plantaocredito.xyz Open in urlscan Pro
143.198.150.47 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://plantaocredito.xyz/
Submission: On December 06 via automatic, source certstream-suspicious (December 6th 2021, 12:52:55 am UTC) — Scanned from DE

Summary HTTP 225 Redirects Behaviour Indicators

Summary

This website contacted 29 IPs in 7 countries across 25 domains to perform 225 HTTP transactions. The main IP is 143.198.150.47, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is plantaocredito.xyz.
TLS certificate: Issued by R3 on October 8th 2021. Valid for: 3 months.

This is the only time plantaocredito.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
73	143.198.150.47 143.198.150.47	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
8	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
6	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3033::6815:34e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
20	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1 4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:915b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:10c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 9	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
9	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1 1	54.73.238.193 54.73.238.193	16509 (AMAZON-02) (AMAZON-02)
1 1	35.156.157.11 35.156.157.11	16509 (AMAZON-02) (AMAZON-02)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:a212:76ab:db1a:a790	16509 (AMAZON-02) (AMAZON-02)
1 1	217.182.200.29 217.182.200.29	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
225	29

73 143.198.150.47 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

plantaocredito.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::6815:34e4 (United States)

ASN13335 (CLOUDFLARENET, US)

script.joinads.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:915b (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:10c (United States)

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.91 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.238.193 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-238-193.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.157.11 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-157-11.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:a212:76ab:db1a:a790 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.200.29 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm7.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	plantaocredito.xyz plantaocredito.xyz	2 MB
47	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com 4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com	515 KB
29	doubleclick.net 3 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	291 KB
20	gstatic.com fonts.gstatic.com www.gstatic.com	584 KB
9	2mdn.net s0.2mdn.net	193 KB
9	google.com 2 redirects adservice.google.com www.google.com	2 KB
8	googleapis.com fonts.googleapis.com	7 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	googletagservices.com www.googletagservices.com	173 KB
5	google-analytics.com www.google-analytics.com	40 KB
4	google.de adservice.google.de www.google.de	2 KB
4	facebook.com 1 redirects www.facebook.com	650 B
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	googletagmanager.com www.googletagmanager.com	132 KB
3	joinads.me script.joinads.me	8 KB
2	addthis.com 2 redirects e.dlx.addthis.com	1 KB
2	app-us1.com diffuser-cdn.app-us1.com prism.app-us1.com	6 KB
2	facebook.net connect.facebook.net	113 KB
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	338 B
1	innovid.com ag.innovid.com	296 B
1	openx.net rtb.openx.net	351 B
1	agkn.com 1 redirects d.agkn.com	761 B
1	everesttech.net 1 redirects pixel.everesttech.net	376 B
1	trackcmp.net trackcmp.net	362 B
1	googleadservices.com partner.googleadservices.com	452 B
225	25

	Domain	Requested by
73	plantaocredito.xyz	plantaocredito.xyz
24	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com 4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com
21	pagead2.googlesyndication.com	plantaocredito.xyz pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
14	www.gstatic.com	googleads.g.doubleclick.net script.joinads.me 4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	s0.2mdn.net	plantaocredito.xyz s0.2mdn.net
9	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
8	fonts.googleapis.com	plantaocredito.xyz googleads.g.doubleclick.net s0.2mdn.net 4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com
6	www.google.com	2 redirects plantaocredito.xyz googleads.g.doubleclick.net tpc.googlesyndication.com 4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com
6	fonts.gstatic.com	fonts.googleapis.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net script.joinads.me 4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	securepubads.g.doubleclick.net	plantaocredito.xyz securepubads.g.doubleclick.net
4	www.facebook.com	1 redirects plantaocredito.xyz
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	www.googletagmanager.com	plantaocredito.xyz script.joinads.me www.googletagmanager.com
3	script.joinads.me	plantaocredito.xyz script.joinads.me
2	4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	googleads4.g.doubleclick.net	plantaocredito.xyz
2	connect.facebook.net	plantaocredito.xyz connect.facebook.net
1	googlecm.hit.gemius.pl	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	trackcmp.net	diffuser-cdn.app-us1.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	diffuser-cdn.app-us1.com	plantaocredito.xyz
1	www.google.de	plantaocredito.xyz
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
225	35

This site contains no links.

