quiz.creditis.com.br Open in urlscan Pro
2606:4700:3030::ac43:c174 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://quiz.creditis.com.br/
Submission: On January 06 via api (January 6th 2023, 12:05:11 am UTC) from JP — Scanned from JP

Summary HTTP 158 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 24 IPs in 8 countries across 36 domains to perform 158 HTTP transactions. The main IP is 2606:4700:3030::ac43:c174, located in United States and belongs to CLOUDFLARENET, US. The main domain is quiz.creditis.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 11th 2022. Valid for: a year.

This is the only time quiz.creditis.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3030::ac43:c174	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2404:6800:400... 2404:6800:4004:801::2002	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:826::2008	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:80b::200e	15169 (GOOGLE) (GOOGLE)
23	2404:6800:400... 2404:6800:4004:821::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4008:c01::9d	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:811::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:820::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:80a::2002	15169 (GOOGLE) (GOOGLE)
2 9	2404:6800:400... 2404:6800:4004:826::2004	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:826::2003	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:81e::200a	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4004:822::2003	15169 (GOOGLE) (GOOGLE)
34	2404:6800:400... 2404:6800:4004:824::2001	15169 (GOOGLE) (GOOGLE)
2 4	172.217.174.102 172.217.174.102	15169 (GOOGLE) (GOOGLE)
3 3	52.220.190.50 52.220.190.50	16509 (AMAZON-02) (AMAZON-02)
1 30	142.251.42.130 142.251.42.130	15169 (GOOGLE) (GOOGLE)
1 1	202.232.238.37 202.232.238.37	2497 (IIJ Inter...) (IIJ Internet Initiative Japan Inc.)
1 1	18.177.11.95 18.177.11.95	16509 (AMAZON-02) (AMAZON-02)
1 1	2406:da18:929... 2406:da18:929:5a00:6830:e0b:9bd7:2183	16509 (AMAZON-02) (AMAZON-02)
2 2	18.179.190.27 18.179.190.27	16509 (AMAZON-02) (AMAZON-02)
3 3	185.84.60.23 185.84.60.23	198622 (ADFORM) (ADFORM)
2 2	18.182.177.8 18.182.177.8	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4006:813::2003	15169 (GOOGLE) (GOOGLE)
1 1	2404:6800:400... 2404:6800:4004:813::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:2b::7	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
3 3	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3 3	74.118.186.44 74.118.186.44	26120 (RHYTHMONE) (RHYTHMONE)
1 1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
2 2	64.74.236.63 64.74.236.63	19024 (INTERNAP-...) (INTERNAP-BLK5)
2 2	103.43.90.21 103.43.90.21	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2404:6800:400... 2404:6800:4004:813::2003	15169 (GOOGLE) (GOOGLE)
1 1	54.81.22.167 54.81.22.167	14618 (AMAZON-AES) (AMAZON-AES)
2 3	51.79.234.100 51.79.234.100	16276 (OVH) (OVH)
2 2	52.223.2.229 52.223.2.229	16509 (AMAZON-02) (AMAZON-02)
2 2	23.219.68.21 23.219.68.21	4230 (CLARO S.A.) (CLARO S.A.)
1 1	18.177.208.182 18.177.208.182	16509 (AMAZON-02) (AMAZON-02)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
158	24

7 2606:4700:3030::ac43:c174 (United States)

ASN13335 (CLOUDFLARENET, US)

quiz.creditis.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2404:6800:4004:801::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:826::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:80b::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2404:6800:4004:821::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c01::9d (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:811::2002 (Australia)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:80a::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4004:826::2004 (Australia) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:826::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:81e::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:822::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2404:6800:4004:824::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.174.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s28-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.220.190.50 (Singapore) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-190-50.ap-southeast-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 142.251.42.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.232.238.37 (Itabashi-ku, Japan) 1 redirects

ASN2497 (IIJ Internet Initiative Japan Inc., JP)

sync.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.177.11.95 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-11-95.ap-northeast-1.compute.amazonaws.com

cs.r-ad.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da18:929:5a00:6830:e0b:9bd7:2183 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.179.190.27 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-190-27.ap-northeast-1.compute.amazonaws.com

dynalyst-sync.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.84.60.23 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.182.177.8 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-177-8.ap-northeast-1.compute.amazonaws.com

ds.uncn.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4006:813::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:813::200e (Australia) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:2b::7 (Australia)

ASN15169 (GOOGLE, US)

r2---sn-oguelnzs.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.12.39 (Tokyo, Japan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.118.186.44 (Singapore) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.63 (United States) 2 redirects

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.43.90.21 (Singapore) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:813::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.81.22.167 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-22-167.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.79.234.100 (Singapore) 2 redirects

ASN16276 (OVH, FR)
PTR: ip100.ip-51-79-234.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.2.229 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.219.68.21 (Tokyo, Japan) 2 redirects

ASN4230 (CLARO S.A., BR)
PTR: a23-219-68-21.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.177.208.182 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-208-182.ap-northeast-1.compute.amazonaws.com

v9999.adv.admeme.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.127.253.7 (Tappahannock, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.65 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 tpc.googlesyndication.com — Cisco Umbrella Rank: 187	627 KB
52	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 stats.g.doubleclick.net — Cisco Umbrella Rank: 179 ad.doubleclick.net — Cisco Umbrella Rank: 214 cm.g.doubleclick.net — Cisco Umbrella Rank: 321	225 KB
11	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	159 KB
11	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 16	2 KB
7	creditis.com.br quiz.creditis.com.br	81 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	236 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	4 KB
4	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 34264 www.google.co.jp — Cisco Umbrella Rank: 12912	1 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 1025	832 B
3	openx.net 3 redirects rtb.openx.net — Cisco Umbrella Rank: 2379	646 B
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 871	2 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 1172	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	191 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3224 onesignal.com — Cisco Umbrella Rank: 951	71 KB
2	id5-sync.com 2 redirects id5-sync.com — Cisco Umbrella Rank: 522	3 KB
2	inmobi.com 2 redirects sync.inmobi.com — Cisco Umbrella Rank: 1643	1 KB
2	media.net 2 redirects cs.media.net — Cisco Umbrella Rank: 2232	2 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 497	959 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 670	3 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 775	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 791	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 411	2 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1178 s.tribalfusion.com — Cisco Umbrella Rank: 2747	1 KB
2	gvt1.com 1 redirects redirector.gvt1.com — Cisco Umbrella Rank: 2955 r2---sn-oguelnzs.gvt1.com	1 MB
2	uncn.jp 2 redirects ds.uncn.jp — Cisco Umbrella Rank: 19942	1 KB
2	adtdp.com 2 redirects dynalyst-sync.adtdp.com — Cisco Umbrella Rank: 53458	922 B
1	e-volution.ai rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 6315	233 B
1	admeme.net 1 redirects v9999.adv.admeme.net — Cisco Umbrella Rank: 16233	305 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 1014	694 B
1	bluevoox.com 1 redirects im.bluevoox.com — Cisco Umbrella Rank: 13696	576 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1675	632 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 723	715 B
1	r-ad.ne.jp 1 redirects cs.r-ad.ne.jp — Cisco Umbrella Rank: 55605	684 B
1	fout.jp 1 redirects sync.fout.jp — Cisco Umbrella Rank: 35793	665 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1011	698 B
158	36

	Domain	Requested by
34	tpc.googlesyndication.com	googleads.g.doubleclick.net quiz.creditis.com.br tpc.googlesyndication.com pagead2.googlesyndication.com
30	cm.g.doubleclick.net	1 redirects quiz.creditis.com.br googleads.g.doubleclick.net
19	pagead2.googlesyndication.com	quiz.creditis.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googletagmanager.com quiz.creditis.com.br googleads.g.doubleclick.net
9	www.google.com	2 redirects quiz.creditis.com.br googleads.g.doubleclick.net tpc.googlesyndication.com
7	www.gstatic.com	googleads.g.doubleclick.net
7	quiz.creditis.com.br	quiz.creditis.com.br
5	www.googletagservices.com	googleads.g.doubleclick.net
4	ad.doubleclick.net	2 redirects googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	onetag-sys.com	2 redirects
3	rtb.openx.net	3 redirects
3	c1.adform.net	3 redirects
3	pm.w55c.net	3 redirects
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	quiz.creditis.com.br www.googletagmanager.com
2	id5-sync.com	2 redirects
2	sync.inmobi.com	2 redirects
2	cs.media.net	2 redirects
2	eb2.3lift.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	secure.adnxs.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	sync.1rx.io	2 redirects
2	x.bidswitch.net	2 redirects
2	csi.gstatic.com	www.gstatic.com
2	ds.uncn.jp	2 redirects
2	dynalyst-sync.adtdp.com	2 redirects
2	www.google.co.jp	quiz.creditis.com.br
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.jp	pagead2.googlesyndication.com
2	cdn.onesignal.com	quiz.creditis.com.br cdn.onesignal.com
1	rtb2-useast.e-volution.ai	googleads.g.doubleclick.net
1	v9999.adv.admeme.net	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	im.bluevoox.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	r2---sn-oguelnzs.gvt1.com	googleads.g.doubleclick.net
1	redirector.gvt1.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	cs.r-ad.ne.jp	1 redirects
1	sync.fout.jp	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	onesignal.com	cdn.onesignal.com
158	47

This site contains links to these domains. Also see Links.

Domain
creditis.com.br

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-10-11` - `2023-10-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.e-volution.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-29` - `2023-10-30`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://quiz.creditis.com.br/
Frame ID: 5358183E2A09B6E0914912F4EF9BA55C
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html
Frame ID: 1079C12A037FC1365BA38E3A28767446
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1284532310232457&output=html&adk=293675617&adf=814277786&lmt=1672963506&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fquiz.creditis.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672963506625&bpp=4&bdt=1436&idt=234&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1997113556880&frm=20&pv=2&ga_vid=1995572288.1672963507&ga_sid=1672963507&ga_hid=318244986&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2598253615014856&tmod=1093264718&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20230103&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=250
Frame ID: CD05563FC014AD3E2A4C9325A0AEF6B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1284532310232457&output=html&h=280&slotname=2057537106&adk=3783351431&adf=2870813758&pi=t.ma~as.2057537106&w=1200&fwrn=4&fwrnh=100&lmt=1672963506&rafmt=1&format=1200x280&url=https%3A%2F%2Fquiz.creditis.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672963506629&bpp=2&bdt=1440&idt=251&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1997113556880&frm=20&pv=1&ga_vid=1995572288.1672963507&ga_sid=1672963507&ga_hid=318244986&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2598253615014856&tmod=1093264718&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&alvm=r20230103&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8QBuIrQ7IY&p=https%3A//quiz.creditis.com.br&dtd=255
Frame ID: 4973215DFD608CF111F6F176A9E2DAE5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1284532310232457&output=html&h=280&adk=252081522&adf=2792719854&pi=t.aa~a.526341454~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672963507&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3830565116&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fquiz.creditis.com.br%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672963507782&bpp=1&bdt=2593&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D96548ce88a9d9ded-2280a9dc2bd90093%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaRFj89t7KU6_ggls74b3JKXlKtYg&gpic=UID%3D00000b9eb75307d5%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaLWr8QqL35ZM1wy7qbc0wjwPIZDQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=1997113556880&frm=20&pv=1&ga_vid=1995572288.1672963507&ga_sid=1672963507&ga_hid=318244986&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1435&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2598253615014856&tmod=1093264718&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20230103&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=5eXJKIw8uk&p=https%3A//quiz.creditis.com.br&dtd=5
Frame ID: 15A91CD496BFF68783E9BD6630E6E6C1
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1284532310232457&output=html&h=280&adk=3036045525&adf=3964850271&pi=t.aa~a.3559513600~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1672963507&rafmt=1&to=qs&pwprc=3830565116&format=1200x280&url=https%3A%2F%2Fquiz.creditis.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672963507794&bpp=1&bdt=2605&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D96548ce88a9d9ded-2280a9dc2bd90093%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaRFj89t7KU6_ggls74b3JKXlKtYg&gpic=UID%3D00000b9eb75307d5%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaLWr8QqL35ZM1wy7qbc0wjwPIZDQ&prev_fmts=0x0%2C1200x280%2C1110x280&nras=3&correlator=1997113556880&frm=20&pv=1&ga_vid=1995572288.1672963507&ga_sid=1672963507&ga_hid=318244986&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2598253615014856&tmod=1093264718&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20230103&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=DN0oeyvwxO&p=https%3A//quiz.creditis.com.br&dtd=6
Frame ID: FD3F79B48A9D4C72E97E876EABFF8888
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1284532310232457&output=html&h=90&adk=894380781&adf=1986100267&pi=t.aa~a.3559513600~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1672963507&rafmt=1&to=qs&pwprc=3830565116&format=1200x90&url=https%3A%2F%2Fquiz.creditis.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672963507794&bpp=1&bdt=2605&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D96548ce88a9d9ded-2280a9dc2bd90093%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaRFj89t7KU6_ggls74b3JKXlKtYg&gpic=UID%3D00000b9eb75307d5%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaLWr8QqL35ZM1wy7qbc0wjwPIZDQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1200x280&nras=4&correlator=1997113556880&frm=20&pv=1&ga_vid=1995572288.1672963507&ga_sid=1672963507&ga_hid=318244986&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2598253615014856&tmod=1093264718&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20230103&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=TpY1cvdK3c&p=https%3A//quiz.creditis.com.br&dtd=9
Frame ID: 6903222250FA71AFB73A370A32F11C34
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1
Frame ID: C4CA6D930EA653D981BC58B08226BAF1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1
Frame ID: CE46F5273EE3C7CEA05A0C9517C62EBF
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/index.html
Frame ID: A00960A091E7DF0467C1B1EBAC345300
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 55F481C8AD5EE352F8A3DA354E5532BB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 799B5A9C06C41441D92BBE7099AE2CD8
Requests: 9 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/69c1ef8cd6705b780c90575bfa06206f.js?tag=client_fast_engine_2019
Frame ID: 090F52B7266B171DBAC8EF4CF51E051A
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D8EAC25ECD1F508495429CD64A135350
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/index.html
Frame ID: B9D312A84C6A28D1276A377143F54F67
Requests: 7 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27446558.331480228;dc_pre=CI_GgN3SsfwCFThVDwId_20OJA;dc_trk_aid=523338654;dc_trk_cid=168505845;ord=1373447304;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Frame ID: CEE3CFCE6E70DBF7BE7EFCA61010B772
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8B6E962FA606AFB217AF3F824E101051
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 847FB0E1081002EC4E83504F907701B0
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EA3E650FC73B3FE8D7E63D6F77D04E3B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Frame ID: AED848ACE2EA8A18B925AF05EE2251B8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Frame ID: EE3A184209D560A37340F750EC2557B0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Frame ID: D865B88FC8A1B60AD9A2A076970CFD99
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D1AFB30519AB6C3F295A68FF4747596B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 30C71F05932F417207BFC7DD943ED3D5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Encontre Seu Cartão de Crédito

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

158
Requests

80 %
HTTPS

49 %
IPv6

36
Domains

47
Subdomains

24
IPs

8
Countries

2880 kB
Transfer

6035 kB
Size

44
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://creditis.com.br/politica-de-privacidade
Title: Garantias de privacidade

Search URL Search Domain Scan URL

URL: https://creditis.com.br/termos
Title: Termos de uso

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27446558.331480228;dc_trk_aid=523338654;dc_trk_cid=168505845;ord=3741834588;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27446558.331480228;dc_pre=CL_Q9NzSsfwCFSlADwIdBbcPCg;dc_trk_aid=523338654;dc_trk_cid=168505845;ord=3741834588;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 52

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOSGw-JCriLASrMbJ33Kc-o&google_cver=1&google_push=AavPq0NytxKW7Ky6puKBT0e7XRvoCHsoqkRDmnh0Yeg6H1DFGHLlDn1hoqL5CYdlss3ZQrfzdFEumVcfVCfW-rgm1CsV1C_8k9_5XCk HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOSGw-JCriLASrMbJ33Kc-o&google_cver=1&google_push=AavPq0NytxKW7Ky6puKBT0e7XRvoCHsoqkRDmnh0Yeg6H1DFGHLlDn1hoqL5CYdlss3ZQrfzdFEumVcfVCfW-rgm1CsV1C_8k9_5XCk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MUtZZTl4ZVQxUGRBZW81&google_gid=CAESEOSGw-JCriLASrMbJ33Kc-o&google_cver=1&google_push=AavPq0NytxKW7Ky6puKBT0e7XRvoCHsoqkRDmnh0Yeg6H1DFGHLlDn1hoqL5CYdlss3ZQrfzdFEumVcfVCfW-rgm1CsV1C_8k9_5XCk

Request Chain 53

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEPcZ5bua1bl50iSIMEOZIa8&google_cver=1&google_push=AavPq0PId32PhBzqh54vKEPXU8RS_b-SuAWB7vE-HrLQQyN0YqPkZ4X0OoxRExYaxYYFnvNaj7fyLwqsSd3VJ_oKR3jx3uRSLfGzfmIK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AavPq0PId32PhBzqh54vKEPXU8RS_b-SuAWB7vE-HrLQQyN0YqPkZ4X0OoxRExYaxYYFnvNaj7fyLwqsSd3VJ_oKR3jx3uRSLfGzfmIK&google_hm=X0lJeUNIQjJCVzBGQTVYVWhxRmVLdEVsOEhj&from_google=sp1

Request Chain 54

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESECSyzKavUHKhm6H4ijg1N4Y&google_cver=1&google_push=AavPq0MOlTDLZKNgb5t-7f8VU79rkpO-mjhN_DP5-nDJL2KKUo0hDchCcW-sHFGLg0KvZ_EoCYCGaI39lUfzLYLllV1IXW4Xs_tP9vqQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AavPq0MOlTDLZKNgb5t-7f8VU79rkpO-mjhN_DP5-nDJL2KKUo0hDchCcW-sHFGLg0KvZ_EoCYCGaI39lUfzLYLllV1IXW4Xs_tP9vqQ&google_hm=NTJKMDU3MDE0QkRHYTAwN0YyOU8

Request Chain 55

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECcm3Qt8WiPL-Nrq38gDKPc&google_cver=1&google_push=AavPq0M8qn86jMVaTgZLT0mFRo7G2ZbCASh0kdtX5CfkdqJxXZY2j459nCJRn9oAX8tBYxFw38nr24nSY2Fb50D_SgeXlQ6SLieBw-Rl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0M8qn86jMVaTgZLT0mFRo7G2ZbCASh0kdtX5CfkdqJxXZY2j459nCJRn9oAX8tBYxFw38nr24nSY2Fb50D_SgeXlQ6SLieBw-Rl&google_hm=eS1NazJWRFJ4RTJwSGtObzVVdTE2Nkw4Qk9oVHpTclRWRH5B

