02 GMT
X-lat
lhrpug017:0:456
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 19:44:02 GMT
X-Proxy-Origin
185.156.175.187; 185.156.175.187; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.132:80
AN-X-Request-Uuid
8a00959e-0a9e-4b53-bb35-3f4203ee08a3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7034786816750057570&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7EC2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Wk5ZGML6Q8qdP0VCA9w_LQ%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Wk5ZGML6Q8qdP0VCA9w_LQ%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:44:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=37138
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Fri, 19 Mar 2021 06:03:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:44:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 7EC2 		95 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=5A4E5918-C2FA-43CA-9D3F-454203DC3F2D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:44:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.google.com
access-control-allow-credentials
true
cf-ray
6320f40e8e659716-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08e876dd1b00009716549e6000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 7EC2
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=5A4E5918-C2FA-43CA-9D3F-454203DC3F2D&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=5A4E5918-C2FA-43CA-9D3F-454203DC3F2D&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=5A4E5918-C2FA-43CA-9D3F-454203DC3F2D&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:59 GMT
frontend-id
13
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:43:59 GMT
frontend-id
1
location
/pubmatic/1/info2?sType=sync&sExtCookieId=5A4E5918-C2FA-43CA-9D3F-454203DC3F2D&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 7EC2
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=5A4E5918-C2FA-43CA-9D3F-454203DC3F2D&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=5A4E5918-C2FA-43CA-9D3F-454203DC3F2D&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=5A4E5918-C2FA-43CA-9D3F-454203DC3F2D&addseg=31
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=5A4E5918-C2FA-43CA-9D3F-454203DC3F2D&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:44:02 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Thu, 18 Mar 2021 19:44:02 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=5A4E5918-C2FA-43CA-9D3F-454203DC3F2D&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 7EC2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUE0RTU5MTgtQzJGQS00M0NBLTlEM0YtNDU0MjAzREMzRjJE&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUE0RTU5MTgtQzJGQS00M0NBLTlEM0YtNDU0MjAzREMzRjJE&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 19:44:02 GMT
X-lat
lhrpug001:0:341
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:44:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7EC2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpubmatic%26bsw_param...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=771952a45c9e44cb9b116ca11254bdb0&ssp=pubmatic&bsw_param=8ff7e4e0-278b-4c07-949a-dcf387dd6bad&gdpr=0&consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8ff7e4e0-278b-4c07-949a-dcf387dd6bad&gdpr=0&gdpr_consent=&gdpr_pd=
0
0
aclk
www.googleadservices.com/pagead/ Frame BF0F
Redirect Chain
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=CM1eVea1TYP2zCP7H7_UPud-ZiA2l0qDoYb2D5t-ADfS7q7KrCRABIOqa_Cdg9ZXOgeAEoAGcr_uoAsgBBeACAKgDAZgEAKoEkgJP0AM9oRCv2fTExEd8wwcFqV9htw2D6bQUZtEgF5fQrsuAAkg...
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=CPkfIea1TYP2zCP7H7_UPud-ZiA2l0qDoYb2D5t-ADfS7q7KrCRABIOqa_Cdg9ZXOgeAEoAGcr_uoAsgBBeACAKgDAZgEAKoEkgJP0AM9oRCv2fTExEd8wwcFqV9htw2D6bQUZtEgF5fQrsu...