Subject Issuer	Validity	Valid
plantaocredito.xyz R3	`2021-10-08` - `2022-01-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.joinads.me R3	`2021-11-04` - `2022-02-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-14` - `2021-12-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-15` - `2022-07-14`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh

This page contains 21 frames:

Primary Page: https://plantaocredito.xyz/
Frame ID: 902BFE8CAF3F7BE70911494D420EF1C2
Requests: 127 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/zrt_lookup.html
Frame ID: 0CFFE42779AD27E96AB2D5B1259ABB99
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8519566401851236&output=html&adk=1812271804&adf=3025194257&lmt=1638751967&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fplantaocredito.xyz%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638751967172&bpp=3&bdt=1603&idt=218&shv=r20211201&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6115760660895&frm=20&pv=2&ga_vid=1042707922.1638751967&ga_sid=1638751967&ga_hid=1605014380&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824%2C31063851&oid=2&pvsid=3865218929640579&pem=383&tmod=459562136&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=237
Frame ID: 27A297FC3A087C8D07C656E9CFC489D2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 183601A681A5A5613F68C87F866B71A1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4C385CFC30BD42C213A2F3D715E2B4F6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5C1A99F7A3EEBFD8DD85608894693301
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8519566401851236&output=html&h=90&slotname=4678813439&adk=2645007159&adf=3610118697&pi=t.ma~as.4678813439&w=728&lmt=1638751968&psa=0&format=728x90&url=https%3A%2F%2Fplantaocredito.xyz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638751968138&bpp=1&bdt=2570&idt=1&shv=r20211201&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5d91280624245f75-22643e5f3ccc0038%3AT%3D1638751967%3ART%3D1638751967%3AS%3DALNI_MZ-4Ul4XH1iEETsFNCmyly7V_CCbg&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=6115760660895&frm=20&pv=1&ga_vid=1042707922.1638751967&ga_sid=1638751967&ga_hid=1605014380&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824%2C31063851&oid=2&pvsid=3865218929640579&pem=383&tmod=459562136&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfeE%7C&abl=NF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RYa2YHMgle&p=https%3A//plantaocredito.xyz&dtd=9
Frame ID: 6CE0298D8D331B0DEBA9600BE49249A6
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 24EC330F00AEF948B0080AF1BB278A58
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 31686FE46E91613A2D5C20E1B78DD2F8
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A004573C04D50B2E40A0E7EBF051B251
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiqhuy8ATAB&v=APEucNVhKtbYhY59xgbTmcaBEa7DABV_fvBxJah2ol9h-O8WyDv1I2H67YltMS_pcmnSxBWvH2OmaRoRGDyvBbo2dTGAu7cQFz1hx2KFxjEfNpa-wg66vsW1Xu-t4OwKgmdWhPg5EX1R-_NItuEqKEY8p3XjSm8lT3CWm8hiI1r1q8e-SEnsPzE
Frame ID: 2700C6CC17CF92580D670D66AF114839
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 91D316DFD9B9F3012A59A72E50FA2263
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 249EC1937ECF1EBB14193DE88E9651B0
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15768295053150174721/index.html?e=69&leftOffset=0&topOffset=0&c=mUBNjaoa8R&t=1&renderingType=2
Frame ID: A948CAF75E5E62ACA9FA5A195AE4FAEA
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js
Frame ID: A007CCCB50E6D0BDE49BAAE30FD0A077
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js
Frame ID: 440438493E2DBE349DFBB93328DEA425
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 33487A26331D1F8393CC9B2E84322A40
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6D38B2E7A89FC8A0371C5ACAD2800AD5
Requests: 2 HTTP requests in this frame