Request Chain 56

https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEOujc2SUMQsqvBcP695ZJQ0&google_cver=1&google_push=AavPq0OhKDGifdyPYXxXTSNsv1e_nPOZsaga1sa6TDLgeZjoKj7B92vrvaHppGiU294UK-z0jeTH-r7f_js0a6XHdZI82JXrcu9OJd1F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=OTk3NTEyMjUzOA&google_push=AavPq0OhKDGifdyPYXxXTSNsv1e_nPOZsaga1sa6TDLgeZjoKj7B92vrvaHppGiU294UK-z0jeTH-r7f_js0a6XHdZI82JXrcu9OJd1F

Request Chain 57

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOREL6PDkItLAUFJt4tQQqk&google_cver=1&google_push=AavPq0PHCw-WXXRbfsWQ5FBEigNntsk9SIioQGboF_N4erSV_0VuAuM9E50_BI0_fLvSVLsKigZrVKbRyYXrYBkp80ETPUU3vmGlDpW3 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOREL6PDkItLAUFJt4tQQqk&google_cver=1&google_push=AavPq0PHCw-WXXRbfsWQ5FBEigNntsk9SIioQGboF_N4erSV_0VuAuM9E50_BI0_fLvSVLsKigZrVKbRyYXrYBkp80ETPUU3vmGlDpW3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQ1MDMwMDkxMTI4MjgxMDczNg&google_push=AavPq0PHCw-WXXRbfsWQ5FBEigNntsk9SIioQGboF_N4erSV_0VuAuM9E50_BI0_fLvSVLsKigZrVKbRyYXrYBkp80ETPUU3vmGlDpW3

Request Chain 58

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESELGgyyOjUJOQX9ak0xghWvw&google_cver=1&google_push=AavPq0NuRZi3ktG56e5ntUMrAchzm90cIbQRfIuWK3vxTFnFCOJB4_BpUrJZKPtZ-F1IfJFUG44EXJG3aoCofgkWr4UGMo9WHTwC073C HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AavPq0NuRZi3ktG56e5ntUMrAchzm90cIbQRfIuWK3vxTFnFCOJB4_BpUrJZKPtZ-F1IfJFUG44EXJG3aoCofgkWr4UGMo9WHTwC073C&google_hm=AT9XDOsWSEkKjWrGGwBPba0

Request Chain 60

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 81

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27446558.331480228;dc_trk_aid=523338654;dc_trk_cid=168505845;ord=1373447304;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27446558.331480228;dc_pre=CI_GgN3SsfwCFThVDwId_20OJA;dc_trk_aid=523338654;dc_trk_cid=168505845;ord=1373447304;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 103

https://redirector.gvt1.com/videoplayback?id=d5ce2b4e00d4c57f&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1672970707&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=AF17B23E57141D46A668E5997C084D6F61A005D1.5C548281BBA4E39DCA2A98C1614209B0E0CEB233&key=ck2 HTTP 302
https://r2---sn-oguelnzs.gvt1.com/videoplayback?id=d5ce2b4e00d4c57f&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1672970707&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=4253B4179BF76570496EEFD1EFD91A06214DE72B.65768A58B32EB76925DD4E681FC958279BF93837&key=cms1&cms_redirect=yes&mh=VV&mip=2a00:1633:128:4::4&mm=28&mn=sn-oguelnzs&ms=nvh&mt=1672962013&mv=u&mvi=2&pl=32

Request Chain 116

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPl-TA-O4PtQGV5QSmeQ92s&google_cver=1&google_push=AavPq0M0C_Y5GvIxQhlneaa3Un-36gXNAUSZNAnX-yapzbseCooIptSaAyOXE71IdsmOCbcx7mXhSjU9p6fT6SzmWfLCGQNA5Du49VASIGh6c-HxBah9YVEzdDf_Xwxl47pnlvzauW55-7do1P7mjvgaTz4LYw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0M0C_Y5GvIxQhlneaa3Un-36gXNAUSZNAnX-yapzbseCooIptSaAyOXE71IdsmOCbcx7mXhSjU9p6fT6SzmWfLCGQNA5Du49VASIGh6c-HxBah9YVEzdDf_Xwxl47pnlvzauW55-7do1P7mjvgaTz4LYw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPl-TA-O4PtQGV5QSmeQ92s&google_cver=1&google_push=AavPq0M0C_Y5GvIxQhlneaa3Un-36gXNAUSZNAnX-yapzbseCooIptSaAyOXE71IdsmOCbcx7mXhSjU9p6fT6SzmWfLCGQNA5Du49VASIGh6c-HxBah9YVEzdDf_Xwxl47pnlvzauW55-7do1P7mjvgaTz4LYw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0M0C_Y5GvIxQhlneaa3Un-36gXNAUSZNAnX-yapzbseCooIptSaAyOXE71IdsmOCbcx7mXhSjU9p6fT6SzmWfLCGQNA5Du49VASIGh6c-HxBah9YVEzdDf_Xwxl47pnlvzauW55-7do1P7mjvgaTz4LYw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 117

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEHnHM5zAKNmXf3nyv1ed9IQ&google_cver=1&google_push=AavPq0PFSF-UsPmqA2Pl-mtEbtcueEkSRe-y3R9szNvZxeA8DNPP7zH00mPghhaLGTt_72ytMBj9lXYUCU-vI2ebD8F1d-_xQM_Qgom1Qc1Hb49v-Sbk4uSijFTYv2X2hhdM-hwK2wL4ti7XIdnjqGIPM8I6VA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEHnHM5zAKNmXf3nyv1ed9IQ&google_cver=1&google_push=AavPq0PFSF-UsPmqA2Pl-mtEbtcueEkSRe-y3R9szNvZxeA8DNPP7zH00mPghhaLGTt_72ytMBj9lXYUCU-vI2ebD8F1d-_xQM_Qgom1Qc1Hb49v-Sbk4uSijFTYv2X2hhdM-hwK2wL4ti7XIdnjqGIPM8I6VA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AavPq0PFSF-UsPmqA2Pl-mtEbtcueEkSRe-y3R9szNvZxeA8DNPP7zH00mPghhaLGTt_72ytMBj9lXYUCU-vI2ebD8F1d-_xQM_Qgom1Qc1Hb49v-Sbk4uSijFTYv2X2hhdM-hwK2wL4ti7XIdnjqGIPM8I6VA&google_hm=Vju0lc6oQ1ewNfoUrDqaxA==

Request Chain 118

https://rtb.openx.net/sync/dds?google_gid=CAESEFE3OD5qv8XYLLpkhqDWS2E&google_cver=1&google_push=AavPq0O_698qICdeP5Fo3PqSJcteMQOo0u_GytBBnyAAhQBzstGiiUPnnm7rcVevB1drOV8wJvpxcLyswT3QH1AmD9XFO5zKBxFxrwV3c1chFJrzty9zFPFEFNsVSU7gVE6nJx4cjG6J3ukvM0xow0Gms9FW3A HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEFE3OD5qv8XYLLpkhqDWS2E&google_cver=1&google_push=AavPq0O_698qICdeP5Fo3PqSJcteMQOo0u_GytBBnyAAhQBzstGiiUPnnm7rcVevB1drOV8wJvpxcLyswT3QH1AmD9XFO5zKBxFxrwV3c1chFJrzty9zFPFEFNsVSU7gVE6nJx4cjG6J3ukvM0xow0Gms9FW3A&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0O_698qICdeP5Fo3PqSJcteMQOo0u_GytBBnyAAhQBzstGiiUPnnm7rcVevB1drOV8wJvpxcLyswT3QH1AmD9XFO5zKBxFxrwV3c1chFJrzty9zFPFEFNsVSU7gVE6nJx4cjG6J3ukvM0xow0Gms9FW3A&google_hm=uNFLiG2fxsUStpwIQ0yJ9A==

Request Chain 119

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEFgbdzEDQ9gyZOGaAEtN3NE&google_cver=1&google_push=AavPq0NLCnv65SF9H-gjueA2F4LLuUUL5czbQTiv2vDCOMXiKLLJba_Hpew2V00-1pq4DCBDEOfgkitzHSTGZZy2Ku9yfgSmtmi5Gssgvme_eC4R1GLxJhHDKWRc4WwqdghOoPwNbv4UtzIuDE3E1ULp7z5TpQ HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0NLCnv65SF9H-gjueA2F4LLuUUL5czbQTiv2vDCOMXiKLLJba_Hpew2V00-1pq4DCBDEOfgkitzHSTGZZy2Ku9yfgSmtmi5Gssgvme_eC4R1GLxJhHDKWRc4WwqdghOoPwNbv4UtzIuDE3E1ULp7z5TpQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1672963508437 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-ccc080c2-1238-4bfc-9318-c06d4ea10ffe-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0NLCnv65SF9H-gjueA2F4LLuUUL5czbQTiv2vDCOMXiKLLJba_Hpew2V00-1pq4DCBDEOfgkitzHSTGZZy2Ku9yfgSmtmi5Gssgvme_eC4R1GLxJhHDKWRc4WwqdghOoPwNbv4UtzIuDE3E1ULp7z5TpQ%26google_hm%3DBMzAgMISOEv8kxjAbU6hD_4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NLCnv65SF9H-gjueA2F4LLuUUL5czbQTiv2vDCOMXiKLLJba_Hpew2V00-1pq4DCBDEOfgkitzHSTGZZy2Ku9yfgSmtmi5Gssgvme_eC4R1GLxJhHDKWRc4WwqdghOoPwNbv4UtzIuDE3E1ULp7z5TpQ&google_hm=BMzAgMISOEv8kxjAbU6hD_4

Request Chain 120

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEIaJu4RA3BP49E9qlca7GVM&google_cver=1&google_push=AavPq0N5qrkRY2JHwV5GpFA9SouBdZo60fQ_5N4oFDSgPB0q2dsyc0GotB_NM1IQo2rCAWd5QqePennHENKq87K5dj40y1isCKis9NoKk0vt_b0oq7w_z0RoB--vitwgeWBpJwca9ky8gYnAi1JuCr6AR-siSlM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AavPq0N5qrkRY2JHwV5GpFA9SouBdZo60fQ_5N4oFDSgPB0q2dsyc0GotB_NM1IQo2rCAWd5QqePennHENKq87K5dj40y1isCKis9NoKk0vt_b0oq7w_z0RoB--vitwgeWBpJwca9ky8gYnAi1JuCr6AR-siSlM&google_hm=QlMuYjM2Ni00YTAxLTQxMTQtOGQ1Yg==

Request Chain 121

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESELZjNZ5kZD7cmqPpRtJ-4vg&google_cver=1&google_push=AavPq0OA83c7prlk-0MqfjWGOFTJHPjQOWO3TBT7VTW1xB7RDUkekwRW_CeT-O2zVbJj1-IABtlxqn2yXHjinry5sVz9CvZ8h_y87yL2N1LTyrzSSM6laHCjt_9kQqn7bZ9KTbWJdF8XxP5QTaRUVHWSBSSF4w HTTP 302
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESELZjNZ5kZD7cmqPpRtJ-4vg&google_push=AavPq0OA83c7prlk-0MqfjWGOFTJHPjQOWO3TBT7VTW1xB7RDUkekwRW_CeT-O2zVbJj1-IABtlxqn2yXHjinry5sVz9CvZ8h_y87yL2N1LTyrzSSM6laHCjt_9kQqn7bZ9KTbWJdF8XxP5QTaRUVHWSBSSF4w&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AavPq0OA83c7prlk-0MqfjWGOFTJHPjQOWO3TBT7VTW1xB7RDUkekwRW_CeT-O2zVbJj1-IABtlxqn2yXHjinry5sVz9CvZ8h_y87yL2N1LTyrzSSM6laHCjt_9kQqn7bZ9KTbWJdF8XxP5QTaRUVHWSBSSF4w&google_hm=WS1nT01pRWxyVTBoVnc5eFAtVVc=

Request Chain 122

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJmoEVGSEK9osRimJXbdcw0&google_cver=1&google_push=AavPq0PF7n_73CLJogLQJ4BvG2ZE2nBAW-S-rSvyXo6KmFUY3CRcdiWvIw7aMABieO1OEYR0CmdrgOHLQLDyMO0zV3izDcrfku7357vkNgI7tkJs7d-qaGdHOLRAW8HLASXqcmtzpJavTlqt2svZKIW-pGRkiB0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEJmoEVGSEK9osRimJXbdcw0%26google_cver%3D1%26google_push%3DAavPq0PF7n_73CLJogLQJ4BvG2ZE2nBAW-S-rSvyXo6KmFUY3CRcdiWvIw7aMABieO1OEYR0CmdrgOHLQLDyMO0zV3izDcrfku7357vkNgI7tkJs7d-qaGdHOLRAW8HLASXqcmtzpJavTlqt2svZKIW-pGRkiB0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njc1NzY4ODY0NjMwMzkzMTY3NA%3D%3D&google_gid=CAESEJmoEVGSEK9osRimJXbdcw0&google_cver=1&google_push=AavPq0PF7n_73CLJogLQJ4BvG2ZE2nBAW-S-rSvyXo6KmFUY3CRcdiWvIw7aMABieO1OEYR0CmdrgOHLQLDyMO0zV3izDcrfku7357vkNgI7tkJs7d-qaGdHOLRAW8HLASXqcmtzpJavTlqt2svZKIW-pGRkiB0

Request Chain 132

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 134

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOREL6PDkItLAUFJt4tQQqk&google_cver=1&google_push=AavPq0MGp3oN45xjyHsJma2-oUtB7cUZEbr5nDlEkiKrQ27txUvBZQZRZjCVGmEv4s1RZLVk1vygXm3e4UP9Vc1fprejAHFtFvwXnarZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQ1MDMwMDkxMTI4MjgxMDczNg&google_push=AavPq0MGp3oN45xjyHsJma2-oUtB7cUZEbr5nDlEkiKrQ27txUvBZQZRZjCVGmEv4s1RZLVk1vygXm3e4UP9Vc1fprejAHFtFvwXnarZ

Request Chain 135

https://rtb.openx.net/sync/dds?google_gid=CAESEFE3OD5qv8XYLLpkhqDWS2E&google_cver=1&google_push=AavPq0PZ8g29FPjs85hV2JpnGrCNEimBjLuD9mtn6i5Vj0LIsK3ZdnTBsL36HS0p7Hdqr43B7HJj_A3XsFCac1l4bJWqGb2qneldkIwE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0PZ8g29FPjs85hV2JpnGrCNEimBjLuD9mtn6i5Vj0LIsK3ZdnTBsL36HS0p7Hdqr43B7HJj_A3XsFCac1l4bJWqGb2qneldkIwE&google_hm=uNFLiG2fxsUStpwIQ0yJ9A==

Request Chain 136

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHZcVorll7nETGGUoo2dIsA&google_cver=1&google_push=AavPq0OjSQw586HY5sjd2llRcbtP_Gk-4rKK2Bj4-AWritPGrKm-o4AaIx1xpyE62gfCt9E1AIYAjLfRbhObngLDG1s-jvz4ckK2Ga63 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=wjv2dN2tRyBSz5W460d6Yx_Mkac&google_push=AavPq0OjSQw586HY5sjd2llRcbtP_Gk-4rKK2Bj4-AWritPGrKm-o4AaIx1xpyE62gfCt9E1AIYAjLfRbhObngLDG1s-jvz4ckK2Ga63

Request Chain 137

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPgGJ87qcOz7dpLpLon5h7A&google_cver=1&google_push=AavPq0OM-xRPy0jc8I7t-GsG86jruUU5EZ73GuhwmUzJhEUgW_mBhPNAj50sLY-V2sQ9aUi4uVI7Y1bIiGgMqJWY964LRz73_3E7Ujyk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OM-xRPy0jc8I7t-GsG86jruUU5EZ73GuhwmUzJhEUgW_mBhPNAj50sLY-V2sQ9aUi4uVI7Y1bIiGgMqJWY964LRz73_3E7Ujyk

Request Chain 138

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENiNIkF_rVxE_qevhgpsEfs&google_cver=1&google_push=AavPq0M9nxnzubig5SL3qTjDCnJaASPdiIsxbi2XncIXqg1cnUbnoNUpNxO1rg4PUFguxvMJehcCJ9csgYZCZl5JP4-blqyXiFlfS_I HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0M9nxnzubig5SL3qTjDCnJaASPdiIsxbi2XncIXqg1cnUbnoNUpNxO1rg4PUFguxvMJehcCJ9csgYZCZl5JP4-blqyXiFlfS_I&google_gid=CAESENiNIkF_rVxE_qevhgpsEfs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY0MjE4NjI2MDAyOTUzNTIzODcxNA%3D%3D&google_push=AavPq0M9nxnzubig5SL3qTjDCnJaASPdiIsxbi2XncIXqg1cnUbnoNUpNxO1rg4PUFguxvMJehcCJ9csgYZCZl5JP4-blqyXiFlfS_I

Request Chain 139

https://cs.media.net/cksync?type=g&google_gid=CAESEBCHNMBRnAGgOgd1F-HMAs0&google_cver=1&google_push=AavPq0MaKm7wpM-vUxaqYQeyjSUL3vTbCU18_uLkJQzglJXa2amDn7leIx1RnnWQxMebvmwa4Pl5JCkuO1pRujzVDUkkMNcH0ZOUmQMd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE1OTY1MTA4MDAzMjc3NzAwMFYxMA%3d%3d&mn_hm=MzE1OTY1MTA4MDAzMjc3NzAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0MaKm7wpM-vUxaqYQeyjSUL3vTbCU18_uLkJQzglJXa2amDn7leIx1RnnWQxMebvmwa4Pl5JCkuO1pRujzVDUkkMNcH0ZOUmQMd&gdpr=&gdpr_consent=

Request Chain 140

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPgGJ87qcOz7dpLpLon5h7A&google_cver=1&google_push=AavPq0Pyvt1dw5yS8v20mToA_h7ZM0CKVh7Zrx5ta2Md_AHBPvG3y9OqBLe34Du15dGBsep8c8F7nyxXgfc_EehNvwME0-lkE0V93EeLsw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0Pyvt1dw5yS8v20mToA_h7ZM0CKVh7Zrx5ta2Md_AHBPvG3y9OqBLe34Du15dGBsep8c8F7nyxXgfc_EehNvwME0-lkE0V93EeLsw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 143

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOSGw-JCriLASrMbJ33Kc-o&google_cver=1&google_push=AavPq0OdptqLi7JCkrHeKBGIReX-X6qs_5Ocn7Pwsnw9CapyYGIPUfKgQuGz8EssiS-8oChJnA2Kj8dQN5o0Vg2fCLi9QcYh829L2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MUtZZTl4ZVQxUGRBZW81&google_gid=CAESEOSGw-JCriLASrMbJ33Kc-o&google_cver=1&google_push=AavPq0OdptqLi7JCkrHeKBGIReX-X6qs_5Ocn7Pwsnw9CapyYGIPUfKgQuGz8EssiS-8oChJnA2Kj8dQN5o0Vg2fCLi9QcYh829L2A