0
0
watchtime
s.youtube.com/api/stats/ Frame 1ACF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/watchtime?rti=10&st=0.000&et=10.176&rtn=20.000&ns=yt&fexp=44729226&el=adunit&cpn=rXp-5YgnZysnzII7&docid=i53AjFqkSic&ver=2&cmt=10.176&fmt=18&rt=9.000&adformat=2_2_1&euri=https%3A%2F%2Fvymaps.com%2F&len=21.060&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::65 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8ff7e4e0-278b-4c07-949a-dcf387dd6bad&gdpr=0&gdpr_consent=&gdpr_pd=
Domain
www.googleadservices.com
URL
https://www.googleadservices.com/pagead/aclk?sa=L&ai=CPkfIea1TYP2zCP7H7_UPud-ZiA2l0qDoYb2D5t-ADfS7q7KrCRABIOqa_Cdg9ZXOgeAEoAGcr_uoAsgBBeACAKgDAZgEAKoEkgJP0AM9oRCv2fTExEd8wwcFqV9htw2D6bQUZtEgF5fQrsuAAkgtdV-f5enq9W-xGPT9DN3K0Gn1CmiW5a0YGh4F7xp0R73Pwsfje3MB3MBXScaftGz5q7EUJKa1gKtcUVuoJdL3NqKhUKJuvab2UaU040z7AvyE8dZ9Ny2aZs_qLBx9Apq8hNy53V9L4cZ-zfajsKKRLQhT-lVqgqPHYSsJH-4Xi_lmOQcDX9hjALCUktSi4AfbOMCrNFgsRJWT8aUyqNt0D1lygOeaKgr-yQa74lGpl3-e65gErAcCLuwg_4pGXYgP4WZ7VKNnyRZu-87yllqETFzSRQFurRKrhRSZun44jU5cEZMCrjt73wb-prPWwAT5w6TEvwPgBAHABW6gBlSAB8zQhNcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTgzOTQ5MjMwMTA5Nzg5NDWaCRZodHRwczovL2hlcm8td2Fycy5jb20vsQnIAl9lI9sjaoAKA5gLAcgLAdALDrgMAdgTDdAVAeIWAggBgBcB&num=1&cid=CAASPeRoRaZLO8Osugo3TTVMuXYtbkMDrsgPidmyCowZU-PigsLSiub2p2KVItp1sf375f1oHgcNYtDzvzTShyU&client=ca-pub-2382012522979108&ctype=110&label=video_10s_engaged_view&ad_mt=10176&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D869,825,1149,1305%26p0%3D869,825,1149,1305%26p1%3D869,825,1149,1305%26tos%3D10246,0,0,0,0%26mtos%3D10246,10246,10246,10246,10246%26amtos%3D0,0,0,0,0%26mtos1%3D5496,0,0%26mcvt%3D10246%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10246%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2237%26pst%3D425%26dur%3D21060%26vmtime%3D10176%26is%3D275%26i0%3D275%26i1%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26c1%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4750,4750,4750,4750,4750%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D552%26femvt%3D0%26emc%3D53%26emuc%3D0%26emb%3D53,0,0,0,0%26avms%3Dexc%26qi%3D239139568%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D1616096644110%26pngs%3D9s,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10246%26ss0%3D0.07%26ss1%3D0.07&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.07%26t%3D1616096633601&dblrd=1&uid=Ci0AZWm_UkHbS4rXq8xo0w2on98xLAP0_csk-JEpA4bYZNubQsK1bSUR_swM1tIQ-drOggYYDw&sig=AOD64_1J6FAGab7NM2vT_RvpDtje-9HPUQ&adurl=https://hero-wars.com/%3Fhl%3Den%26l%3Dloot%26m%3Dregistration%26nx_source%3Dadx_adwordsyoutube.hw_wb_u7_-.cc-ww_en.g-m.a-2554.au-all.opt-cpa.com-newac.lp-loot.cr-mightysticks8_h_21.dt-youtube.cid-12269775001.csd-050221.-%26l%3Dloot%26cp%3D-.cid-12269775001.agid-120133853689.tgid-.intgeo-.phgeo-1003297.ngr-vp.devt-c.devm-.gcid-%7Bgclid%7D.adId-496751852377.pt-vymaps.com_pt.ptc-.-

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| giftofspeed3 object| godefer3 object| giftofspeed object| godefer object| giftofspeed2 object| godefer2 function| report_broken_link function| request_deletion function| embed_url function| suggest_edit function| show_gm function| show_osm object| fr object| google_tag_manager number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime object| googletag object| AdSlotCollection object| pbjs325474 object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData boolean| __isGoogleAllowed object| __isFromEUPromise function| AdPlayerPro function| pbjs325474Chunk object| _pbjsGlobals function| JSEncrypt object| ADAGIO object| Criteo object| ggeac object| google_js_reporting_queue object| DMVAST function| playerPro function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_211594 object| closure_lm_804251 object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| criteo_pubtag object| criteo_pubtag_prebid_106 object| Criteo_prebid_106 object| google_image_requests object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

4 Cookies

Domain/Path Name / Value
.vymaps.com/ Name: _gid
Value: GA1.2.880302521.1616096632
.vymaps.com/ Name: _ga
Value: GA1.2.1154705324.1616096632
.vymaps.com/ Name: _gat_gtag_UA_39508141_54
Value: 1
vymaps.com/ Name: PHPSESSID
Value: c3e366bbe080dfe0f58c61a38f1b9b10

5 Console Messages

Source Level URL
Text
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js(Line 6)
Message:
[GPT] Ignoring the PubAdsService.enableSingleRequest() call since the service is already enabled.