Frame: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6280E1727B8F8B3FB57B820F57BA9036
Requests: 1 HTTP requests in this frame

Frame: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D22837E675A890937083FB97F3B00161
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 19AE41023721F80455F5B05750816CA9
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Inicio - Plantão Crédito

Page Statistics

225
Requests

96 %
HTTPS

66 %
IPv6

25
Domains

35
Subdomains

29
IPs

7
Countries

3887 kB
Transfer

7065 kB
Size

30
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 93

https://www.facebook.com/tr/?id=941963593069024&ev=ViewContent&dl=https%3A%2F%2Fplantaocredito.xyz%2F&rl=&if=false&ts=1638751967331&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638751967327.2084160494&it=1638751967156&coo=false&rqm=GET HTTP 302
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fplantaocredito.xyz%2F&ec=1&ev=ViewContent&fbp=fb.1.1638751967327.2084160494&id=941963593069024&if=false&it=1638751967156&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1638751967331&v=2.9.48

Request Chain 138

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 139

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKwrhBB7EYhNwiPaQ3KVTGk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKwrhBB7EYhNwiPaQ3KVTGk&google_cver=1&C=1

Request Chain 148

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ya1e4TMmbDJC8zg5JFltDQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKwrhBB7EYhNwiPaQ3KVTGk&google_cver=1

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIWcdnd82DLTkPzyxYO3f78&google_cver=1

Request Chain 150

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc0MjMyMDM5OTA5MzkzMzExOQ%3D%3D

Request Chain 160

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJuZJeDhXn2udbGTbQh5yyqObfJcSryj83n7aU_fQGqdp7JE9p1WCZkVbqOwKbreCda1ATqosFe72kudNMKjGX1ZcjVsLVI&google_gid=CAESEBHk_rJCUnNDB4H2cH3_VUU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWExZTRRQUFBSTVHYXdmeA&google_push=AYg5qPJuZJeDhXn2udbGTbQh5yyqObfJcSryj83n7aU_fQGqdp7JE9p1WCZkVbqOwKbreCda1ATqosFe72kudNMKjGX1ZcjVsLVI

Request Chain 161

https://d.agkn.com/pixel/2175/?google_gid=CAESEBtNqvcIJg1TH8TG0DMQJkk&google_cver=1&google_push=AYg5qPKhWKxBLInplOspkJqPFMs1JMzi-YzcQCxY6F84MKsZFp72bquUo2-LNOlNt5x1EM50OcNAcNOYW7gjmazhjzpZ0yIZmao3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKhWKxBLInplOspkJqPFMs1JMzi-YzcQCxY6F84MKsZFp72bquUo2-LNOlNt5x1EM50OcNAcNOYW7gjmazhjzpZ0yIZmao3&google_hm=Q0FFU0VCdE5xdmNJSmcxVEg4VEcwRE1RSmtr

Request Chain 162

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJgHfgtk3wxh5F2BXd-HYARNhMT9j-d4yptkGufIlCmFxiqlArk3vXBDoEDMwefxHQf2heBFBnkk1sjiEevFqZ7pYQy_to&google_gid=CAESELc0yPomRBIXg0zl9Y3i1LY&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJgHfgtk3wxh5F2BXd-HYARNhMT9j-d4yptkGufIlCmFxiqlArk3vXBDoEDMwefxHQf2heBFBnkk1sjiEevFqZ7pYQy_to&google_gid=CAESELc0yPomRBIXg0zl9Y3i1LY&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMDYwMDUyNDkwMDA0MjYzMTUxNTgzOA%3D%3D&google_push=AYg5qPJgHfgtk3wxh5F2BXd-HYARNhMT9j-d4yptkGufIlCmFxiqlArk3vXBDoEDMwefxHQf2heBFBnkk1sjiEevFqZ7pYQy_to