Request Chain 144

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEN5Ckn-zWtTIrlm5AiEVGgI&google_cver=1&google_push=AavPq0NRrfBm4dCBrE4muzqr78FE9HL19kDkCjotv7-Y6KZHIcjaJwAC7zOrxaKL_DTOcruyEShp_8WRN7oPpvSykXSKNrM14DYFvA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0NRrfBm4dCBrE4muzqr78FE9HL19kDkCjotv7-Y6KZHIcjaJwAC7zOrxaKL_DTOcruyEShp_8WRN7oPpvSykXSKNrM14DYFvA

Request Chain 145

https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEOujc2SUMQsqvBcP695ZJQ0&google_cver=1&google_push=AavPq0NlVNT2bDc-CIxRKlz4CyI6832tDpQdXajHK35_xPoDUHAfW97v3xCldPSiFB-MM2r64aXusZp6Tkgnd2HxIvURUQMPj2gy4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=OTk3NTEyMjUzOA&google_push=AavPq0NlVNT2bDc-CIxRKlz4CyI6832tDpQdXajHK35_xPoDUHAfW97v3xCldPSiFB-MM2r64aXusZp6Tkgnd2HxIvURUQMPj2gy4Q

Request Chain 146

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESELGgyyOjUJOQX9ak0xghWvw&google_cver=1&google_push=AavPq0NnPElwd-3X8hvDzM_NeS9UTfUR1Sy7CH2svHS60nLtT1F0mbK47KRN5xbihloYT78AOuKMgooageAUPdOmIOWBuQa3PgysTQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AavPq0NnPElwd-3X8hvDzM_NeS9UTfUR1Sy7CH2svHS60nLtT1F0mbK47KRN5xbihloYT78AOuKMgooageAUPdOmIOWBuQa3PgysTQ&google_hm=AT9XDOsWSEkKjWrGGwBPba0

Request Chain 147

https://cs.media.net/cksync?type=g&google_gid=CAESEBCHNMBRnAGgOgd1F-HMAs0&google_cver=1&google_push=AavPq0Ncf8MfAHnKIh8pVbAYCEzgKIACV2ygkP7lgf50SiXY57vAmICb1koiFSCju5lLDSr9srfgNUCnQujXYjaHZ8Z97DvUtrNwKoc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE1OTY1MTA4MDAzMjcyMjAwMFYxMA%3d%3d&mn_hm=MzE1OTY1MTA4MDAzMjcyMjAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0Ncf8MfAHnKIh8pVbAYCEzgKIACV2ygkP7lgf50SiXY57vAmICb1koiFSCju5lLDSr9srfgNUCnQujXYjaHZ8Z97DvUtrNwKoc&gdpr=&gdpr_consent=

Request Chain 149

https://sync.inmobi.com/gob?google_gid=CAESEOGBB2NUwC5wlZKI1l4AqWg&google_cver=1&google_push=AavPq0Oq_MW07IQJIHcD__96UzRu3QMzdCW4PhlKWdYDXVehDlkvB0GQE9rclRJnwQtBeeTbeN-JiIAyb4DnvpGQxdPytrkGYF_fLm-r HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAavPq0Oq_MW07IQJIHcD__96UzRu3QMzdCW4PhlKWdYDXVehDlkvB0GQE9rclRJnwQtBeeTbeN-JiIAyb4DnvpGQxdPytrkGYF_fLm-r HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.inmobi.com/gobRedirectFromId5?id=ID5-27884FQUXqXxvvhQTtn9Ot5LylDEbIhsMS4a4FpNcQ&google_push=AavPq0Oq_MW07IQJIHcD__96UzRu3QMzdCW4PhlKWdYDXVehDlkvB0GQE9rclRJnwQtBeeTbeN-JiIAyb4DnvpGQxdPytrkGYF_fLm-r HTTP 302
https://cm.g.doubleclick.net/pixel?google_hm=xTzanJwiBkUj4klFPNjt&google_push=AavPq0Oq_MW07IQJIHcD__96UzRu3QMzdCW4PhlKWdYDXVehDlkvB0GQE9rclRJnwQtBeeTbeN-JiIAyb4DnvpGQxdPytrkGYF_fLm-r&google_nid=inmobi_new_eb

158 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
quiz.creditis.com.br/ 18 KB
7 KB 2109ms
1427ms Document
text/html 2606:4700:3030::ac43:c174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://quiz.creditis.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:c174 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be5e09685d162984641a7764b2c49250f9c53746eaadeb57acf001ddb4ccd709

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7850332a89688087-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 06 Jan 2023 00:05:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYkmbHjkZDiw0xmVU9NofxehYhFl8F5XSudbh2pVYGa1gQxFSiAGgVH%2FsTs8mFnleDJugdllOUkFTTI9Nyk6c%2B9jXEQSgjioHXRaHMs3kAWQ3MYsd8znYPS5fpCLiH8MMwf43aCRhg5ejOBv8gxx1YFMcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0

GET
H2 200 bootstrap.css
quiz.creditis.com.br/assets/css/ 191 KB
24 KB 1211ms
1210ms Stylesheet
text/css 2606:4700:3030::ac43:c174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://quiz.creditis.com.br/assets/css/bootstrap.css?V=8117

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:c174 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41b649b16038518ccf96f9211a479b2d24cd108dd88841e0d5730bae01fd2597

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:06 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Thu, 05 Jan 2023 19:38:53 GMT
server: cloudflare
etag: W/"63b7274d-2fca8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkZzi6EajLcMkV6K%2Fwp5Vv%2BfVD9Y050htTd8aBZqVoYHrawa8wBDsw6LWR9zbnIAVErnkwy%2B0itHN%2F2THkVFNHamwScYBpbojmg5HGaiiUeWgOxnYTLwWBhhBDGgelg2j9qLVmRAAUR9mcmxq%2F5odh5Bew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=10368000, public
cf-ray: 785033337fd08087-NRT
expires: Sat, 06 May 2023 00:05:05 GMT

GET
H2 200 quiz.css
quiz.creditis.com.br/assets/css/ 36 KB
6 KB 912ms
912ms Stylesheet
text/css 2606:4700:3030::ac43:c174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://quiz.creditis.com.br/assets/css/quiz.css?V=8117

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:c174 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dff57589c2fb657b8cf883da2d687ad3a88ccc563935977339af0d47d00f04f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:06 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Thu, 05 Jan 2023 19:38:54 GMT
server: cloudflare
etag: W/"63b7274e-9004"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5KRybv9Sn0IJz0mjo3%2F0SmATuL53exWeKYUaNg8YVs7CGxCJi8UoKNyX%2F%2Bigm2co8j4M2hvI71HnxlAz6%2FEmQsyMFnrkvVFbQbFguAFLhVM0YAbDnbt5mvQYPyFRe1ifS%2B9uropaGMtWLeG%2FUpwrMggmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=10368000, public
cf-ray: 785033337fd28087-NRT
expires: Sat, 06 May 2023 00:05:05 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
quiz.creditis.com.br/assets/js/ 86 KB
31 KB 1228ms
1227ms Script
application/javascript 2606:4700:3030::ac43:c174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://quiz.creditis.com.br/assets/js/jquery-3.4.1.min.js

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:c174 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff4d8633a18c63028f5e0c8e4595f9daef318df1a632656939458a1919c4edb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:06 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Thu, 05 Jan 2023 19:38:53 GMT
server: cloudflare
etag: W/"63b7274d-1576d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9Ak7nWHPPa2rw5TtRabshnAjFZqwpta09ax66lEgTPJJyIYSemmSZAclMzmVwwLtzMh9uyGCho6rsDNETWhzoR2DKDvhSKIGqCtyHIA3vt2KArfeIqwl6Ga%2BKrZ8mLgukDHetZA7TBwgJASbkv8l16tag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=10368000, public
cf-ray: 785033337fd38087-NRT
expires: Sat, 06 May 2023 00:05:05 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 67ms
11ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:06 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 3452
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7850333b5cf5af87-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 09 Jan 2023 00:05:06 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 145ms
69ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1284532310232457

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df65c31ee0b25aca84707561d35885c784d9f3b4d30ebad22490e258af4be909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://quiz.creditis.com.br/
Origin: https://quiz.creditis.com.br
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49559
x-xss-protection: 0
server: cafe
etag: 17243051604178044694
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 Jan 2023 00:05:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
78 KB 93ms
55ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W08JLCY5Z7

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0a5ee6fab46dcbcaee7a3b161cf503381a29a82b5dde74aa5c2b57e6d2c3cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79624
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Jan 2023 00:05:06 GMT

GET
H3 200 logo-creditis.webp
quiz.creditis.com.br/img/ 3 KB
3 KB 913ms
912ms Image
image/webp 2606:4700:3030::ac43:c174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quiz.creditis.com.br/img/logo-creditis.webp

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:c174 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

074b3ffd900311a94251a76cef525d0ca36209b28fb2d71f01f6fc51be77249b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:07 GMT
strict-transport-security: max-age=0
cf-cache-status: BYPASS
last-modified: Fri, 02 Dec 2022 16:27:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "638a278c-af4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Ei7%2B7Snv7BHHI9YopivRx1DYZtUMRbMYX8Xs%2FJrh%2BNGIdy8rjuA5dGoxgx7DV%2BnA3A%2FBn9ET%2FYii9unhF%2FVOm9TYu0jr%2B4EWU5tGIDWXECEhqryjo%2BdC3gDngtH5F4j85fFb2SP2kQjgN9Z41542kbcxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7850333b3893261b-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2804

GET
H3 200 selo-ssl-1.webp
quiz.creditis.com.br/assets/img/ 4 KB
5 KB 310ms
309ms Image
image/webp 2606:4700:3030::ac43:c174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quiz.creditis.com.br/assets/img/selo-ssl-1.webp

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:c174 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

946e7993dee282b436df4cd16d37f9aee299549b093c60ffdb26340db59eb13f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:06 GMT
strict-transport-security: max-age=0
cf-cache-status: BYPASS
last-modified: Thu, 05 Jan 2023 19:38:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63b7274d-1148"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUeCci8rHoHpPhPdu0rH4%2BQSrlBfmsOJV%2BdScsnDTtsqjbs02l3WGZvj4r4qkt1fA6FGqIrUUdo75X%2Ba1Z99NJKUFJYqlg1x3Ig2lZNOqijE3g2nZRDv342M0DkX6DLSzkY%2BH2H7nAACfmqiFeqwmsEnSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7850333b3895261b-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4424

GET
H3 200 google.webp
quiz.creditis.com.br/assets/img/ 4 KB
5 KB 890ms
890ms Image
image/webp 2606:4700:3030::ac43:c174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quiz.creditis.com.br/assets/img/google.webp

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:c174 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cc1edb3b9def68f8e5831269bc9bbfcb0649b62cab26035c179beafc4ddc892

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:07 GMT
strict-transport-security: max-age=0
cf-cache-status: BYPASS
last-modified: Thu, 05 Jan 2023 19:38:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63b7274d-113c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GY1XgOumQkstcPvNXba%2F3jryFFeo2HMD7x3fcBRFT493wT%2FV9ZwgQ38RJGEPWmYH1khefLb%2BSzB5iRJ86cEzpkE4%2B8O813Jw99lVYKLbCPEwlbmf9yQXEhM4WuhKFKybNXpgdIQdB1hwryDd5HibPpCrKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7850333b3896261b-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4412

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 17ms
14ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:06 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 3447
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7850333b7be2e05a-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 09 Jan 2023 00:05:06 GMT

GET
H2 400 web
onesignal.com/api/v1/sync/52f5c061-d4a9-40e2-a851-dceff3140026/ 0
0 250ms
244ms Script
application/json 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/api/v1/sync/52f5c061-d4a9-40e2-a851-dceff3140026/web?callback=__jp0
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 83ms
44ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-206121558-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W08JLCY5Z7

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0fe23b1baf6aa708da115d0d8a9d2e672e0c280112623336cfc2b8aebc558293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45362
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Jan 2023 00:05:06 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
350 B 75ms
36ms Ping
text/plain 2404:6800:4004:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W08JLCY5Z7&gtm=2oe120&_p=318244986&cid=1995572288.1672963507&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672963506&sct=1&seg=0&dl=https%3A%2F%2Fquiz.creditis.com.br%2F&dt=Encontre%20Seu%20Cart%C3%A3o%20de%20Cr%C3%A9dito&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W08JLCY5Z7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:80b::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://quiz.creditis.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
69 KB 92ms
62ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10955033137&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W08JLCY5Z7

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b9e6fa35c8675ec9a5773fed40011d1a274cc472a517e3c4c0c39338b9cf9704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 70132
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Jan 2023 00:05:06 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 356 KB
117 KB 138ms
102ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1284532310232457

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b126661cbf5813261bbe1248ff4842b95a5ccb747cb8f1ce59ae50bf1ece279

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119958
x-xss-protection: 0
server: cafe
etag: 17606954834845447544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Jan 2023 00:05:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/ Frame 1079 10 KB
5 KB 40ms
2ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1284532310232457

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://quiz.creditis.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 8772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 21:38:54 GMT
etag: 10353107486223812946
expires: Thu, 19 Jan 2023 21:38:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 43ms
2ms Script
text/javascript 2404:6800:4004:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-206121558-2&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 22:40:08 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5098
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 06 Jan 2023 00:40:08 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10955033137/ 2 KB
923 B 86ms
46ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10955033137/?random=1672963506759&cv=11&fst=1672963506759&bg=ffffff&guid=ON&async=1&gtm=2oa120&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fquiz.creditis.com.br%2F&tiba=Encontre%20Seu%20Cart%C3%A3o%20de%20Cr%C3%A9dito&auid=963470257.1672963507&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10955033137&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e1229f98892b66dbc5471f497ac806a22acaea64a33e9ec7067c49e621ba143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 898
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 35ms
35ms XHR
text/plain 2404:6800:4004:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=318244986&t=pageview&_s=1&dl=https%3A%2F%2Fquiz.creditis.com.br%2F&ul=en-us&de=UTF-8&dt=Encontre%20Seu%20Cart%C3%A3o%20de%20Cr%C3%A9dito&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=85539703&gjid=1778712272&cid=1995572288.1672963507&tid=UA-206121558-2&_gid=193638200.1672963507&_r=1&gtm=2ou120&z=874619446

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://quiz.creditis.com.br/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://quiz.creditis.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
448 B 151ms
51ms XHR
text/plain 2404:6800:4008:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-206121558-2&cid=1995572288.1672963507&jid=85539703&gjid=1778712272&_gid=193638200.1672963507&_u=YADAAUAAAAAAACAAI~&z=1662657047

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c01::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://quiz.creditis.com.br/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 06 Jan 2023 00:05:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://quiz.creditis.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
698 B 82ms
41ms Script
text/javascript 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=quiz.creditis.com.br&callback=_gfp_s_&client=ca-pub-1284532310232457&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da3efb4b653b11894a8c7fc24460096f39e9e230aafd1a55bd3e491e3e3401c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 80ms
38ms Script
application/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=quiz.creditis.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 80ms
39ms Script
application/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=quiz.creditis.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CD05 340 KB
88 KB 838ms
837ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1284532310232457&output=html&adk=293675617&adf=814277786&lmt=1672963506&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fquiz.creditis.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672963506625&bpp=4&bdt=1436&idt=234&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1997113556880&frm=20&pv=2&ga_vid=1995572288.1672963507&ga_sid=1672963507&ga_hid=318244986&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2598253615014856&tmod=1093264718&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20230103&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=250

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51ecf51c046a82b05546f5d75f06e1ee4af1e33d3455631dddd84870b393c9e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://quiz.creditis.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 90204
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 00:05:07 GMT
expires: Fri, 06 Jan 2023 00:05:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4973 436 B
234 B 179ms
179ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1284532310232457&output=html&h=280&slotname=2057537106&adk=3783351431&adf=2870813758&pi=t.ma~as.2057537106&w=1200&fwrn=4&fwrnh=100&lmt=1672963506&rafmt=1&format=1200x280&url=https%3A%2F%2Fquiz.creditis.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672963506629&bpp=2&bdt=1440&idt=251&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1997113556880&frm=20&pv=1&ga_vid=1995572288.1672963507&ga_sid=1672963507&ga_hid=318244986&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2598253615014856&tmod=1093264718&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&alvm=r20230103&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8QBuIrQ7IY&p=https%3A//quiz.creditis.com.br&dtd=255

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df2190cd412cb2675373fe986d0b8656ada79449c75ff64473fa773033ca80b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://quiz.creditis.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 210
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 00:05:07 GMT
expires: Fri, 06 Jan 2023 00:05:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/10955033137/ 42 B
548 B 80ms
40ms Image
image/gif 2404:6800:4004:826::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10955033137/?random=1672963506759&cv=11&fst=1672963200000&bg=ffffff&guid=ON&async=1&gtm=2oa120&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fquiz.creditis.com.br%2F&tiba=Encontre%20Seu%20Cart%C3%A3o%20de%20Cr%C3%A9dito&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=727849361&rmt_tld=0&ipr=y

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.jp/pagead/1p-user-list/10955033137/ 42 B
548 B 80ms
43ms Image
image/gif 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/10955033137/?random=1672963506759&cv=11&fst=1672963200000&bg=ffffff&guid=ON&async=1&gtm=2oa120&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fquiz.creditis.com.br%2F&tiba=Encontre%20Seu%20Cart%C3%A3o%20de%20Cr%C3%A9dito&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=727849361&rmt_tld=1&ipr=y

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 43ms
41ms Image
image/gif 2404:6800:4004:826::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-206121558-2&cid=1995572288.1672963507&jid=85539703&_u=YADAAUAAAAAAACAAI~&z=476402794

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.jp/ads/ 42 B
63 B 78ms
39ms Image
image/gif 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-206121558-2&cid=1995572288.1672963507&jid=85539703&_u=YADAAUAAAAAAACAAI~&z=476402794