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js(Line 6)
Message:
[GPT] Ignoring the PubAdsService.enableSingleRequest() call since the service is already enabled.
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js(Line 6)
Message:
[GPT] Ignoring the PubAdsService.enableSingleRequest() call since the service is already enabled.
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js(Line 6)
Message:
[GPT] Ignoring the PubAdsService.enableSingleRequest() call since the service is already enabled.
console-api info URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 https://vymaps.com/BR/Parana-Banco-S-a-Jardim-Paulistano-1134816926595973/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.turn.com
ads.avct.cloud
ads.pubmatic.com
adservice.google.ch
adservice.google.com
adx.adform.net
aud.pubmatic.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
cdn.ampproject.org
cdn.jsdelivr.net
cm.g.doubleclick.net
cmp.optad360.io
csi.gstatic.com
d5p.de17a.com
dbfded274c48d9172077b75f3779ddfd.safeframe.googlesyndication.com
dis.criteo.com
dsp.adfarm1.adition.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
i.ytimg.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mwzeom.zeotap.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
r2---sn-1gieen7e.googlevideo.com
r2---sn-4g5ednek.googlevideo.com
rtb-csync.smartadserver.com
s.youtube.com
s0.2mdn.net
securepubads.g.doubleclick.net
serving.stat-rock.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
stat.optad360.mgr.consensu.org
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
tag.1rx.io
tile.openstreetmap.org
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
visitor.fiftyt.com
vymaps.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.openstreetmap.org
x.bidswitch.net
simage2.pubmatic.com
www.googleadservices.com
104.108.144.200
104.108.144.214
142.250.185.162
142.250.186.34
148.72.210.237
151.101.14.49
159.65.197.210
169.50.137.190
178.250.0.165
178.250.2.151
18.156.0.31
18.196.233.38
185.184.8.30
185.29.133.199
185.33.220.242
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.80
185.64.190.81
185.86.139.115
198.148.27.139
2001:678:cb4:bbbb::11
2001:978:2:2c::172:d
213.155.156.184
213.19.147.210
2600:9000:206f:800:6:b871:4f00:93a1
2600:9000:2182:f600:11:a4de:2580:93a1
2606:4700:10::6816:1957
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1288:110:c305::8000
2a00:1450:4001:53::8
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:801::200e
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2016
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2006
2a00:1450:4001:82a::200a
2a00:1450:4002:801::2003
2a00:1450:400a:8::7
2a00:1450:400c:c09::9b
2a00:1450:400c:c1b::65
2a02:2638:1::3
2a02:2638::1c
2a02:fa8:8806:20::2040
2a04:4e42:1b::621
2a04:4e42:1b::729
35.201.96.126
37.157.2.235
37.157.4.24
51.210.112.63
51.38.120.206
52.214.70.9
52.28.120.199
54.194.211.3
63.32.128.23
66.155.71.25
77.243.60.138
78.140.185.32
85.114.159.93
024196ff47e620c1e0164da3573b4ef81956ee0664df5bfe9f6e2431b55b40b9
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
0551c68481c29ba9c5daec9c488f380352b81235602f6dcc0b33ff2f0c29c0c2