Request Chain 164

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBRegiqLq8RUdhSFrXt2wyO5g08mZXXqVdOLOehCh4PoDwWHBqrsPFX7G9l8K5omSNXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBRegiqLq8RUdhSFrXt2wyO5g08mZXXqVdOLOehCh4PoDwWHBqrsPFX7G9l8K5omSNXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBRegiqLq8RUdhSFrXt2wyO5g08mZXXqVdOLOehCh4PoDwWHBqrsPFX7G9l8K5omSNXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBRegiqLq8RUdhSFrXt2wyO5g08mZXXqVdOLOehCh4PoDwWHBqrsPFX7G9l8K5omSNXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBRegiqLq8RUdhSFrXt2wyO5g08mZXXqVdOLOehCh4PoDwWHBqrsPFX7G9l8K5omSNXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBRegiqLq8RUdhSFrXt2wyO5g08mZXXqVdOLOehCh4PoDwWHBqrsPFX7G9l8K5omSNXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBRegiqLq8RUdhSFrXt2wyO5g08mZXXqVdOLOehCh4PoDwWHBqrsPFX7G9l8K5omSNXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBRegiqLq8RUdhSFrXt2wyO5g08mZXXqVdOLOehCh4PoDwWHBqrsPFX7G9l8K5omSNXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBRegiqLq8RUdhSFrXt2wyO5g08mZXXqVdOLOehCh4PoDwWHBqrsPFX7G9l8K5omSNXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBRegiqLq8RUdhSFrXt2wyO5g08mZXXqVdOLOehCh4PoDwWHBqrsPFX7G9l8K5omSNXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBRegiqLq8RUdhSFrXt2wyO5g08mZXXqVdOLOehCh4PoDwWHBqrsPFX7G9l8K5omSNXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBRegiqLq8RUdhSFrXt2wyO5g08mZXXqVdOLOehCh4PoDwWHBqrsPFX7G9l8K5omSNXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBRegiqLq8RUdhSFrXt2wyO5g08mZXXqVdOLOehCh4PoDwWHBqrsPFX7G9l8K5omSNXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBRegiqLq8RUdhSFrXt2wyO5g08mZXXqVdOLOehCh4PoDwWHBqrsPFX7G9l8K5omSNXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBRegiqLq8RUdhSFrXt2wyO5g08mZXXqVdOLOehCh4PoDwWHBqrsPFX7G9l8K5omSNXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBRegiqLq8RUdhSFrXt2wyO5g08mZXXqVdOLOehCh4PoDwWHBqrsPFX7G9l8K5omSNXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBRegiqLq8RUdhSFrXt2wyO5g08mZXXqVdOLOehCh4PoDwWHBqrsPFX7G9l8K5omSNXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBRegiqLq8RUdhSFrXt2wyO5g08mZXXqVdOLOehCh4PoDwWHBqrsPFX7G9l8K5omSNXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBRegiqLq8RUdhSFrXt2wyO5g08mZXXqVdOLOehCh4PoDwWHBqrsPFX7G9l8K5omSNXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBRegiqLq8RUdhSFrXt2wyO5g08mZXXqVdOLOehCh4PoDwWHBqrsPFX7G9l8K5omSNXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBRegiqLq8RUdhSFrXt2wyO5g08mZXXqVdOLOehCh4PoDwWHBqrsPFX7G9l8K5omSNXs

Request Chain 166

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEBWPBt2GSyS_Li8PYCjeE6c&google_cver=1&google_push=AYg5qPI64wnegs9h3W7X2epIeEx4wakSVQtkYXzxjhkpCFNsIK0OjNeIOZDevZYBvW49S2g7SxguT1HREBUKJiFuTaxrm8Gdcmlv1A HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPI64wnegs9h3W7X2epIeEx4wakSVQtkYXzxjhkpCFNsIK0OjNeIOZDevZYBvW49S2g7SxguT1HREBUKJiFuTaxrm8Gdcmlv1A&google_hm=

225 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
plantaocredito.xyz/ 108 KB
25 KB 724ms
363ms Document
text/html 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 577eab66d8845a5fa792d22b09f2bb43acc4ac3dcf9dff821e61c0abe5e7b3c8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 06 Dec 2021 00:52:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