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 150 KB
51 KB 50ms
50ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3695eaa207ee12edf04cc20b26a5dfd9d64bd1d16ca288a4184a9a6b4e8816a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52349
x-xss-protection: 0
server: cafe
etag: 10718651757750085823
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Jan 2023 00:05:07 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
122 B 79ms
40ms Script
application/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=quiz.creditis.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 80ms
42ms Script
application/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=quiz.creditis.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 15A9 104 KB
35 KB 268ms
267ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1284532310232457&output=html&h=280&adk=252081522&adf=2792719854&pi=t.aa~a.526341454~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672963507&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3830565116&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fquiz.creditis.com.br%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672963507782&bpp=1&bdt=2593&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D96548ce88a9d9ded-2280a9dc2bd90093%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaRFj89t7KU6_ggls74b3JKXlKtYg&gpic=UID%3D00000b9eb75307d5%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaLWr8QqL35ZM1wy7qbc0wjwPIZDQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=1997113556880&frm=20&pv=1&ga_vid=1995572288.1672963507&ga_sid=1672963507&ga_hid=318244986&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1435&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2598253615014856&tmod=1093264718&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20230103&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=5eXJKIw8uk&p=https%3A//quiz.creditis.com.br&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a748ed7c8f7ae824a34325b79c2270ea342902a32d7f6ebcadff805eab3139d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://quiz.creditis.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 36160
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 00:05:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FD3F 104 KB
35 KB 258ms
257ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1284532310232457&output=html&h=280&adk=3036045525&adf=3964850271&pi=t.aa~a.3559513600~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1672963507&rafmt=1&to=qs&pwprc=3830565116&format=1200x280&url=https%3A%2F%2Fquiz.creditis.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672963507794&bpp=1&bdt=2605&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D96548ce88a9d9ded-2280a9dc2bd90093%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaRFj89t7KU6_ggls74b3JKXlKtYg&gpic=UID%3D00000b9eb75307d5%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaLWr8QqL35ZM1wy7qbc0wjwPIZDQ&prev_fmts=0x0%2C1200x280%2C1110x280&nras=3&correlator=1997113556880&frm=20&pv=1&ga_vid=1995572288.1672963507&ga_sid=1672963507&ga_hid=318244986&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2598253615014856&tmod=1093264718&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20230103&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=DN0oeyvwxO&p=https%3A//quiz.creditis.com.br&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9c7c16187a035c3db67c709f563f0ef3be9d797b7c7ec74d91367a6c37e45fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://quiz.creditis.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 36216
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 00:05:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6903 137 KB
45 KB 217ms
216ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1284532310232457&output=html&h=90&adk=894380781&adf=1986100267&pi=t.aa~a.3559513600~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1672963507&rafmt=1&to=qs&pwprc=3830565116&format=1200x90&url=https%3A%2F%2Fquiz.creditis.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672963507794&bpp=1&bdt=2605&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D96548ce88a9d9ded-2280a9dc2bd90093%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaRFj89t7KU6_ggls74b3JKXlKtYg&gpic=UID%3D00000b9eb75307d5%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaLWr8QqL35ZM1wy7qbc0wjwPIZDQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1200x280&nras=4&correlator=1997113556880&frm=20&pv=1&ga_vid=1995572288.1672963507&ga_sid=1672963507&ga_hid=318244986&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2598253615014856&tmod=1093264718&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20230103&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=TpY1cvdK3c&p=https%3A//quiz.creditis.com.br&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca1b20a3a02b8a9a5728c546e2a4f5d0d5b667eb719b11c4f55affa1d4c51e07

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIux7tzSsfwCFZFPDwIdGDQLTg&gqi=s2W3Y_ChM5ak2wTX_q3YCA&layout=/sadbundle/%24csp%253Der3%24/18216231906100725975/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://quiz.creditis.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 45811
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIux7tzSsfwCFZFPDwIdGDQLTg&gqi=s2W3Y_ChM5ak2wTX_q3YCA&layout=/sadbundle/%24csp%253Der3%24/18216231906100725975/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 00:05:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/ Frame C4CA 10 KB
4 KB 4ms
3ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://quiz.creditis.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 59324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 07:36:23 GMT
etag: 10353107486223812946
expires: Thu, 19 Jan 2023 07:36:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/ Frame CE46 10 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://quiz.creditis.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 59324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 07:36:23 GMT
etag: 10353107486223812946
expires: Thu, 19 Jan 2023 07:36:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame C4CA 4 KB
1 KB 78ms
40ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 06 Jan 2023 00:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 23:30:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Jan 2023 00:05:07 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C4CA 205 B
743 B 41ms
2ms Image
image/png 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 02:49:07 GMT
x-content-type-options: nosniff
age: 422160
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 01 Jan 2024 02:49:07 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C4CA 604 B
696 B 42ms
3ms Image
image/png 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 22:47:14 GMT
x-content-type-options: nosniff
age: 263873
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 02 Jan 2024 22:47:14 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/elements/html/ Frame C4CA 19 KB
8 KB 48ms
4ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51972b5bc3e0a6286b3b4f20004da5c1900cd569fb6432d8ac1033311b7d4ea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68893
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8195
x-xss-protection: 0
server: cafe
etag: 298254208257092395
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:56:54 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/ Frame A009 2 KB
3 KB 31ms
3ms Document
text/html 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/index.html

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26c26c00410752e553c9dc6365ae86b9a0902dae025afc5a917bc6c2b9d618e4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 24546
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 859
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 17:16:01 GMT
expires: Fri, 05 Jan 2024 17:16:01 GMT
last-modified: Wed, 16 Mar 2022 09:34:23 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3

200

B27446558.331480228;dc_pre=CL_Q9NzSsfwCFSlADwIdBbcPCg;dc_trk_aid=523338654;dc_trk_cid=168505845;ord=3741834588;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame CE46
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27446558.331480228;dc_trk_aid=523338654;dc_trk_cid=168505845;ord=3741834588;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27446558.331480228;dc_pre=CL_Q9NzSsfwCFSlADwIdBbcPCg;dc_trk_aid=523338654;dc_trk_cid=168505845;ord=3741834588;dc_lat=;dc_rdid=;tag...

42 B
63 B

95ms
56ms

Fetch
image/gif

172.217.174.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27446558.331480228;dc_pre=CL_Q9NzSsfwCFSlADwIdBbcPCg;dc_trk_aid=523338654;dc_trk_cid=168505845;ord=3741834588;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.174.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:07 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27446558.331480228;dc_pre=CL_Q9NzSsfwCFSlADwIdBbcPCg;dc_trk_aid=523338654;dc_trk_cid=168505845;ord=3741834588;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CE46 0
0 50ms
50ms Fetch
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C69O6smW3Y9zNN6afvcAPs5KN2AvZ3vX9bdT1n9eMENvZHhABIO30lWpgifPFhPQToAH0uL_FA8gBCagDAcgDSKoE0gFP0JM2nW8o9GHbxdF7-zia3fsMyaIjKhG112LVU51AtD_2uqEK3GXyKI65xTj7i6Ea5eKSY2LDZXtzOMUYuzMCQpSfwNE8g68oNmSqu9wwO4_zEfFw6p320EqN_MuZ5Sus5Mqr20Yv3v2A6-sxKcodjT8V5XkRjI96e1fRop44g31Px03Fvs7Q_zzRBs0c-HVZ2AbHW40pvzXz4FwvxIKJ9EAMxlnHCXnCP-YJDR5gYOSeRliTPF_qGnxyQZJPb8e_UXXUcaOBNutQgzGg7hNssa3ABLXYtZLvA5IFBAgEGAGSBQQIBRgEoAYugAeZ57KuAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPzCBNIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0xMjg0NTMyMzEwMjMyNDU3GAA&sigh=OlwLkr-k3Gk&uach_m=[UACH]&cid=CAQSKQDq26N9CJhMsx-XEGOPYwgu8xioZUMtWyXcRqmuZK5UtIUMBByu_2GXGAEgEw&template_id=419

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 06 Jan 2023 00:05:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame CE46 24 KB
9 KB 30ms
5ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:17:59 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame A009 6 KB
3 KB 48ms
7ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 10:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50342
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2568
x-xss-protection: 0
server: cafe
etag: 6734328975651772599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 06 Jan 2023 10:06:05 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A009 34 KB
13 KB 47ms
8ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 08:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 06 Jan 2023 08:27:50 GMT

GET
H3 200 lottie_light.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/ Frame A009 147 KB
41 KB 46ms
6ms Script
application/x-javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/lottie_light.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b989ef6e53e278a56abb90201c504c90c1b447f7e71eb35557e0e66b8de0a431

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 23:50:30 GMT
age: 877
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41971
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 09:34:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 05 Jan 2024 23:50:30 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 55F4 143 B
166 B 3ms
2ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 00:01:04 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame CE46 3 KB
1 KB 41ms
5ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:17:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 799B 1 KB
643 B 3ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 8027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 21:51:20 GMT
etag: 48472445140208031
expires: Fri, 06 Jan 2023 21:51:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame CE46 18 KB
7 KB 39ms
4ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:17:59 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 799B
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOSGw-JCriLASrMbJ33Kc-o&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOSGw-JCriLASrMbJ33Kc-o&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MUtZZTl4ZVQxUGRBZW81&google_gid=CAESEOSGw-JCriLASrMbJ33Kc-o&google_cver=1&google_push=AavPq0NytxKW7Ky6puKBT0e7XRvoCHsoqkRDmnh0Yeg6H1D...

170 B
188 B

45ms
45ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MUtZZTl4ZVQxUGRBZW81&google_gid=CAESEOSGw-JCriLASrMbJ33Kc-o&google_cver=1&google_push=AavPq0NytxKW7Ky6puKBT0e7XRvoCHsoqkRDmnh0Yeg6H1DFGHLlDn1hoqL5CYdlss3ZQrfzdFEumVcfVCfW-rgm1CsV1C_8k9_5XCk

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 00:05:08 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0eefe15c9b8b9941b@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MUtZZTl4ZVQxUGRBZW81&google_gid=CAESEOSGw-JCriLASrMbJ33Kc-o&google_cver=1&google_push=AavPq0NytxKW7Ky6puKBT0e7XRvoCHsoqkRDmnh0Yeg6H1DFGHLlDn1hoqL5CYdlss3ZQrfzdFEumVcfVCfW-rgm1CsV1C_8k9_5XCk
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 799B
Redirect Chain

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEPcZ5bua1bl50iSIMEOZIa8&google_cver=1&google_push=AavPq0PId32PhBzqh54vKEPXU8RS_b-SuAWB7vE-HrLQQyN0YqPkZ4X0OoxRExYaxYYFnvNaj7fyL...
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AavPq0PId32PhBzqh54vKEPXU8RS_b-SuAWB7vE-HrLQQyN0YqPkZ4X0OoxRExYaxYYFnvNaj7fyLwqsSd3VJ_oKR3jx3uRSLfGzfmIK&google_hm=X0lJeUNIQjJCVzB...

170 B
232 B

61ms
42ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AavPq0PId32PhBzqh54vKEPXU8RS_b-SuAWB7vE-HrLQQyN0YqPkZ4X0OoxRExYaxYYFnvNaj7fyLwqsSd3VJ_oKR3jx3uRSLfGzfmIK&google_hm=X0lJeUNIQjJCVzBGQTVYVWhxRmVLdEVsOEhj&from_google=sp1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 00:05:07 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AavPq0PId32PhBzqh54vKEPXU8RS_b-SuAWB7vE-HrLQQyN0YqPkZ4X0OoxRExYaxYYFnvNaj7fyLwqsSd3VJ_oKR3jx3uRSLfGzfmIK&google_hm=X0lJeUNIQjJCVzBGQTVYVWhxRmVLdEVsOEhj&from_google=sp1
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 799B
Redirect Chain

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESECSyzKavUHKhm6H4ijg1N4Y&google_cver=1&google_push=AavPq0MOlTDLZKNgb5t-7f8VU79rkpO-mjhN_DP5-nDJL2KKUo0hDchCcW-sHFGLg0KvZ_EoCYCGaI39lUfzLYLllV1IXW4Xs_tP9vqQ
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AavPq0MOlTDLZKNgb5t-7f8VU79rkpO-mjhN_DP5-nDJL2KKUo0hDchCcW-sHFGLg0KvZ_EoCYCGaI39lUfzLYLllV1IXW4Xs_tP9vqQ&google_hm=NTJKMDU3MDE0QkRHYTA...

170 B
329 B

54ms
42ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AavPq0MOlTDLZKNgb5t-7f8VU79rkpO-mjhN_DP5-nDJL2KKUo0hDchCcW-sHFGLg0KvZ_EoCYCGaI39lUfzLYLllV1IXW4Xs_tP9vqQ&google_hm=NTJKMDU3MDE0QkRHYTAwN0YyOU8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-store, no-cache
Date: Fri, 06 Jan 2023 00:05:07 GMT
Server: nginx
P3P: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location: //cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AavPq0MOlTDLZKNgb5t-7f8VU79rkpO-mjhN_DP5-nDJL2KKUo0hDchCcW-sHFGLg0KvZ_EoCYCGaI39lUfzLYLllV1IXW4Xs_tP9vqQ&google_hm=NTJKMDU3MDE0QkRHYTAwN0YyOU8
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
X-SID: 159f32b0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 799B
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECcm3Qt8WiPL-Nrq38gDKPc&google_cver=1&google_push=AavPq0M8qn86jMVaTgZLT0mFRo7G2ZbCASh0kdtX5CfkdqJxXZY2j459nCJRn9oAX8tBYxFw38nr24nSY2Fb50D_SgeXlQ6...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0M8qn86jMVaTgZLT0mFRo7G2ZbCASh0kdtX5CfkdqJxXZY2j459nCJRn9oAX8tBYxFw38nr24nSY2Fb50D_SgeXlQ6SLieBw-Rl&google_hm=eS1NazJWRFJ4RTJwSG...

170 B
188 B

86ms
45ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0M8qn86jMVaTgZLT0mFRo7G2ZbCASh0kdtX5CfkdqJxXZY2j459nCJRn9oAX8tBYxFw38nr24nSY2Fb50D_SgeXlQ6SLieBw-Rl&google_hm=eS1NazJWRFJ4RTJwSGtObzVVdTE2Nkw4Qk9oVHpTclRWRH5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 06 Jan 2023 00:05:08 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0M8qn86jMVaTgZLT0mFRo7G2ZbCASh0kdtX5CfkdqJxXZY2j459nCJRn9oAX8tBYxFw38nr24nSY2Fb50D_SgeXlQ6SLieBw-Rl&google_hm=eS1NazJWRFJ4RTJwSGtObzVVdTE2Nkw4Qk9oVHpTclRWRH5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 799B
Redirect Chain

https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEOujc2SUMQsqvBcP695ZJQ0&google_cver=1&google_push=AavPq0OhKDGifdyPYXxXTSNsv1e_nPOZsaga1sa6TDLgeZjoKj7B92vrvaHppGiU294UK-z0jeTH-r7f_js0a6X...
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=OTk3NTEyMjUzOA&google_push=AavPq0OhKDGifdyPYXxXTSNsv1e_nPOZsaga1sa6TDLgeZjoKj7B92vrvaHppGiU294UK-z0jeTH-r7f_js0a6XHdZI82J...

170 B
232 B

41ms
41ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=OTk3NTEyMjUzOA&google_push=AavPq0OhKDGifdyPYXxXTSNsv1e_nPOZsaga1sa6TDLgeZjoKj7B92vrvaHppGiU294UK-z0jeTH-r7f_js0a6XHdZI82JXrcu9OJd1F

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=OTk3NTEyMjUzOA&google_push=AavPq0OhKDGifdyPYXxXTSNsv1e_nPOZsaga1sa6TDLgeZjoKj7B92vrvaHppGiU294UK-z0jeTH-r7f_js0a6XHdZI82JXrcu9OJd1F
Date: Fri, 06 Jan 2023 00:05:07 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 799B
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOREL6PDkItLAUFJt4tQQqk&google_cver=1&google_push=AavPq0PHCw-WXXRbfsWQ5FBEigNntsk9SIioQGboF_N4erSV_0VuAuM9E50_BI0_fLvSVLsKigZrVKbR...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOREL6PDkItLAUFJt4tQQqk&google_cver=1&google_push=AavPq0PHCw-WXXRbfsWQ5FBEigNntsk9SIioQGboF_N4erSV_0VuAuM9E50_BI0_fLvSVLsKigZ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQ1MDMwMDkxMTI4MjgxMDczNg&google_push=AavPq0PHCw-WXXRbfsWQ5FBEigNntsk9SIioQGboF_N4erSV_0VuAuM9E50_BI0_fLvSVLsKigZrVK...

170 B
188 B

42ms
41ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQ1MDMwMDkxMTI4MjgxMDczNg&google_push=AavPq0PHCw-WXXRbfsWQ5FBEigNntsk9SIioQGboF_N4erSV_0VuAuM9E50_BI0_fLvSVLsKigZrVKbRyYXrYBkp80ETPUU3vmGlDpW3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQ1MDMwMDkxMTI4MjgxMDczNg&google_push=AavPq0PHCw-WXXRbfsWQ5FBEigNntsk9SIioQGboF_N4erSV_0VuAuM9E50_BI0_fLvSVLsKigZrVKbRyYXrYBkp80ETPUU3vmGlDpW3
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 799B
Redirect Chain

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESELGgyyOjUJOQX9ak0xghWvw&google_cver=1&google_push=AavPq0NuRZi3ktG56e5ntUMrAchzm90cIbQRfIuWK3vxTFnFCOJB4_BpUrJZKPtZ-F1IfJFUG44EXJG3aoCofgkWr...
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AavPq0NuRZi3ktG56e5ntUMrAchzm90cIbQRfIuWK3vxTFnFCOJB4_BpUrJZKPtZ-F1IfJFUG44EXJG3aoCofgkWr4UGMo9WHTwC073C&google_hm=AT9XDOsWSEkKjWrG...