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd
0967cf1e69f29a627ac161e46eae701f97f2199abf98c70409578ed7bd184771
0b061d883fdd93ccb59569ff3fa3614c36af5e71537ab328440602624e52ffcc
0cf669457b26696a284b598af8f97011be1f84a2072dc75a56dca30bf50c5d19
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
11776a02549cb7f5387e0635ffddf291e6a935f912058d075e1c686259b8bf1c
17a9002ac8a52b211e82e6dad93f710c6a396e2cafc546ec2a61fcc35c82ef50
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1a86a0edff4a9ef945303720bc37980aadd31bde286b4c726fb5be33e490f340
1df95b226ba28a770a8d3aae9105878511a0b8eb6cdc9a4d15d4d89d26ffda0b
1f27de7fccfd62b872b9aa0b61085ecf5b07fe8841b4c7eb4243406d7158fe6c
222b380d438f6508ba0a3d4bdb1bc659b83fb162ba2754985b9407d8f10812c7
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
257579348172eb9f739308373580772054c0b671f63e8f002aed9f9774a6272e
264f5c640339f042dd729062cfc04c17f8ea0f29882b538e3848ed8f10edb4da
278f003df0c26e51fe43b2666704d4c59cd2ab4bd4b5981d36ce889ba45990d8
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
2bbaf85ccece0099002a190bb3790357b82142b6fe0506c1e222cee8984e6ff2
2dc94345d16989d047afacd8eda3677bc5a3cc46cd330e4c03ddac5aa5f16a98
2e01b572b7d5c9adc7ad416d210eb05cbc0806c17139676e0201faa9523c6fd4
31fab3ba40c01a4d075630310584d94910e37b87daf5ea650b35cba7468b3b57
324304300b8ff46b6520090aed400c5044f17673cdd930d9431dccc32c19ef34
334263ebd77a6466a27c622d0463d832649879f48eb70221e7db0650c430e1e4
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
393c0a39f41e5b14bdc33e5f5093a0d3ee0fb50eb4043d35e8a1995b5d2dd371
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3b2fc52067ea3825be6de3639082f0909c1e19a5568a4bea8d7501c0c79622ed
3cdb45d2633aa6601e268bcca4ad41eb5d45347c4f691f2e22234806e9137fcc
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eef03a0d3e4806139fe69a24d8c8017d666bc7ffae9b2b8b6566268adbe9d8f
415c91ff601b858a9997389a8d10ebbed5d71c78318dd2f9518f6137a1f09e83
4351e7c75c168f06ebad7d5e80be6197991771f0888476daff4bdf6dbe504151
44ca71417185874db163642978c999c2597588018bf2de1ee000ee2edbcda180
44f0d67d23965ac989b7cca090c3bce1b1b588abde02ec18eb3c820d26327fbb
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4ab8d4672e4e6dddaffe2961db019619fddee5fdad48793107e3ef3065239f68
4ca8ee087d2ab929975531c89f721db12ccf2de9f3184174ae9cc80e046c026d
4d8c0279f591db1b173de5f4783736805aa5fa74dfa07d538b1f9636cb00ab0b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52f714c3f78011bc97493a37219e75e9edf220b7e9de5e7c3f40d6644c7a3232
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc
56c6b95dccc628d32c02b1838e32ffbf2aba49b2012e72829d9566ba0a30d450
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
574c3a5cca85f4114085b6841596d62f00d7c892c7b03f28cbfa301deb1dc437
577421ce333170329437a2889557a5fd04bfd5237d9e9dc16d9a675c781169e5
5a8a8dafea85147b7a14a0fe4f8292c63b605d93c1cad2d02e1d92ad3599d189
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
667f630979c24c0380420f9bb950167914b71e0b4007fbb9c71c4e4b8f5e9f12
677344a87e7abb166df42f9a2ceb8b02a66936840d76889e2506bc6524a8d2b4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be976f68ea8f7910100178760a6be09f7a85a35bec4ceb610569007b288e989