GET
H/1.1 200
OK style-index.css
plantaocredito.xyz/wp-content/plugins/activecampaign-subscription-forms/activecampaign-form-block/build/ 70 B
387 B 172ms
172ms Stylesheet
text/css 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/plugins/activecampaign-subscription-forms/activecampaign-form-block/build/style-index.css?ver=1633995704
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 55bd442d45ef481e3f0eb795894dd94f1a5e38f2a4847c2f49371010e1e013c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:46 GMT
Last-Modified: Mon, 11 Oct 2021 23:41:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164cbb8-46"
Content-Type: text/css
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70
Expires: Thu, 01 Dec 2022 00:52:46 GMT

GET
H/1.1 200
OK styles.css
plantaocredito.xyz/wp-content/plugins/contact-form-7/includes/css/ 3 KB
3 KB 345ms
172ms Stylesheet
text/css 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.1
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:46 GMT
Last-Modified: Mon, 11 Oct 2021 23:41:46 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164cbba-aab"
Content-Type: text/css
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2731
Expires: Thu, 01 Dec 2022 00:52:46 GMT

GET
H/1.1 200
OK all-light.min.css
plantaocredito.xyz/wp-content/themes/bimber/css/8.1.2/styles/original/ 191 KB
191 KB 627ms
312ms Stylesheet
text/css 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/css/8.1.2/styles/original/all-light.min.css?ver=8.1.2
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: edb9155737a1151ce1c8b5aeb936d79cb06d1ae7ec19c3c0e78a8cf5330f6ba3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:46 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-2fbf1"
Content-Type: text/css
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 195569
Expires: Thu, 01 Dec 2022 00:52:46 GMT

GET
H/1.1 200
OK single-light.min.css
plantaocredito.xyz/wp-content/themes/bimber/css/8.1.2/styles/original/ 45 KB
45 KB 628ms
310ms Stylesheet
text/css 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/css/8.1.2/styles/original/single-light.min.css?ver=8.1.2
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b4d44a56ea08f2e71de40c07cca623339b0e76cf824c5d7d1d42fe6794f80231

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:46 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-b46c"
Content-Type: text/css
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46188
Expires: Thu, 01 Dec 2022 00:52:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 57ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CPoppins%3A400%2C300%2C500%2C600%2C700&subset=latin%2Clatin-ext&ver=8.1.2

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97f234a27b6737ae353c0f2e8dcbfd55c474e9ca484a0ea906a40a02e0f0dad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
Origin: https://plantaocredito.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 00:03:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Dec 2021 00:52:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Dec 2021 00:52:46 GMT

GET
H/1.1 200
OK dynamic-style-1630352897.css
plantaocredito.xyz/wp-content/uploads/sites/6/ 11 KB
12 KB 478ms
160ms Stylesheet
text/css 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/uploads/sites/6/dynamic-style-1630352897.css
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d41bf65826c3499d81d6043ce04a5522bb038504230bb231254e72ae6991a23e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:46 GMT
Last-Modified: Mon, 30 Aug 2021 19:48:17 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "612d3601-2d60"
Content-Type: text/css
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11616
Expires: Thu, 01 Dec 2022 00:52:46 GMT

GET
H/1.1 200
OK elementor-icons.min.css
plantaocredito.xyz/wp-content/plugins/elementor/assets/lib/eicons/css/ 17 KB
18 KB 636ms
313ms Stylesheet
text/css 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.12.0
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8da4ba63c0631c15e1fbebacc34c51ddf4d51b8b2bd7a6c9a3885e913f408301

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:46 GMT
Last-Modified: Mon, 11 Oct 2021 23:41:49 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164cbbd-450f"
Content-Type: text/css
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17679
Expires: Thu, 01 Dec 2022 00:52:46 GMT

GET
H/1.1 200
OK frontend.min.css
plantaocredito.xyz/wp-content/plugins/elementor/assets/css/ 128 KB
129 KB 517ms
174ms Stylesheet
text/css 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.4.4
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: adca5d0e2d8cf963ea169f370334d59fe2a8fddaf00fb4878687686f2580a814