170 B
232 B

61ms
43ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AavPq0NuRZi3ktG56e5ntUMrAchzm90cIbQRfIuWK3vxTFnFCOJB4_BpUrJZKPtZ-F1IfJFUG44EXJG3aoCofgkWr4UGMo9WHTwC073C&google_hm=AT9XDOsWSEkKjWrGGwBPba0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AavPq0NuRZi3ktG56e5ntUMrAchzm90cIbQRfIuWK3vxTFnFCOJB4_BpUrJZKPtZ-F1IfJFUG44EXJG3aoCofgkWr4UGMo9WHTwC073C&google_hm=AT9XDOsWSEkKjWrGGwBPba0
Date: Fri, 06 Jan 2023 00:05:07 GMT
Server: Apache
Connection: keep-alive
Content-Length: 235
Content-Type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 799B 0
232 B 82ms
40ms Image
text/html 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KSRWcAgWdBR47oFRz8qRqhJaxzNsd3DnXPG3exqESiLEx5w2V0AVp5UThaa_9m_XlA5b8O

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 55F4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

62ms
62ms

Document
text/html

2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 00:05:08 GMT
expires: Fri, 06 Jan 2023 00:05:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 00:05:08 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 69c1ef8cd6705b780c90575bfa06206f.js Show response
www.gstatic.com/mysidia/ Frame 090F 9 KB
4 KB 39ms
4ms Script
text/javascript 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/69c1ef8cd6705b780c90575bfa06206f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e00330427c51aa6054ec3c96952fedc0afb22033164411791fbbe67c2ecf5838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 07:48:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4241
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 07:48:30 GMT

GET
H3 200 4e46e960a481e78ab29c4839888eb128.js Show response
www.gstatic.com/mysidia/ Frame 090F 149 KB
56 KB 40ms
5ms Script
text/javascript 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4e46e960a481e78ab29c4839888eb128.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d81d4292a30deadddd393e2bc8c8f14f09f6c9a8c5816accf0a3dab9447d1db3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56878
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 15:11:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 16:49:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 090F 4 KB
816 B 78ms
39ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 06 Jan 2023 00:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 23:17:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Jan 2023 00:05:08 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 090F 2 KB
765 B 6ms
4ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:17:59 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 090F 24 KB
9 KB 6ms
4ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:17:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 090F 3 KB
1 KB 7ms
3ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:17:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 090F 18 KB
7 KB 8ms
4ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:17:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 090F 0
0 60ms
36ms Image
text/html 2404:6800:4004:826::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQBJ23gQvULCYJm1QsBYsuYUmC2jxepMw3xoeLXVqPYJflNlkpz-lrVJH8rIKb3hatEl_y40cxlRyRiu55pq21teM11A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:826::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 090F 154 KB
47 KB 207ms
162ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 06 Jan 2023 00:05:08 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 090F 34 KB
14 KB 35ms
3ms Script
text/javascript 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:00:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 15:11:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 14:00:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CE46 0
0 48ms
38ms Image
text/html 2404:6800:4004:826::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQXe7abHOLaQwsFOMIypJiGhZ3nQxtXimXOqsfvRWKhsYr9zLMhlhps54sGeQLgwBBP2gsVnkX_GRYw1WMyzHN9CNH_jA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:826::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CE46 154 KB
48 KB 149ms
119ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 06 Jan 2023 00:05:08 GMT

GET
DATA 200
OK truncated
/ Frame CE46 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b35116e018ecca384753bd71d0c9237ee84ad6fdb9cbbeed214913d1ec40132

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 data.json Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/ Frame A009 69 KB
14 KB 42ms
4ms XHR
application/json 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/data.json

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/lottie_light.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3b988909053ac71ff9e337664d9c413357f6c94ca4061fed5e4381409c04be1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 04 Jan 2023 07:01:23 GMT
age: 147825
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13958
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 09:34:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 04 Jan 2024 07:01:23 GMT

GET
H3 200 sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js Show response
pagead2.googlesyndication.com/bg/ Frame A009 36 KB
16 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 05:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16096
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 05:37:23 GMT

GET
DATA 200
OK truncated
/ Frame A009 5 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b3d7ecc82076f456e17e5cf2b5c5851c0a3c33b17217d137be0bca580654349

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/jpeg

POST
H2 204 csi
csi.gstatic.com/ Frame 090F 0
327 B 786ms
257ms Ping
image/gif 2a00:1450:4006:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lcjra0e0&c=4106406367476&slotId=2053203183738&qqid=CNnutNzSsfwCFaZPDwIdM0kDuw&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/4e46e960a481e78ab29c4839888eb128.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4006:813::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 090F 0
20 B 39ms
38ms Image
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?zx=1045tdv81uuk&st=lima

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D8EA 1 KB
643 B 2ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 8028
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 21:51:20 GMT
etag: 48472445140208031
expires: Fri, 06 Jan 2023 21:51:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/ Frame B9D3 2 KB
889 B 4ms
3ms Document
text/html 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/index.html

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26c26c00410752e553c9dc6365ae86b9a0902dae025afc5a917bc6c2b9d618e4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 24547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 859
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 17:16:01 GMT
expires: Fri, 05 Jan 2024 17:16:01 GMT
last-modified: Wed, 16 Mar 2022 09:34:23 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3

200

B27446558.331480228;dc_pre=CI_GgN3SsfwCFThVDwId_20OJA;dc_trk_aid=523338654;dc_trk_cid=168505845;ord=1373447304;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame CEE3
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27446558.331480228;dc_trk_aid=523338654;dc_trk_cid=168505845;ord=1373447304;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27446558.331480228;dc_pre=CI_GgN3SsfwCFThVDwId_20OJA;dc_trk_aid=523338654;dc_trk_cid=168505845;ord=1373447304;dc_lat=;dc_rdid=;tag...

42 B
63 B

54ms
54ms

Fetch
image/gif

172.217.174.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27446558.331480228;dc_pre=CI_GgN3SsfwCFThVDwId_20OJA;dc_trk_aid=523338654;dc_trk_cid=168505845;ord=1373447304;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1284532310232457&output=html&h=90&adk=894380781&adf=1986100267&pi=t.aa~a.3559513600~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1672963507&rafmt=1&to=qs&pwprc=3830565116&format=1200x90&url=https%3A%2F%2Fquiz.creditis.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672963507794&bpp=1&bdt=2605&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D96548ce88a9d9ded-2280a9dc2bd90093%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaRFj89t7KU6_ggls74b3JKXlKtYg&gpic=UID%3D00000b9eb75307d5%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaLWr8QqL35ZM1wy7qbc0wjwPIZDQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1200x280&nras=4&correlator=1997113556880&frm=20&pv=1&ga_vid=1995572288.1672963507&ga_sid=1672963507&ga_hid=318244986&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2598253615014856&tmod=1093264718&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20230103&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=TpY1cvdK3c&p=https%3A//quiz.creditis.com.br&dtd=9

Protocol

Server

172.217.174.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27446558.331480228;dc_pre=CI_GgN3SsfwCFThVDwId_20OJA;dc_trk_aid=523338654;dc_trk_cid=168505845;ord=1373447304;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CEE3 0
0 51ms
51ms Fetch
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGmxHs2W3Y8uLNJGfvcAPmOis8ATZ3vX9bdT1n9eMENvZHhABIO30lWpgifPFhPQToAH0uL_FA8gBCagDAcgDSKoE0QFP0Fw_v3hbECIVQsBTjZoVR6PHIBXcA49hImvPg8-YShIZq0og6a522Rs-cvXq3V04L4WwP1hSYevwBly1qkFSecZmIcr9i5-S-OX2l6WwH4ZDAOZmFJzYTjU41DG2Ez2eWBRDJ4DJffEHlOG-d-_Pb4Sg3dTwGy-55eiPAJM02KM7bnffTa5QqmQukIC340MEIPdYsxKMVlqLUPwZZgBFtFq6Zq0W0g5Z9NNx0YZI5s1di6rWqaGf1N-gRS108pDbOpHGjl8t3OJhD1Lntx-w-MAEtdi1ku8DkgUECAQYAZIFBAgFGASgBi6AB5nnsq4BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQic4B0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTEyODQ1MzIzMTAyMzI0NTcYAA&sigh=zpuukR6rjQU&uach_m=[UACH]&cid=CAQSPADq26N9oGqGIEhX_cGUOVTqW3xBHAYDFnfdIz4NIwU-HpvV2_CWbxxSqKjBC_Qm9bwhhHpflxgCiljkMxgBIBM&template_id=419

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1284532310232457&output=html&h=90&adk=894380781&adf=1986100267&pi=t.aa~a.3559513600~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1672963507&rafmt=1&to=qs&pwprc=3830565116&format=1200x90&url=https%3A%2F%2Fquiz.creditis.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672963507794&bpp=1&bdt=2605&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D96548ce88a9d9ded-2280a9dc2bd90093%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaRFj89t7KU6_ggls74b3JKXlKtYg&gpic=UID%3D00000b9eb75307d5%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaLWr8QqL35ZM1wy7qbc0wjwPIZDQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1200x280&nras=4&correlator=1997113556880&frm=20&pv=1&ga_vid=1995572288.1672963507&ga_sid=1672963507&ga_hid=318244986&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2598253615014856&tmod=1093264718&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20230103&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=TpY1cvdK3c&p=https%3A//quiz.creditis.com.br&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 06 Jan 2023 00:05:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame CEE3 24 KB
9 KB 3ms
3ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:17:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame CEE3 3 KB
1 KB 3ms
3ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:17:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame CEE3 18 KB
7 KB 5ms
3ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:17:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CEE3 0
0 40ms
38ms Image
text/html 2404:6800:4004:826::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR3l90-O3-LSdo4cWbSJ42NGF_UbeR7j_z_VJbHUhZ4EOjyBDES32FKIjEetdwwWF24CDXXRxHXr9FyndTH97O6p2YR8Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1284532310232457&output=html&h=90&adk=894380781&adf=1986100267&pi=t.aa~a.3559513600~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1672963507&rafmt=1&to=qs&pwprc=3830565116&format=1200x90&url=https%3A%2F%2Fquiz.creditis.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672963507794&bpp=1&bdt=2605&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D96548ce88a9d9ded-2280a9dc2bd90093%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaRFj89t7KU6_ggls74b3JKXlKtYg&gpic=UID%3D00000b9eb75307d5%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaLWr8QqL35ZM1wy7qbc0wjwPIZDQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1200x280&nras=4&correlator=1997113556880&frm=20&pv=1&ga_vid=1995572288.1672963507&ga_sid=1672963507&ga_hid=318244986&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2598253615014856&tmod=1093264718&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20230103&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=TpY1cvdK3c&p=https%3A//quiz.creditis.com.br&dtd=9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:826::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CEE3 154 KB
47 KB 47ms
42ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 06 Jan 2023 00:05:08 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 15A9 8 KB
895 B 41ms
41ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1284532310232457&output=html&h=280&adk=252081522&adf=2792719854&pi=t.aa~a.526341454~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672963507&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3830565116&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fquiz.creditis.com.br%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672963507782&bpp=1&bdt=2593&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D96548ce88a9d9ded-2280a9dc2bd90093%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaRFj89t7KU6_ggls74b3JKXlKtYg&gpic=UID%3D00000b9eb75307d5%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaLWr8QqL35ZM1wy7qbc0wjwPIZDQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=1997113556880&frm=20&pv=1&ga_vid=1995572288.1672963507&ga_sid=1672963507&ga_hid=318244986&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1435&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2598253615014856&tmod=1093264718&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20230103&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=5eXJKIw8uk&p=https%3A//quiz.creditis.com.br&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 06 Jan 2023 00:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 22:18:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Jan 2023 00:05:08 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 15A9 2 KB
765 B 2ms
2ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:17:59 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 15A9 24 KB
9 KB 3ms
3ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:17:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 15A9 3 KB
1 KB 4ms
2ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:17:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 15A9 18 KB
7 KB 4ms
3ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:17:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 15A9 0
0 39ms
38ms Image
text/html 2404:6800:4004:826::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrklpn0ZCBQNicRWHPxF0CuBB6UR_UoCGPPEFCNpk4jv5E2uiQwFyBsigPl_SLbmuDSuWFGwflu7hU_h2F2DGdHGpi2w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1284532310232457&output=html&h=280&adk=252081522&adf=2792719854&pi=t.aa~a.526341454~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672963507&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3830565116&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fquiz.creditis.com.br%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672963507782&bpp=1&bdt=2593&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D96548ce88a9d9ded-2280a9dc2bd90093%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaRFj89t7KU6_ggls74b3JKXlKtYg&gpic=UID%3D00000b9eb75307d5%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaLWr8QqL35ZM1wy7qbc0wjwPIZDQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=1997113556880&frm=20&pv=1&ga_vid=1995572288.1672963507&ga_sid=1672963507&ga_hid=318244986&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1435&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2598253615014856&tmod=1093264718&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20230103&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=5eXJKIw8uk&p=https%3A//quiz.creditis.com.br&dtd=5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:826::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 15A9 154 KB
47 KB 139ms
138ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 06 Jan 2023 00:05:08 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 15A9 34 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:00:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 15:11:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 14:00:17 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FD3F 8 KB
895 B 38ms
37ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1284532310232457&output=html&h=280&adk=3036045525&adf=3964850271&pi=t.aa~a.3559513600~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1672963507&rafmt=1&to=qs&pwprc=3830565116&format=1200x280&url=https%3A%2F%2Fquiz.creditis.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672963507794&bpp=1&bdt=2605&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D96548ce88a9d9ded-2280a9dc2bd90093%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaRFj89t7KU6_ggls74b3JKXlKtYg&gpic=UID%3D00000b9eb75307d5%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaLWr8QqL35ZM1wy7qbc0wjwPIZDQ&prev_fmts=0x0%2C1200x280%2C1110x280&nras=3&correlator=1997113556880&frm=20&pv=1&ga_vid=1995572288.1672963507&ga_sid=1672963507&ga_hid=318244986&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2598253615014856&tmod=1093264718&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20230103&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=DN0oeyvwxO&p=https%3A//quiz.creditis.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 06 Jan 2023 00:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 22:34:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Jan 2023 00:05:08 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame FD3F 2 KB
765 B 3ms
2ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:17:59 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame FD3F 24 KB
9 KB 3ms
3ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:17:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame FD3F 3 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:17:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame FD3F 18 KB
7 KB 4ms
3ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:17:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FD3F 154 KB
47 KB 74ms
74ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 06 Jan 2023 00:05:08 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame FD3F 34 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:00:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 15:11:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 14:00:17 GMT

GET
H3

206

videoplayback
r2---sn-oguelnzs.gvt1.com/ Frame 090F
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=d5ce2b4e00d4c57f&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1672970707&sparams=ip,ipbits,expire,id,...
https://r2---sn-oguelnzs.gvt1.com/videoplayback?id=d5ce2b4e00d4c57f&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1672970707&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

1 MB
1 MB

90ms
2ms

Media
video/mp4

2404:6800:4004:2b::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-oguelnzs.gvt1.com/videoplayback?id=d5ce2b4e00d4c57f&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1672970707&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=4253B4179BF76570496EEFD1EFD91A06214DE72B.65768A58B32EB76925DD4E681FC958279BF93837&key=cms1&cms_redirect=yes&mh=VV&mip=2a00:1633:128:4::4&mm=28&mn=sn-oguelnzs&ms=nvh&mt=1672962013&mv=u&mvi=2&pl=32

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

2404:6800:4004:2b::7 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

140b316a2d3056c65d92e7867c3fc4326c82f94cbc5986896a14ceae321893d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 06 Jan 2023 00:05:08 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Jan 2023 01:31:43 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-1292392/1292393
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1292393
expires: Fri, 06 Jan 2023 00:05:08 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r2---sn-oguelnzs.gvt1.com/videoplayback?id=d5ce2b4e00d4c57f&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1672970707&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=4253B4179BF76570496EEFD1EFD91A06214DE72B.65768A58B32EB76925DD4E681FC958279BF93837&key=cms1&cms_redirect=yes&mh=VV&mip=2a00:1633:128:4::4&mm=28&mn=sn-oguelnzs&ms=nvh&mt=1672962013&mv=u&mvi=2&pl=32
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 705
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame B9D3 6 KB
3 KB 3ms
2ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 10:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2568
x-xss-protection: 0
server: cafe
etag: 6734328975651772599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 06 Jan 2023 10:06:05 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B9D3 34 KB
13 KB 3ms
3ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 08:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 06 Jan 2023 08:27:50 GMT

GET
H3 200 lottie_light.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/ Frame B9D3 147 KB
41 KB 4ms
3ms Script
application/x-javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/lottie_light.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b989ef6e53e278a56abb90201c504c90c1b447f7e71eb35557e0e66b8de0a431

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 23:50:30 GMT
age: 878
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41971
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 09:34:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 05 Jan 2024 23:50:30 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 15A9 0
0 46ms
46ms Fetch
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CD9cMs2W3Y8SiMuyzvcAP68q0uA_zlfCHa73ipK-ECuTg6-eVDBABIO30lWpgifPFhPQToAGau_mZA8gBCakCD1Zx1V0eQD6oAwHIA8sEqgTSAU_QYw40HeYhVSs48uyLtBWDqs-QmGDQnt2mjePfHx7tiihTRghWzdmpho9wFeao3U30tO9tnpe1-myAGeUiPij39q8DZ8dN3fkkTW5KckISxPhR04-FolT7KXu8lkLmdf8pPksUuJRwa3XwDHkWeioLe5ujimBJrflpTRX03vx6vveCczvYDh-mYNBK8sViJSNRt5f9p83FfCj9AVevwdJdDo2HyTz6AxDGVp3CifYKBGPu6VrHF_QMY8K1fZ2pY2wVz7JGdt0fgWb8RkBRQXwS9MAEtcSZ9IkBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB87EhmaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD8qALSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEw2IFAnQFQGYFgGAFwGyFxwKGggAEhRwdWItMTI4NDUzMjMxMDIzMjQ1NxgA&sigh=KBuBv0c33xs&uach_m=[UACH]&cid=CAQSPADq26N9OofMXnO5lDas3BotBvDRZodzY3J-AV-n5uSgkYt7t01J9IeHp0-r-dDXMjnLVPyEldSbQNxsdxgBIBM&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1284532310232457&output=html&h=280&adk=252081522&adf=2792719854&pi=t.aa~a.526341454~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672963507&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3830565116&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fquiz.creditis.com.br%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672963507782&bpp=1&bdt=2593&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D96548ce88a9d9ded-2280a9dc2bd90093%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaRFj89t7KU6_ggls74b3JKXlKtYg&gpic=UID%3D00000b9eb75307d5%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaLWr8QqL35ZM1wy7qbc0wjwPIZDQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=1997113556880&frm=20&pv=1&ga_vid=1995572288.1672963507&ga_sid=1672963507&ga_hid=318244986&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1435&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2598253615014856&tmod=1093264718&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20230103&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=5eXJKIw8uk&p=https%3A//quiz.creditis.com.br&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 06 Jan 2023 00:05:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FD3F 0
0 48ms
47ms Fetch
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-m90s2W3Y_aFNIunvcAPkc2bsATzlfCHa73ipK-ECuTg6-eVDBABIO30lWpgifPFhPQToAGau_mZA8gBCakCD1Zx1V0eQD6oAwHIA8sEqgTSAU_QV57RvUPP6wnol3rljD44jdY7r2pKxdWLLSmOhEw8HbfNHmFZ3R6VGFxTwVhMAFoXu9BbPl5f50yx_RhciKdRtofRa1_HffVjObfPYyGgHZk0V4HZs5C_OEW73keRvBuJwqt93uajcunRTNVW3u6G7csXrZuSYte_5yyry86PlvpNH-cVmMsfm_xzzGXUNX2h78089ZIf6IQWuIVMSArbh93F1GAU8kN75heAZrmq2IRXc9RRtHt8_ic8fDCnO-fR4KWVBgdL5VZaSgIQZxSLLsAEtcSZ9IkBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB87EhmaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxDobdIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDYgUCdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMjg0NTMyMzEwMjMyNDU3GAA&sigh=dUSV42vqyTQ&uach_m=[UACH]&cid=CAQSPADq26N9LzTNRXGrNdmZgf6kbcRSFx34MsoQZzMb5SR5W84QBGEl_q9iDBX1EDZWzsQMBX9b8cQviTN_DhgBIBM&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1284532310232457&output=html&h=280&adk=3036045525&adf=3964850271&pi=t.aa~a.3559513600~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1672963507&rafmt=1&to=qs&pwprc=3830565116&format=1200x280&url=https%3A%2F%2Fquiz.creditis.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672963507794&bpp=1&bdt=2605&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D96548ce88a9d9ded-2280a9dc2bd90093%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaRFj89t7KU6_ggls74b3JKXlKtYg&gpic=UID%3D00000b9eb75307d5%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaLWr8QqL35ZM1wy7qbc0wjwPIZDQ&prev_fmts=0x0%2C1200x280%2C1110x280&nras=3&correlator=1997113556880&frm=20&pv=1&ga_vid=1995572288.1672963507&ga_sid=1672963507&ga_hid=318244986&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2598253615014856&tmod=1093264718&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20230103&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=DN0oeyvwxO&p=https%3A//quiz.creditis.com.br&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 06 Jan 2023 00:05:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/7505334689952141375/ Frame 15A9 23 KB
23 KB 4ms
3ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7505334689952141375/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94ce4b182612d460e5054e33a69ee5bc55fa922cbadc9aa8d4d8dd3ca5218075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 22:34:49 GMT
x-content-type-options: nosniff
age: 5419
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23969
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 05:42:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 05 Jan 2024 22:34:49 GMT

GET
DATA 200
OK truncated
/ Frame 15A9 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 15A9 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/7505334689952141375/ Frame FD3F 23 KB
23 KB 2ms
2ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7505334689952141375/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94ce4b182612d460e5054e33a69ee5bc55fa922cbadc9aa8d4d8dd3ca5218075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 22:34:49 GMT
x-content-type-options: nosniff
age: 5419
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23969
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 05:42:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 05 Jan 2024 22:34:49 GMT

GET
DATA 200
OK truncated
/ Frame FD3F 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FD3F 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8B6E 143 B
166 B 3ms
2ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1284532310232457&output=html&h=90&adk=894380781&adf=1986100267&pi=t.aa~a.3559513600~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1672963507&rafmt=1&to=qs&pwprc=3830565116&format=1200x90&url=https%3A%2F%2Fquiz.creditis.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672963507794&bpp=1&bdt=2605&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D96548ce88a9d9ded-2280a9dc2bd90093%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaRFj89t7KU6_ggls74b3JKXlKtYg&gpic=UID%3D00000b9eb75307d5%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaLWr8QqL35ZM1wy7qbc0wjwPIZDQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1200x280&nras=4&correlator=1997113556880&frm=20&pv=1&ga_vid=1995572288.1672963507&ga_sid=1672963507&ga_hid=318244986&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2598253615014856&tmod=1093264718&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20230103&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=TpY1cvdK3c&p=https%3A//quiz.creditis.com.br&dtd=9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 00:01:04 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame D8EA
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPl-TA-O4PtQGV5QSmeQ92s&google_cver=1&google_push=AavPq0M0C_Y5GvIxQhlneaa3Un-36gXNAUSZNAnX-yapzbseCooIptSaAyOXE71IdsmOCbcx7mXhSjU9p6fT6SzmWfLCGQNA5Du49...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPl-TA-O4PtQGV5QSmeQ92s&google_cver=1&google_push=AavPq0M0C_Y5GvIxQhlneaa3Un-36gXNAUSZNAnX-yapzbseCooIptSaAyOXE71IdsmOCbcx7mXhSjU9p6fT6SzmWfLCGQNA5Du...