7172296fa04b1488df5301a51e10cf3ce973bf51ce7946f2616b557e7ade8fb3
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
73f5f00a595a534c43e2bf470375be89ad32a37625e5d38552a91572641a225e
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf
77c96ab73449d4f738af48ae6fc8c6df49b681f4013f5c112506efef1c811f50
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
7c7c5d803f05b77dc31c4184e5fcf8b206806a1a99ab7569f64d6867e2bf6134
7da22511eaa997140ea43f7c0e5f732df19e1910c5cf8bdfc3e3b2782cd7b782
7dc1e23e30b5dfc5c8cdfd0d9699dfe5383e0c7d2a2fe29beb3d473ca45927f4
7f4218e52d8e82f75c9f9a1436fde2f05eb743b58aae5700372aebcb8a01643f
83009062173e38bd4d51ca32a45b229a36ff7e08d5f537f7258ae4e4cff5dffa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70
84b45efa47684164dffe494b30409dc7b6c805efa89eea530ced8900797ffe58
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
89642fbbf4feeb496871605d6d9c64b0e285ad6edfc3f3fb874ee1e0bfc26734
8a16b1047e87c9487d366e371712da2f654c3b09f5fc5b2e43817b92ec88ba7e
9005b1572402e9923bb99215d054f12e24a60b61293c00dd8337a1d19534d454
9249fd9f8183f4e5e0ae23c3e24386fdd3c7e79ec3e788cb1f11483ce1a60a95
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
96a72659a5c7711afb54369e2dcb9e1568bc720022a7dff6cd0d86a99f3fc982
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a59e8d8491b501831dd2cb45a4ef16eb2aa3c8c52a80d185d39e257917472bd7
a654597d3e7f218e69d41dc01dfc5819782705e8608a4263db54d185a25da225
a77319d6ab3cf3a1c4a4a5ba4e6c5b3ccf689c5269ddb896b93b2393b93d319c
aa388a51fe3addb4ba88cb62bcc412cfce9417210198fbb269a1d1ac75e490ab
ab103b78b0000b1b51f2eac11be2a925823e2c0eaa336c3c277486cb393dfddd
abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6
aed32af2d3b1a5d80eb030aa55def1e9208688e3e4cd2d158d5f4e4401b74f47
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
b99dc37e5c848d50b7a4b3565d3ca152589cc7da67c02c3d05b60237e83c7b3c
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
c7460a80706fd2a5bfd0aa9d6ee5de0a81941a9cc1dc02962b6f2caa2d3d03fc
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
cab4de1078adaacfae986bd8b6f86d4b71e1d85af41f99a1a6a7dc89e32512b1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc
d384f44a80c581a8bc4eaa797e89471744206743c9ba9cd1c889020fa71a085d
d548d1205700925bbe9816591f74ff101f4e590fdc098d67c4256c8a16e2c70a
d9a38c28b5fa3e0c25e08321fa3f496524f4034bd1be9c9f83ef0165cb920255
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0a069cfa2640a6aa77d8cef1f436cdae102ba2ada68a29f1b9c3223c804dbbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47a27d91c2487289d6607ee10d7cb7b31944a5ed3ff5ffc86ec8526e9374af0
e4dde88cb60ed88aed07a5fb3ea6bcb3dd22b9dfb335ef84a11e1cf7e41e98e1
e62520b5dfa269873d8a80d515353b5b874e30330e51025a17209cadbdaf9c19
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef543d178ff58f0265fd09ec0eae0616d0e7d526e4263bb5faf166e5bba4fb2d
f0951a64df50b284305037a7d7603ad6dc669654d79740455feb3c7d37dd3b05
f1f3fd9aa5d2f2ecb632ad80ec2f1ba327594d36088e6f26a56f811db239db50
f50cc663449462859420593b729f41a1ff3638b4461de30050d6adbc507f2602
fab90b20a6be53c102880f2f8ab5e73e7bd5848490bb42745de18a576d13fdd3