43 B
420 B

125ms
118ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPl-TA-O4PtQGV5QSmeQ92s&google_cver=1&google_push=AavPq0M0C_Y5GvIxQhlneaa3Un-36gXNAUSZNAnX-yapzbseCooIptSaAyOXE71IdsmOCbcx7mXhSjU9p6fT6SzmWfLCGQNA5Du49VASIGh6c-HxBah9YVEzdDf_Xwxl47pnlvzauW55-7do1P7mjvgaTz4LYw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0M0C_Y5GvIxQhlneaa3Un-36gXNAUSZNAnX-yapzbseCooIptSaAyOXE71IdsmOCbcx7mXhSjU9p6fT6SzmWfLCGQNA5Du49VASIGh6c-HxBah9YVEzdDf_Xwxl47pnlvzauW55-7do1P7mjvgaTz4LYw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 78503347cd122091-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 212
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPl-TA-O4PtQGV5QSmeQ92s&google_cver=1&google_push=AavPq0M0C_Y5GvIxQhlneaa3Un-36gXNAUSZNAnX-yapzbseCooIptSaAyOXE71IdsmOCbcx7mXhSjU9p6fT6SzmWfLCGQNA5Du49VASIGh6c-HxBah9YVEzdDf_Xwxl47pnlvzauW55-7do1P7mjvgaTz4LYw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0M0C_Y5GvIxQhlneaa3Un-36gXNAUSZNAnX-yapzbseCooIptSaAyOXE71IdsmOCbcx7mXhSjU9p6fT6SzmWfLCGQNA5Du49VASIGh6c-HxBah9YVEzdDf_Xwxl47pnlvzauW55-7do1P7mjvgaTz4LYw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 78503346bc652091-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D8EA
Redirect Chain

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEHnHM5zAKNmXf3nyv1ed9IQ&google_cver=1&google_push=AavPq0PFSF-UsPmqA2Pl-mtEbtcueEkSRe-y3R9szNvZxeA8DNPP7zH00mPghhaLGTt_72ytMBj9lXYUCU-vI2ebD...
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEHnHM5zAKNmXf3nyv1ed9IQ&google_cver=1&google_push=AavPq0PFSF-UsPmqA2Pl-mtEbtcueEkSRe-y3R9szNvZxeA8DNPP7zH00mPghhaLGTt_72ytMBj9lXYUCU-...
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AavPq0PFSF-UsPmqA2Pl-mtEbtcueEkSRe-y3R9szNvZxeA8DNPP7zH00mPghhaLGTt_72ytMBj9lXYUCU-vI2ebD8F1d-_xQM_Qgom1Qc1Hb49v-Sbk4uSijFTYv...

170 B
188 B

40ms
40ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AavPq0PFSF-UsPmqA2Pl-mtEbtcueEkSRe-y3R9szNvZxeA8DNPP7zH00mPghhaLGTt_72ytMBj9lXYUCU-vI2ebD8F1d-_xQM_Qgom1Qc1Hb49v-Sbk4uSijFTYv2X2hhdM-hwK2wL4ti7XIdnjqGIPM8I6VA&google_hm=Vju0lc6oQ1ewNfoUrDqaxA==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AavPq0PFSF-UsPmqA2Pl-mtEbtcueEkSRe-y3R9szNvZxeA8DNPP7zH00mPghhaLGTt_72ytMBj9lXYUCU-vI2ebD8F1d-_xQM_Qgom1Qc1Hb49v-Sbk4uSijFTYv2X2hhdM-hwK2wL4ti7XIdnjqGIPM8I6VA&google_hm=Vju0lc6oQ1ewNfoUrDqaxA==
Date: Fri, 06 Jan 2023 00:05:08 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D8EA
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEFE3OD5qv8XYLLpkhqDWS2E&google_cver=1&google_push=AavPq0O_698qICdeP5Fo3PqSJcteMQOo0u_GytBBnyAAhQBzstGiiUPnnm7rcVevB1drOV8wJvpxcLyswT3QH1AmD9XFO5zKBxFxr...
https://rtb.openx.net/sync/dds?google_gid=CAESEFE3OD5qv8XYLLpkhqDWS2E&google_cver=1&google_push=AavPq0O_698qICdeP5Fo3PqSJcteMQOo0u_GytBBnyAAhQBzstGiiUPnnm7rcVevB1drOV8wJvpxcLyswT3QH1AmD9XFO5zKBxFxr...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0O_698qICdeP5Fo3PqSJcteMQOo0u_GytBBnyAAhQBzstGiiUPnnm7rcVevB1drOV8wJvpxcLyswT3QH1AmD9XFO5zKBxFxrwV3c1chFJrzty9zFPFEFNsVSU7gVE6nJx...

170 B
188 B

41ms
41ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0O_698qICdeP5Fo3PqSJcteMQOo0u_GytBBnyAAhQBzstGiiUPnnm7rcVevB1drOV8wJvpxcLyswT3QH1AmD9XFO5zKBxFxrwV3c1chFJrzty9zFPFEFNsVSU7gVE6nJx4cjG6J3ukvM0xow0Gms9FW3A&google_hm=uNFLiG2fxsUStpwIQ0yJ9A==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:07 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0O_698qICdeP5Fo3PqSJcteMQOo0u_GytBBnyAAhQBzstGiiUPnnm7rcVevB1drOV8wJvpxcLyswT3QH1AmD9XFO5zKBxFxrwV3c1chFJrzty9zFPFEFNsVSU7gVE6nJx4cjG6J3ukvM0xow0Gms9FW3A&google_hm=uNFLiG2fxsUStpwIQ0yJ9A==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: bemp441q31pj04llbuk0mcpensnbl1tg

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D8EA
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0NLCnv65SF9H-gjueA2F4LLuUUL5czbQTiv2vDCOMXiKLLJba_Hpew2V00-1pq4DCBDEOfgkitzHSTGZZy2Ku9yfgSmtmi5Gssgvme_eC4R1GLxJhHDKWRc4Wwqdgh...
https://sync.targeting.unrulymedia.com/csync/RX-ccc080c2-1238-4bfc-9318-c06d4ea10ffe-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0NLCnv65SF9H-gjueA2F...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NLCnv65SF9H-gjueA2F4LLuUUL5czbQTiv2vDCOMXiKLLJba_Hpew2V00-1pq4DCBDEOfgkitzHSTGZZy2Ku9yfgSmtmi5Gssgvme_eC4R1GLxJhHDKWRc4WwqdghOoPwN...

170 B
188 B

42ms
42ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NLCnv65SF9H-gjueA2F4LLuUUL5czbQTiv2vDCOMXiKLLJba_Hpew2V00-1pq4DCBDEOfgkitzHSTGZZy2Ku9yfgSmtmi5Gssgvme_eC4R1GLxJhHDKWRc4WwqdghOoPwNbv4UtzIuDE3E1ULp7z5TpQ&google_hm=BMzAgMISOEv8kxjAbU6hD_4

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NLCnv65SF9H-gjueA2F4LLuUUL5czbQTiv2vDCOMXiKLLJba_Hpew2V00-1pq4DCBDEOfgkitzHSTGZZy2Ku9yfgSmtmi5Gssgvme_eC4R1GLxJhHDKWRc4WwqdghOoPwNbv4UtzIuDE3E1ULp7z5TpQ&google_hm=BMzAgMISOEv8kxjAbU6hD_4
date: Fri, 06 Jan 2023 00:05:08 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXccc080c212384bfc9318c06d4ea10ffe004
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D8EA
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEIaJu4RA3BP49E9qlca7GVM&google_cver=1&google_push=AavPq0N5qrkRY2JHwV5GpFA9SouBdZo60fQ_5N4oFDSgPB0q2dsyc0Got...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AavPq0N5qrkRY2JHwV5GpFA9SouBdZo60fQ_5N4oFDSgPB0q2dsyc0GotB_NM1IQo2rCAWd5QqePennHENKq87K5dj40y1isCKis9NoKk0vt_b0oq7w_z0RoB--vitwge...

170 B
188 B

37ms
37ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AavPq0N5qrkRY2JHwV5GpFA9SouBdZo60fQ_5N4oFDSgPB0q2dsyc0GotB_NM1IQo2rCAWd5QqePennHENKq87K5dj40y1isCKis9NoKk0vt_b0oq7w_z0RoB--vitwgeWBpJwca9ky8gYnAi1JuCr6AR-siSlM&google_hm=QlMuYjM2Ni00YTAxLTQxMTQtOGQ1Yg==

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AavPq0N5qrkRY2JHwV5GpFA9SouBdZo60fQ_5N4oFDSgPB0q2dsyc0GotB_NM1IQo2rCAWd5QqePennHENKq87K5dj40y1isCKis9NoKk0vt_b0oq7w_z0RoB--vitwgeWBpJwca9ky8gYnAi1JuCr6AR-siSlM&google_hm=QlMuYjM2Ni00YTAxLTQxMTQtOGQ1Yg==
Date: Fri, 06 Jan 2023 00:05:08 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D8EA
Redirect Chain

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESELZjNZ5kZD7cmqPpRtJ-4vg&google_cver=1&google_push=AavPq0OA83c7prlk-0MqfjWGOFTJHPjQOWO3TBT7VTW1xB7RDUkekwRW_CeT-O2zVbJj1-IABtlxq...
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESELZjNZ5kZD7cmqPpRtJ-4vg&google_push=AavPq0OA83c7prlk-0MqfjWGOFTJHPjQOWO3TBT7VTW1xB7RDUkekwRW_CeT-O2zVbJj1-IABtlxq...
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AavPq0OA83c7prlk-0MqfjWGOFTJHPjQOWO3TBT7VTW1xB7RDUkekwRW_CeT-O2zVbJj1-IABtlxqn2yXHjinry5sVz9CvZ8h_y87yL2N1LTyrzSSM6laHCjt_9kQqn...

170 B
188 B

43ms
43ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AavPq0OA83c7prlk-0MqfjWGOFTJHPjQOWO3TBT7VTW1xB7RDUkekwRW_CeT-O2zVbJj1-IABtlxqn2yXHjinry5sVz9CvZ8h_y87yL2N1LTyrzSSM6laHCjt_9kQqn7bZ9KTbWJdF8XxP5QTaRUVHWSBSSF4w&google_hm=WS1nT01pRWxyVTBoVnc5eFAtVVc=

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 00:05:08 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AavPq0OA83c7prlk-0MqfjWGOFTJHPjQOWO3TBT7VTW1xB7RDUkekwRW_CeT-O2zVbJj1-IABtlxqn2yXHjinry5sVz9CvZ8h_y87yL2N1LTyrzSSM6laHCjt_9kQqn7bZ9KTbWJdF8XxP5QTaRUVHWSBSSF4w&google_hm=WS1nT01pRWxyVTBoVnc5eFAtVVc=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 298
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D8EA
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJmoEVGSEK9osRimJXbdcw0&google_cver=1&google_push=AavPq0PF7n_73CLJo...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEJmoEVGSEK9osRimJXbdcw0%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njc1NzY4ODY0NjMwMzkzMTY3NA%3D%3D&google_gid=CAESEJmoEVGSEK9osRimJXbdcw0&google_cver=1&google_push=AavPq0PF7n_73CLJogLQJ4BvG2ZE2nBAW-...

170 B
188 B

44ms
42ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njc1NzY4ODY0NjMwMzkzMTY3NA%3D%3D&google_gid=CAESEJmoEVGSEK9osRimJXbdcw0&google_cver=1&google_push=AavPq0PF7n_73CLJogLQJ4BvG2ZE2nBAW-S-rSvyXo6KmFUY3CRcdiWvIw7aMABieO1OEYR0CmdrgOHLQLDyMO0zV3izDcrfku7357vkNgI7tkJs7d-qaGdHOLRAW8HLASXqcmtzpJavTlqt2svZKIW-pGRkiB0

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 06 Jan 2023 00:05:08 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 31.204.145.167; 31.204.145.167; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2fa3a5cc-a8ce-41cd-b36f-bc1630128a8d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njc1NzY4ODY0NjMwMzkzMTY3NA%3D%3D&google_gid=CAESEJmoEVGSEK9osRimJXbdcw0&google_cver=1&google_push=AavPq0PF7n_73CLJogLQJ4BvG2ZE2nBAW-S-rSvyXo6KmFUY3CRcdiWvIw7aMABieO1OEYR0CmdrgOHLQLDyMO0zV3izDcrfku7357vkNgI7tkJs7d-qaGdHOLRAW8HLASXqcmtzpJavTlqt2svZKIW-pGRkiB0
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D8EA 0
12 B 43ms
42ms Image
text/html 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K8TgaUMpV7Iwfxn6fphTCw2KfvO8H4T0sFDhsdP4acAVh0OztUK_DLnQOZACT6CS1gGDUzxzPD

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame CEE3 0
20 B 78ms
42ms Other
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIux7tzSsfwCFZFPDwIdGDQLTg&gqi=s2W3Y_ChM5ak2wTX_q3YCA&layout=/sadbundle/%24csp%253Der3%24/18216231906100725975/index.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame CEE3 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89bb4ec5ecf8eec4670a60938ce665112e9ce39f3bc343ec6f9fa64e9a2efabe

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 data.json Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/ Frame B9D3 69 KB
14 KB 3ms
2ms XHR
application/json 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/data.json

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/lottie_light.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3b988909053ac71ff9e337664d9c413357f6c94ca4061fed5e4381409c04be1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 04 Jan 2023 07:01:23 GMT
age: 147825
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13958
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 09:34:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 04 Jan 2024 07:01:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 847F 1 KB
643 B 4ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 8028
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 21:51:20 GMT
etag: 48472445140208031
expires: Fri, 06 Jan 2023 21:51:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EA3E 1 KB
643 B 3ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 8028
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 21:51:20 GMT
etag: 48472445140208031
expires: Fri, 06 Jan 2023 21:51:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 15A9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b29df8c2c7672fcaaea7702bbee460a8666e12f1678b9bc55d150b73a1cfe694

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FD3F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a6961555fa7fc0662c54f9336963683909d8fa73ac7316c6a309495fbf0bdae

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B9D3 5 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b3d7ecc82076f456e17e5cf2b5c5851c0a3c33b17217d137be0bca580654349

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8B6E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

56ms
55ms

Document
text/html

2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 00:05:08 GMT
expires: Fri, 06 Jan 2023 00:05:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 00:05:08 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame FD3F 28 KB
28 KB 49ms
3ms Font
font/woff2 2404:6800:4004:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 20:35:04 GMT
x-content-type-options: nosniff
age: 99004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 20:35:04 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 847F
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOREL6PDkItLAUFJt4tQQqk&google_cver=1&google_push=AavPq0MGp3oN45xjyHsJma2-oUtB7cUZEbr5nDlEkiKrQ27txUvBZQZRZjCVGmEv4s1RZLVk1vygXm3e...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQ1MDMwMDkxMTI4MjgxMDczNg&google_push=AavPq0MGp3oN45xjyHsJma2-oUtB7cUZEbr5nDlEkiKrQ27txUvBZQZRZjCVGmEv4s1RZLVk1vygXm...

170 B
188 B

43ms
43ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQ1MDMwMDkxMTI4MjgxMDczNg&google_push=AavPq0MGp3oN45xjyHsJma2-oUtB7cUZEbr5nDlEkiKrQ27txUvBZQZRZjCVGmEv4s1RZLVk1vygXm3e4UP9Vc1fprejAHFtFvwXnarZ

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQ1MDMwMDkxMTI4MjgxMDczNg&google_push=AavPq0MGp3oN45xjyHsJma2-oUtB7cUZEbr5nDlEkiKrQ27txUvBZQZRZjCVGmEv4s1RZLVk1vygXm3e4UP9Vc1fprejAHFtFvwXnarZ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 847F
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEFE3OD5qv8XYLLpkhqDWS2E&google_cver=1&google_push=AavPq0PZ8g29FPjs85hV2JpnGrCNEimBjLuD9mtn6i5Vj0LIsK3ZdnTBsL36HS0p7Hdqr43B7HJj_A3XsFCac1l4bJWqGb2qneldkIwE
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0PZ8g29FPjs85hV2JpnGrCNEimBjLuD9mtn6i5Vj0LIsK3ZdnTBsL36HS0p7Hdqr43B7HJj_A3XsFCac1l4bJWqGb2qneldkIwE&google_hm=uNFLiG2fxsUStpwIQ0y...

170 B
188 B

41ms
40ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0PZ8g29FPjs85hV2JpnGrCNEimBjLuD9mtn6i5Vj0LIsK3ZdnTBsL36HS0p7Hdqr43B7HJj_A3XsFCac1l4bJWqGb2qneldkIwE&google_hm=uNFLiG2fxsUStpwIQ0yJ9A==

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:07 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0PZ8g29FPjs85hV2JpnGrCNEimBjLuD9mtn6i5Vj0LIsK3ZdnTBsL36HS0p7Hdqr43B7HJj_A3XsFCac1l4bJWqGb2qneldkIwE&google_hm=uNFLiG2fxsUStpwIQ0yJ9A==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 23tkdp4s1qnv5f12toncs330bjm8g52k

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 847F
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHZcVorll7nETGGUoo2dIsA&google_cver=1&google_push=AavPq0OjSQw586HY5sjd2llRcbtP_Gk-4rKK2Bj4-AWritPGrKm-o4AaIx1xpyE62gfCt9E1AIYAjLfRbhObngL...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=wjv2dN2tRyBSz5W460d6Yx_Mkac&google_push=AavPq0OjSQw586HY5sjd2llRcbtP_Gk-4rKK2Bj4-AWritPGrKm-o4AaIx1xpyE62gfCt9E1AIYAjLfRbhObng...

170 B
188 B

44ms
44ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=wjv2dN2tRyBSz5W460d6Yx_Mkac&google_push=AavPq0OjSQw586HY5sjd2llRcbtP_Gk-4rKK2Bj4-AWritPGrKm-o4AaIx1xpyE62gfCt9E1AIYAjLfRbhObngLDG1s-jvz4ckK2Ga63

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=wjv2dN2tRyBSz5W460d6Yx_Mkac&google_push=AavPq0OjSQw586HY5sjd2llRcbtP_Gk-4rKK2Bj4-AWritPGrKm-o4AaIx1xpyE62gfCt9E1AIYAjLfRbhObngLDG1s-jvz4ckK2Ga63
Date: Fri, 06 Jan 2023 00:05:09 GMT
Connection: keep-alive
Content-Length: 246
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 847F
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPgGJ87qcOz7dpLpLon5h7A&google_cver=1&google_push=AavPq0OM-xRPy0jc8I7t-GsG86jruUU5EZ73GuhwmUzJhEUgW_mBhPNAj50sLY-V2sQ9aUi4uVI7Y1bIiGgM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OM-xRPy0jc8I7t-GsG86jruUU5EZ73GuhwmUzJhEUgW_mBhPNAj50sLY-V2sQ9aUi4uVI7Y1bIiGgMqJWY964LRz73_3E7Ujyk

170 B
188 B

39ms
38ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OM-xRPy0jc8I7t-GsG86jruUU5EZ73GuhwmUzJhEUgW_mBhPNAj50sLY-V2sQ9aUi4uVI7Y1bIiGgMqJWY964LRz73_3E7Ujyk

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OM-xRPy0jc8I7t-GsG86jruUU5EZ73GuhwmUzJhEUgW_mBhPNAj50sLY-V2sQ9aUi4uVI7Y1bIiGgMqJWY964LRz73_3E7Ujyk
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 847F
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENiNIkF_rVxE_qevhgpsEfs&google_cver=1&google_push=AavPq0M9nxnzubig5SL3qTjDCnJaASPdiIsxbi2XncIXqg1cnUbnoNUpNxO1rg4PUFguxvMJehcCJ9csgYZCZl5JP4-blqyXiF...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0M9nxnzubig5SL3qTjDCnJaASPdiIsxbi2XncIXqg1cnUbnoNUpNxO1rg4PUFguxvMJehcCJ9csgYZCZl5JP4-blqyXiFl...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY0MjE4NjI2MDAyOTUzNTIzODcxNA%3D%3D&google_push=AavPq0M9nxnzubig5SL3qTjDCnJaASPdiIsxbi2XncIXqg1cnUbnoNUp...

170 B
188 B

43ms
42ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY0MjE4NjI2MDAyOTUzNTIzODcxNA%3D%3D&google_push=AavPq0M9nxnzubig5SL3qTjDCnJaASPdiIsxbi2XncIXqg1cnUbnoNUpNxO1rg4PUFguxvMJehcCJ9csgYZCZl5JP4-blqyXiFlfS_I

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY0MjE4NjI2MDAyOTUzNTIzODcxNA%3D%3D&google_push=AavPq0M9nxnzubig5SL3qTjDCnJaASPdiIsxbi2XncIXqg1cnUbnoNUpNxO1rg4PUFguxvMJehcCJ9csgYZCZl5JP4-blqyXiFlfS_I
date: Fri, 06 Jan 2023 00:05:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 847F
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEBCHNMBRnAGgOgd1F-HMAs0&google_cver=1&google_push=AavPq0MaKm7wpM-vUxaqYQeyjSUL3vTbCU18_uLkJQzglJXa2amDn7leIx1RnnWQxMebvmwa4Pl5JCkuO1pRujzVDUkkMNcH0...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE1OTY1MTA4MDAzMjc3NzAwMFYxMA%3d%3d&mn_hm=MzE1OTY1MTA4MDAzMjc3NzAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0MaKm7wpM-vUxaqYQeyjSUL3vT...

170 B
188 B

45ms
43ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE1OTY1MTA4MDAzMjc3NzAwMFYxMA%3d%3d&mn_hm=MzE1OTY1MTA4MDAzMjc3NzAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0MaKm7wpM-vUxaqYQeyjSUL3vTbCU18_uLkJQzglJXa2amDn7leIx1RnnWQxMebvmwa4Pl5JCkuO1pRujzVDUkkMNcH0ZOUmQMd&gdpr=&gdpr_consent=

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 00:05:08 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE1OTY1MTA4MDAzMjc3NzAwMFYxMA%3d%3d&mn_hm=MzE1OTY1MTA4MDAzMjc3NzAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0MaKm7wpM-vUxaqYQeyjSUL3vTbCU18_uLkJQzglJXa2amDn7leIx1RnnWQxMebvmwa4Pl5JCkuO1pRujzVDUkkMNcH0ZOUmQMd&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
X-MNET-HL2: E
Expires: Fri, 06 Jan 2023 00:05:08 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 847F
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPgGJ87qcOz7dpLpLon5h7A&google_cver=1&google_push=AavPq0Pyvt1dw5yS8v20mToA_h7ZM0CKVh7Zrx5ta2Md_AHBPvG3y9OqBLe34Du15dGBsep8c8F7nyxXgfc...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0Pyvt1dw5yS8v20mToA_h7ZM0CKVh7Zrx5ta2Md_AHBPvG3y9OqBLe34Du15dGBsep8c8F7nyxXgfc_EehNvwME0-lkE0V93EeLsw
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

231ms
231ms

Image
text/plain

51.79.234.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Protocol

Server

51.79.234.100 , Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip100.ip-51-79-234.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 847F 0
12 B 40ms
39ms Image
text/html 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iuq-SCcb3DXa4Fyote0KgglcUiCjvXP1WtrgA4azQEKjEpdR6PIJSqmZ-HcIdJHM2_gBR4GQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 15A9 28 KB
28 KB 29ms
5ms Font
font/woff2 2404:6800:4004:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 20:35:04 GMT
x-content-type-options: nosniff
age: 99004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 20:35:04 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EA3E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOSGw-JCriLASrMbJ33Kc-o&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MUtZZTl4ZVQxUGRBZW81&google_gid=CAESEOSGw-JCriLASrMbJ33Kc-o&google_cver=1&google_push=AavPq0OdptqLi7JCkrHeKBGIReX-X6qs_5Ocn7Pwsnw9Cap...

170 B
188 B

38ms
37ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MUtZZTl4ZVQxUGRBZW81&google_gid=CAESEOSGw-JCriLASrMbJ33Kc-o&google_cver=1&google_push=AavPq0OdptqLi7JCkrHeKBGIReX-X6qs_5Ocn7Pwsnw9CapyYGIPUfKgQuGz8EssiS-8oChJnA2Kj8dQN5o0Vg2fCLi9QcYh829L2A

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 00:05:07 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0cce7615b9818de43@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MUtZZTl4ZVQxUGRBZW81&google_gid=CAESEOSGw-JCriLASrMbJ33Kc-o&google_cver=1&google_push=AavPq0OdptqLi7JCkrHeKBGIReX-X6qs_5Ocn7Pwsnw9CapyYGIPUfKgQuGz8EssiS-8oChJnA2Kj8dQN5o0Vg2fCLi9QcYh829L2A
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EA3E
Redirect Chain

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEN5Ckn-zWtTIrlm5AiEVGgI&google_cver=1&google_push=AavPq0NRrfBm4dCBrE4muzqr78FE9HL19kDkCjotv7-Y6KZHIcjaJwAC7zOrxaKL_DTOcruyEShp_8WRN7oPpvSykXSKNrM1...
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0NRrfBm4dCBrE4muzqr78FE9HL19kDkCjotv7-Y6KZHIcjaJwAC7zOrxaKL_DTOcruyEShp_8WRN7oPpvSykXSKNrM14DYFvA

170 B
188 B

41ms
40ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0NRrfBm4dCBrE4muzqr78FE9HL19kDkCjotv7-Y6KZHIcjaJwAC7zOrxaKL_DTOcruyEShp_8WRN7oPpvSykXSKNrM14DYFvA

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0NRrfBm4dCBrE4muzqr78FE9HL19kDkCjotv7-Y6KZHIcjaJwAC7zOrxaKL_DTOcruyEShp_8WRN7oPpvSykXSKNrM14DYFvA
Date: Fri, 06 Jan 2023 00:05:08 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EA3E
Redirect Chain

https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEOujc2SUMQsqvBcP695ZJQ0&google_cver=1&google_push=AavPq0NlVNT2bDc-CIxRKlz4CyI6832tDpQdXajHK35_xPoDUHAfW97v3xCldPSiFB-MM2r64aXusZp6Tkgnd2H...
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=OTk3NTEyMjUzOA&google_push=AavPq0NlVNT2bDc-CIxRKlz4CyI6832tDpQdXajHK35_xPoDUHAfW97v3xCldPSiFB-MM2r64aXusZp6Tkgnd2HxIvURUQ...

170 B
188 B

37ms
37ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=OTk3NTEyMjUzOA&google_push=AavPq0NlVNT2bDc-CIxRKlz4CyI6832tDpQdXajHK35_xPoDUHAfW97v3xCldPSiFB-MM2r64aXusZp6Tkgnd2HxIvURUQMPj2gy4Q

Requested by

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=OTk3NTEyMjUzOA&google_push=AavPq0NlVNT2bDc-CIxRKlz4CyI6832tDpQdXajHK35_xPoDUHAfW97v3xCldPSiFB-MM2r64aXusZp6Tkgnd2HxIvURUQMPj2gy4Q
Date: Fri, 06 Jan 2023 00:05:08 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EA3E
Redirect Chain

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESELGgyyOjUJOQX9ak0xghWvw&google_cver=1&google_push=AavPq0NnPElwd-3X8hvDzM_NeS9UTfUR1Sy7CH2svHS60nLtT1F0mbK47KRN5xbihloYT78AOuKMgooageAUPdOmI...
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AavPq0NnPElwd-3X8hvDzM_NeS9UTfUR1Sy7CH2svHS60nLtT1F0mbK47KRN5xbihloYT78AOuKMgooageAUPdOmIOWBuQa3PgysTQ&google_hm=AT9XDOsWSEkKjWrGGw...

170 B
188 B

38ms
38ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AavPq0NnPElwd-3X8hvDzM_NeS9UTfUR1Sy7CH2svHS60nLtT1F0mbK47KRN5xbihloYT78AOuKMgooageAUPdOmIOWBuQa3PgysTQ&google_hm=AT9XDOsWSEkKjWrGGwBPba0

Requested by

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AavPq0NnPElwd-3X8hvDzM_NeS9UTfUR1Sy7CH2svHS60nLtT1F0mbK47KRN5xbihloYT78AOuKMgooageAUPdOmIOWBuQa3PgysTQ&google_hm=AT9XDOsWSEkKjWrGGwBPba0
Date: Fri, 06 Jan 2023 00:05:08 GMT
Server: Apache
Connection: keep-alive
Content-Length: 233
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EA3E
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEBCHNMBRnAGgOgd1F-HMAs0&google_cver=1&google_push=AavPq0Ncf8MfAHnKIh8pVbAYCEzgKIACV2ygkP7lgf50SiXY57vAmICb1koiFSCju5lLDSr9srfgNUCnQujXYjaHZ8Z97DvUt...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE1OTY1MTA4MDAzMjcyMjAwMFYxMA%3d%3d&mn_hm=MzE1OTY1MTA4MDAzMjcyMjAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0Ncf8MfAHnKIh8pVbAYCEzgKIA...

170 B
188 B

44ms
43ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE1OTY1MTA4MDAzMjcyMjAwMFYxMA%3d%3d&mn_hm=MzE1OTY1MTA4MDAzMjcyMjAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0Ncf8MfAHnKIh8pVbAYCEzgKIACV2ygkP7lgf50SiXY57vAmICb1koiFSCju5lLDSr9srfgNUCnQujXYjaHZ8Z97DvUtrNwKoc&gdpr=&gdpr_consent=

Requested by

Host: quiz.creditis.com.br
URL: https://quiz.creditis.com.br/

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 00:05:08 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE1OTY1MTA4MDAzMjcyMjAwMFYxMA%3d%3d&mn_hm=MzE1OTY1MTA4MDAzMjcyMjAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0Ncf8MfAHnKIh8pVbAYCEzgKIACV2ygkP7lgf50SiXY57vAmICb1koiFSCju5lLDSr9srfgNUCnQujXYjaHZ8Z97DvUtrNwKoc&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
X-MNET-HL2: E
Expires: Fri, 06 Jan 2023 00:05:08 GMT

GET
H/1.1 200
OK sync
rtb2-useast.e-volution.ai/ Frame EA3E 42 B
233 B 690ms
227ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESENxTcQUvmODxks6q3uu7-xQ&google_cver=1&google_push=AavPq0MVCdtbfl6uNzZK6Rb_OJ0QRFCKgeX-iEKjoYAWlx6rInUIZaY1iU0iTS3m9Mopz3tZkxgKZ6mJonwezFCa7TRSS_leQ0sr0Ws
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1284532310232457&output=html&h=280&adk=3036045525&adf=3964850271&pi=t.aa~a.3559513600~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1672963507&rafmt=1&to=qs&pwprc=3830565116&format=1200x280&url=https%3A%2F%2Fquiz.creditis.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672963507794&bpp=1&bdt=2605&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D96548ce88a9d9ded-2280a9dc2bd90093%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaRFj89t7KU6_ggls74b3JKXlKtYg&gpic=UID%3D00000b9eb75307d5%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaLWr8QqL35ZM1wy7qbc0wjwPIZDQ&prev_fmts=0x0%2C1200x280%2C1110x280&nras=3&correlator=1997113556880&frm=20&pv=1&ga_vid=1995572288.1672963507&ga_sid=1672963507&ga_hid=318244986&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2598253615014856&tmod=1093264718&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20230103&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=DN0oeyvwxO&p=https%3A//quiz.creditis.com.br&dtd=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Jan 2023 00:05:09 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EA3E
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEOGBB2NUwC5wlZKI1l4AqWg&google_cver=1&google_push=AavPq0Oq_MW07IQJIHcD__96UzRu3QMzdCW4PhlKWdYDXVehDlkvB0GQE9rclRJnwQtBeeTbeN-JiIAyb4DnvpGQxdPytrkGYF_fLm-r
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAavPq0Oq_MW07IQJIHcD__96UzRu3QMzdCW4PhlKWdYDXVeh...
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
https://sync.inmobi.com/gobRedirectFromId5?id=ID5-27884FQUXqXxvvhQTtn9Ot5LylDEbIhsMS4a4FpNcQ&google_push=AavPq0Oq_MW07IQJIHcD__96UzRu3QMzdCW4PhlKWdYDXVehDlkvB0GQE9rclRJnwQtBeeTbeN-JiIAyb4DnvpGQxdPy...
https://cm.g.doubleclick.net/pixel?google_hm=xTzanJwiBkUj4klFPNjt&google_push=AavPq0Oq_MW07IQJIHcD__96UzRu3QMzdCW4PhlKWdYDXVehDlkvB0GQE9rclRJnwQtBeeTbeN-JiIAyb4DnvpGQxdPytrkGYF_fLm-r&google_nid=inm...

170 B
188 B

43ms
42ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_hm=xTzanJwiBkUj4klFPNjt&google_push=AavPq0Oq_MW07IQJIHcD__96UzRu3QMzdCW4PhlKWdYDXVehDlkvB0GQE9rclRJnwQtBeeTbeN-JiIAyb4DnvpGQxdPytrkGYF_fLm-r&google_nid=inmobi_new_eb

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 06 Jan 2023 00:05:10 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_hm=xTzanJwiBkUj4klFPNjt&google_push=AavPq0Oq_MW07IQJIHcD__96UzRu3QMzdCW4PhlKWdYDXVehDlkvB0GQE9rclRJnwQtBeeTbeN-JiIAyb4DnvpGQxdPytrkGYF_fLm-r&google_nid=inmobi_new_eb
x-download-options: noopen
vary: Accept
content-length: 229
x-xss-protection: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EA3E 0
12 B 37ms
36ms Image
text/html 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ko7f7fTCXselCSNY1ZfYb8q2YMgTM6LWtvRWEmxdyZ9HG1d-y8Q3RjmwLhEji0Qb_cjJ9CVks

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js Show response
pagead2.googlesyndication.com/bg/ Frame B9D3 36 KB
16 KB 5ms
3ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 05:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16096
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 05:37:23 GMT

GET
H3 200 sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js Show response
pagead2.googlesyndication.com/bg/ Frame AED8 36 KB
16 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 05:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16096
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 05:37:23 GMT

GET
H3 200 sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js Show response
pagead2.googlesyndication.com/bg/ Frame EE3A 36 KB
16 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 05:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16096
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 05:37:23 GMT

GET
H3 200 sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js Show response
pagead2.googlesyndication.com/bg/ Frame D865 36 KB
16 KB 4ms
3ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 05:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16096
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 05:37:23 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 55ms
55ms XHR
application/json 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230104&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f906c8f97b21959c10649c1290e66c7132c333d48835e8ca9c4aaaabe89c28f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11147
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 42ms
42ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 06 Jan 2023 00:05:08 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D1AF 13 KB
5 KB 2ms
2ms Document
text/html 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://quiz.creditis.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 58992
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 07:41:56 GMT
expires: Fri, 05 Jan 2024 07:41:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 30C7 783 B
536 B 39ms
39ms Document
text/html 2404:6800:4004:826::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

480e9c19497a83aa31c61032adb3b0aff43457034a34ad6b2790f61c48d7ec5f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xYj51mZ9pfZ-KVnIxcDQ3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quiz.creditis.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-xYj51mZ9pfZ-KVnIxcDQ3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 00:05:08 GMT
expires: Fri, 06 Jan 2023 00:05:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js Show response
pagead2.googlesyndication.com/bg/ Frame D1AF 36 KB
16 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 05:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16096
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 05:37:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 30C7 0
0 37ms
36ms Image
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230104&jk=2598253615014856&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D1AF 0
10 B 2ms
2ms Image
text/plain 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7gQtOw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 00:05:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CE46 42 B
64 B 49ms
49ms Fetch
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYWD206OUmuButHwOwRCwcmolsi02GtuLosYqufzfiDrBeLze24WIDMd_GGUtswbzaUCs9-O6KvJNVtbwURnm0yd3J_5DXV03mpi4Fy39ckMI6CLg4VnzWptvlw-ctIlkz3o4&sai=AMfl-YScLLjmthQJyOyCDW0GWr5M2VBIeQMkIGnuIK7EmRJtpGK5AJ6u5ibAFdiuXgem_2uIJpw8_gmdnJnseKVbxNg3I3Na4Z0__IauIw&sig=Cg0ArKJSzO9s1_0WkjoEEAE&cid=CAQSKQDq26N9CJhMsx-XEGOPYwgu8xioZUMtWyXcRqmuZK5UtIUMBByu_2GXGAEgEw&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,833,1000,1048,1048&tos=0,833,167,48,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&vu=1&app=0&itpl=2&adk=293675611&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672963507845&rpt=405&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 40ms
40ms Image
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230104&jk=2598253615014856&bg=!LS6lLmrNAAYDMoyoIzI7ACkAdvg8Whr6nzHS6SV-WJISRe1IeohtnADw2qe5Ixj3EGZYIYjmSYr5UAIAAABjUgAAAAJoAQcKALEPlPo55Qo_25u569hAojgBD3r4ElwjjDhconx13SBDlJBluPwMaH6hGl83XgnsEhCITTY5mr1CkvUhPn5G0Ij0Ho-H6hfoka-yFHgYA0PJvYEeFJLkz2HVUYFrOI0Zuuyijdvy-M1Mx2h7u5fp8PAtJwv9OlthXxe7S9ZHrdf4eB8QRyMeZq5psr55ECX9SCFV6gknsIBbOuHAd4MqsEusmp0KZM8R9ayTo_ZaPV70akSZAqivtd2gQWP_SVfL1t8UY7vmhSOX1cEkWCqR-TphZKds_jGVvjQyIVll7ebhO-XIJt3h2c8qsIiyZ0hxiqOHU7PCcw9Bt7TcPxjtn-eWA_IkDQr822XFql-dtQOuk7D_aC1KsmYS0YqX10h_7qtQZQwWAfI5_1ExE126ECFQqF1CAqoe-YmplCdGz_aGf6C-EgmYKZ0gW4F_pl7b16uOew4wuVfNqN2NYu_98Yh8kWEqkCyf2G5e1QBYx0pBm0FYDL3VWQ61C4jpUIqd5ycTsUm-zqQt4PQSL2AYP0M9tM-GCs72HF16QhPPL1o6iKPb9FVhT2apMAtHY1n7pP1XALQaVQ9ZoatUImH5c3VwFgY31CSFqNfTiD4M_ZRuxrN5KaCppKKcdTXKYFQV-I-W5jk_jPr9Bzp0rnRbm15hjhTo00RXBjoJCWAmPpzwk-GdTnD7skkc_6-RWMCE7aBQblgoT8rGy6pP8kaAcZmSVjSW6_j-b0j84z5YrEGGl_GME9z1r9pkBqCX0Ta_00pGUECgAfYzQ1Q_IJDBUEPY_Y3z8irwP0BSOoSfbIq1cepp9QjY0azhpitrlh7rCq48RWYYTcNccb2J-JHfq0NpUwraZSduqZaFazNY9FqeoYycBZ0UXmA1bpe1p-8CruYL5WIhomT1osHqKZnAdbJ8EZdrBlN0_HCRI3oenAS_zVZBZDLIMZc2g60U3S8JLO1RvB34x06efoxiwqWIVkri50nzW365J8bLw5Uk5q5SWUgcO5BeLf6VKJDJvNqO6pFCzd38vYGG6QtbGTpCNXT8HVYDhND5TbU4wGFnoVIBRT6VXT10LFToUgYrQMAml1m4gjiQMwJdetJmH8RSVVX4fGhn7HiMKCS0YrRr6ePdHao34kw8InWSpPEstA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://quiz.creditis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 090F 0
54 B 560ms
257ms Ping
image/gif 2a00:1450:4006:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lcjra0e8&c=4106406367476&slotId=2053203183738&qqid=CNnutNzSsfwCFaZPDwIdM0kDuw&umsem=0&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/4e46e960a481e78ab29c4839888eb128.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4006:813::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Jan 2023 00:05:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
quiz.creditis.com.br/	1969-12-31 23:59:59	Name: route Value: 6557fc481218e7c14a6987b7ee3eeea7
quiz.creditis.com.br/	1969-12-31 23:59:59	Name: SRVGROUP Value: common
.creditis.com.br/	1970-01-20 18:18:43	Name: _ga_W08JLCY5Z7 Value: GS1.1.1672963506.1.0.1672963506.0.0.0
.creditis.com.br/	1970-01-20 10:52:19	Name: _gcl_au Value: 1.1.963470257.1672963507
.creditis.com.br/	1970-01-20 18:18:43	Name: _ga Value: GA1.3.1995572288.1672963507
.creditis.com.br/	1970-01-20 08:44:09	Name: _gid Value: GA1.3.193638200.1672963507
.creditis.com.br/	1970-01-20 08:42:43	Name: _gat_gtag_UA_206121558_2 Value: 1
.creditis.com.br/	1970-01-20 18:04:19	Name: __gads Value: ID=96548ce88a9d9ded-2280a9dc2bd90093:T=1672963506:RT=1672963506:S=ALNI_MaRFj89t7KU6_ggls74b3JKXlKtYg
.creditis.com.br/	1970-01-20 18:04:19	Name: __gpi Value: UID=00000b9eb75307d5:T=1672963506:RT=1672963506:S=ALNI_MaLWr8QqL35ZM1wy7qbc0wjwPIZDQ
.doubleclick.net/	1970-01-20 18:18:43	Name: IDE Value: AHWqTUlaQb2Vs8KvsOhEEKB2KDrDEziCTebbhCW3L-oQn8LHWARmKy_rtfyEuH3ARZc
.fout.jp/	1970-01-20 18:18:43	Name: uid Value: _IIyCHB2BW0FA5XUhqFeKtEl8Hc
.uncn.jp/	1970-01-20 17:28:19	Name: t Value: v_3f570ceb-1648-490a-8d6a-c61b004f6dad
.r-ad.ne.jp/	1970-01-20 13:01:55	Name: r_ad_token Value: 52J057014BDGa007F29O
.adtdp.com/	1970-01-20 18:18:43	Name: uid Value: AYWEZUcRuq9d-TG64II
.adtdp.com/	1970-01-20 18:18:43	Name: dynid Value: AYWEZUcRuq9d-TG64II
.doubleclick.net/	1970-01-20 08:42:47	Name: DSID Value: NO_DATA
.adform.net/	1970-01-20 09:27:21	Name: C Value: 1
.yahoo.com/	1970-01-20 17:28:41	Name: A3 Value: d=AQABBLRlt2MCEH5CAERQ6Lq_q1rxpApQkrIFEgEBAQG3uGPBYwAAAAAA_eMAAA&S=AQAAAqJA7vcaQ-D0Ejfd1zMlGuw
.adform.net/	1970-01-20 10:09:07	Name: uid Value: 6450300911282810736
.w55c.net/	1970-01-20 18:12:57	Name: wfivefivec Value: 1KYe9xeT1PdAeo5
.bidswitch.net/	1970-01-20 17:28:19	Name: tuuid Value: 563bb495-cea8-4357-b035-fa14ac3a9ac4
.bidswitch.net/	1970-01-20 17:28:19	Name: c Value: 1672963508
.bidswitch.net/	1970-01-20 17:28:19	Name: tuuid_lu Value: 1672963508
.openx.net/	1970-01-20 17:28:19	Name: i Value: b42bfeed-6d9e-401c-ae14-1857f47280b3\|1672963508
.bidswitch.net/	1970-01-20 08:42:43	Name: google_push Value: AavPq0PFSF-UsPmqA2Pl-mtEbtcueEkSRe-y3R9szNvZxeA8DNPP7zH00mPghhaLGTt_72ytMBj9lXYUCU-vI2ebD8F1d-_xQM_Qgom1Qc1Hb49v-Sbk4uSijFTYv2X2hhdM-hwK2wL4ti7XIdnjqGIPM8I6VA
.w55c.net/	1970-01-20 09:25:55	Name: matchgoogle Value: 5
.adnxs.com/	1970-01-20 10:52:19	Name: uuid2 Value: 6757688646303931674
.media.net/	1970-01-20 09:02:53	Name: data-g Value: CAESEBCHNMBRnAGgOgd1F-HMAs0~~3
.media.net/	1970-01-20 17:28:19	Name: visitor-id Value: 3159651080032777000V10
.1rx.io/	1970-01-20 17:28:19	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-ccc080c2-1238-4bfc-9318-c06d4ea10ffe-004%22%7D
.tribalfusion.com/	1970-01-20 10:52:19	Name: ANON_ID Value: aUnseFON6Jf8ZbUxrbOFTZdc8ZavIBYXtsBgpxtZaf7cK9rJZb24rypXtluX8butt8ZdyCi15K6oPIWxVIBubZcixhB
.3lift.com/	1970-01-20 10:52:19	Name: tluid Value: 3642186260029535238714
.targeting.unrulymedia.com/	1970-01-20 17:28:19	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-ccc080c2-1238-4bfc-9318-c06d4ea10ffe-004%22%7D
.zemanta.com/	1970-01-20 17:28:19	Name: zuid Value: Y-gOMiElrU0hVw9xP-UW
sync.srv.stackadapt.com/	1970-01-20 17:28:19	Name: sa-user-id Value: s%3A0-c23bf674-ddad-4720-52cf-95b8eb477a63.TMDcLSyOF8dQj168758OyZiAN3ADowujNhO2jjXiOSw
.srv.stackadapt.com/	1970-01-20 17:28:19	Name: sa-user-id-v2 Value: s%3Awjv2dN2tRyBSz5W460d6Yx_Mkac.lBivdG5XtMol8GepM3v6j9zr8msy4PnBXhbpDniaIbc
.id5-sync.com/	1970-01-20 08:42:43	Name: cf Value:
.id5-sync.com/	1970-01-20 08:42:43	Name: cip Value:
.id5-sync.com/	1970-01-20 08:42:43	Name: cnac Value:
.id5-sync.com/	1970-01-20 08:42:43	Name: car Value:
.id5-sync.com/	1970-01-20 08:42:43	Name: gdpr Value:
.id5-sync.com/	1970-01-20 10:52:19	Name: id5 Value: 27b373a2-a607-76aa-8ea8-a1e3c3aa2908#1672963509629#2
.id5-sync.com/	1970-01-20 10:52:19	Name: 3pi Value:
.id5-sync.com/	1970-01-20 08:42:43	Name: callback Value:

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://onesignal.com/api/v1/sync/52f5c061-d4a9-40e2-a851-dceff3140026/web?callback=__jp0 Message: Failed to load resource: the server responded with a status of 400 ()
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18216231906100725975/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1284532310232457&output=html&h=90&adk=894380781&adf=1986100267&pi=t.aa~a.3559513600~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1672963507&rafmt=1&to=qs&pwprc=3830565116&format=1200x90&url=https%3A%2F%2Fquiz.creditis.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672963507794&bpp=1&bdt=2605&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D96548ce88a9d9ded-2280a9dc2bd90093%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaRFj89t7KU6_ggls74b3JKXlKtYg&gpic=UID%3D00000b9eb75307d5%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaLWr8QqL35ZM1wy7qbc0wjwPIZDQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1200x280&nras=4&correlator=1997113556880&frm=20&pv=1&ga_vid=1995572288.1672963507&ga_sid=1672963507&ga_hid=318244986&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2598253615014856&tmod=1093264718&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20230103&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=TpY1cvdK3c&p=https%3A//quiz.creditis.com.br&dtd=9 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/18216231906100725975/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1284532310232457&output=html&h=90&adk=894380781&adf=1986100267&pi=t.aa~a.3559513600~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1672963507&rafmt=1&to=qs&pwprc=3830565116&format=1200x90&url=https%3A%2F%2Fquiz.creditis.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672963507794&bpp=1&bdt=2605&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D96548ce88a9d9ded-2280a9dc2bd90093%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaRFj89t7KU6_ggls74b3JKXlKtYg&gpic=UID%3D00000b9eb75307d5%3AT%3D1672963506%3ART%3D1672963506%3AS%3DALNI_MaLWr8QqL35ZM1wy7qbc0wjwPIZDQ&prev_fmts=0x0%2C1200x280%2C1110x280%2C1200x280&nras=4&correlator=1997113556880&frm=20&pv=1&ga_vid=1995572288.1672963507&ga_sid=1672963507&ga_hid=318244986&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2598253615014856&tmod=1093264718&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20230103&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=TpY1cvdK3c&p=https%3A//quiz.creditis.com.br&dtd=9 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/18216231906100725975/index.html".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
adservice.google.co.jp
adservice.google.com
b1sync.zemanta.com
c1.adform.net
cdn.onesignal.com
cm.g.doubleclick.net
cs.media.net
cs.r-ad.ne.jp
csi.gstatic.com
ds.uncn.jp
dynalyst-sync.adtdp.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id5-sync.com
im.bluevoox.com
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
quiz.creditis.com.br
r2---sn-oguelnzs.gvt1.com
redirector.gvt1.com
rtb.openx.net
rtb2-useast.e-volution.ai
s.tribalfusion.com
secure.adnxs.com
stats.g.doubleclick.net
sync.1rx.io
sync.fout.jp
sync.inmobi.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
v9999.adv.admeme.net
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
103.43.90.21
141.95.98.65
142.251.42.130
172.217.174.102
174.137.133.49
18.177.11.95
18.177.208.182
18.179.190.27
18.182.177.8
185.84.60.23
20.127.253.7
202.232.238.37
23.219.68.21
2404:6800:4004:2b::7
2404:6800:4004:801::2002
2404:6800:4004:80a::2002
2404:6800:4004:80b::200e
2404:6800:4004:811::2002
2404:6800:4004:813::2003
2404:6800:4004:813::200e
2404:6800:4004:81e::200a
2404:6800:4004:820::2002
2404:6800:4004:821::2002
2404:6800:4004:822::2003
2404:6800:4004:824::2001
2404:6800:4004:826::2003
2404:6800:4004:826::2004
2404:6800:4004:826::2008
2404:6800:4008:c01::9d
2406:da18:929:5a00:6830:e0b:9bd7:2183
2606:4700:3030::ac43:c174
2606:4700::6812:18ad
2606:4700::6812:e134
2a00:1450:4006:813::2003
35.186.253.211
35.213.12.39
51.79.234.100
52.220.190.50
52.223.2.229
52.45.175.185
54.81.22.167
64.74.236.63
74.118.186.44
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
074b3ffd900311a94251a76cef525d0ca36209b28fb2d71f01f6fc51be77249b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fe23b1baf6aa708da115d0d8a9d2e672e0c280112623336cfc2b8aebc558293
140b316a2d3056c65d92e7867c3fc4326c82f94cbc5986896a14ceae321893d9
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
26c26c00410752e553c9dc6365ae86b9a0902dae025afc5a917bc6c2b9d618e4
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3695eaa207ee12edf04cc20b26a5dfd9d64bd1d16ca288a4184a9a6b4e8816a0
41b649b16038518ccf96f9211a479b2d24cd108dd88841e0d5730bae01fd2597
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c
480e9c19497a83aa31c61032adb3b0aff43457034a34ad6b2790f61c48d7ec5f
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4cc1edb3b9def68f8e5831269bc9bbfcb0649b62cab26035c179beafc4ddc892
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
51972b5bc3e0a6286b3b4f20004da5c1900cd569fb6432d8ac1033311b7d4ea7
51ecf51c046a82b05546f5d75f06e1ee4af1e33d3455631dddd84870b393c9e4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a748ed7c8f7ae824a34325b79c2270ea342902a32d7f6ebcadff805eab3139d
6b126661cbf5813261bbe1248ff4842b95a5ccb747cb8f1ce59ae50bf1ece279
6dff57589c2fb657b8cf883da2d687ad3a88ccc563935977339af0d47d00f04f
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d
7e1229f98892b66dbc5471f497ac806a22acaea64a33e9ec7067c49e621ba143
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
89bb4ec5ecf8eec4670a60938ce665112e9ce39f3bc343ec6f9fa64e9a2efabe
8a6961555fa7fc0662c54f9336963683909d8fa73ac7316c6a309495fbf0bdae
8b35116e018ecca384753bd71d0c9237ee84ad6fdb9cbbeed214913d1ec40132
8b3d7ecc82076f456e17e5cf2b5c5851c0a3c33b17217d137be0bca580654349
946e7993dee282b436df4cd16d37f9aee299549b093c60ffdb26340db59eb13f
94ce4b182612d460e5054e33a69ee5bc55fa922cbadc9aa8d4d8dd3ca5218075
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a3b988909053ac71ff9e337664d9c413357f6c94ca4061fed5e4381409c04be1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
b29df8c2c7672fcaaea7702bbee460a8666e12f1678b9bc55d150b73a1cfe694
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b989ef6e53e278a56abb90201c504c90c1b447f7e71eb35557e0e66b8de0a431
b9e6fa35c8675ec9a5773fed40011d1a274cc472a517e3c4c0c39338b9cf9704
be5e09685d162984641a7764b2c49250f9c53746eaadeb57acf001ddb4ccd709
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
ca1b20a3a02b8a9a5728c546e2a4f5d0d5b667eb719b11c4f55affa1d4c51e07
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d81d4292a30deadddd393e2bc8c8f14f09f6c9a8c5816accf0a3dab9447d1db3
da3efb4b653b11894a8c7fc24460096f39e9e230aafd1a55bd3e491e3e3401c3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df2190cd412cb2675373fe986d0b8656ada79449c75ff64473fa773033ca80b1
df65c31ee0b25aca84707561d35885c784d9f3b4d30ebad22490e258af4be909
e00330427c51aa6054ec3c96952fedc0afb22033164411791fbbe67c2ecf5838
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e9c7c16187a035c3db67c709f563f0ef3be9d797b7c7ec74d91367a6c37e45fa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a5ee6fab46dcbcaee7a3b161cf503381a29a82b5dde74aa5c2b57e6d2c3cc6
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f906c8f97b21959c10649c1290e66c7132c333d48835e8ca9c4aaaabe89c28f7
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff4d8633a18c63028f5e0c8e4595f9daef318df1a632656939458a1919c4edb8

quiz.creditis.com.br Open in urlscan Pro 2606:4700:3030::ac43:c174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

158 Requests

80 %HTTPS

49 %IPv6

36 Domains

47 Subdomains

24 IPs

8 Countries

2880 kBTransfer

6035 kBSize

44 Cookies

2 Outgoing links

Redirected requests

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

quiz.creditis.com.br Open in urlscan Pro
2606:4700:3030::ac43:c174 Public Scan

Screenshot
Live screenshot

Full Image

158
Requests

80 %
HTTPS

49 %
IPv6

36
Domains

47
Subdomains

24
IPs

8
Countries

2880 kB
Transfer

6035 kB
Size

44
Cookies

158 HTTP transactions
8 data transactions