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:46 GMT
Last-Modified: Mon, 11 Oct 2021 23:41:49 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164cbbd-20102"
Content-Type: text/css
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 131330
Expires: Thu, 01 Dec 2022 00:52:46 GMT

GET
H/1.1 200
OK post-312.css
plantaocredito.xyz/wp-content/uploads/sites/6/elementor/css/ 948 B
1 KB 533ms
177ms Stylesheet
text/css 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/uploads/sites/6/elementor/css/post-312.css?ver=1634081022
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d43d42d97a74018432cf24585b78a896e5bf41f7f1068811264a844aea1a82f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:46 GMT
Last-Modified: Tue, 12 Oct 2021 23:23:42 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "616618fe-3b4"
Content-Type: text/css
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 948
Expires: Thu, 01 Dec 2022 00:52:46 GMT

GET
H/1.1 200
OK frontend.min.css
plantaocredito.xyz/wp-content/plugins/elementor-pro/assets/css/ 206 KB
206 KB 640ms
161ms Stylesheet
text/css 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.0.10
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1c8265dfea61fdbeb7770b27478fa751de4f9a0d8647867f98a0a47c00255842

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:46 GMT
Last-Modified: Thu, 24 Jun 2021 18:11:39 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4cadb-33812"
Content-Type: text/css
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 210962
Expires: Thu, 01 Dec 2022 00:52:46 GMT

GET
H/1.1 200
OK elementor-light.min.css
plantaocredito.xyz/wp-content/themes/bimber/css/8.1.2/styles/original/ 189 B
507 B 710ms
177ms Stylesheet
text/css 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/css/8.1.2/styles/original/elementor-light.min.css?ver=8.1.2
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 620048f7c4eaa7b906ad7d9e98225f0e1889f76c6b0578face435ae79757c8d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:46 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-bd"
Content-Type: text/css
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 189
Expires: Thu, 01 Dec 2022 00:52:46 GMT

GET
H/1.1 200
OK global.css
plantaocredito.xyz/wp-content/uploads/sites/6/elementor/css/ 33 KB
34 KB 798ms
162ms Stylesheet
text/css 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/uploads/sites/6/elementor/css/global.css?ver=1634081023
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 933a7afc9634cbd2cbe461c85494ed2b6cb054860aed2ae567c1fe2f9897fd9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:46 GMT
Last-Modified: Tue, 12 Oct 2021 23:23:43 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "616618ff-8557"
Content-Type: text/css
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34135
Expires: Thu, 01 Dec 2022 00:52:46 GMT

GET
H/1.1 200
OK post-310.css
plantaocredito.xyz/wp-content/uploads/sites/6/elementor/css/ 6 KB
6 KB 889ms
178ms Stylesheet
text/css 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/uploads/sites/6/elementor/css/post-310.css?ver=1634079558
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e32e77d49c38f1cb0b4c87d1f9d4eb2b2e36a685b550625405d8119fe6263e41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:46 GMT
Last-Modified: Tue, 12 Oct 2021 22:59:18 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "61661346-162e"
Content-Type: text/css
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5678
Expires: Thu, 01 Dec 2022 00:52:46 GMT

GET
H/1.1 200
OK mashshare-light.min.css
plantaocredito.xyz/wp-content/themes/bimber/css/8.1.2/styles/original/ 8 KB
8 KB 934ms
158ms Stylesheet
text/css 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/css/8.1.2/styles/original/mashshare-light.min.css?ver=8.1.2
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e50bb464e8257ff1391db4b7a9fec036fc876ad95b0a72f8b0f4bd7b5997a0a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-1f96"
Content-Type: text/css
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8086
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 60 KB
2 KB 56ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CWork+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.1

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

87405338b6b370e7995c862b8b1e5730ce5db3e505ac7ab21298c9d7d45cb6ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
Origin: https://plantaocredito.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 23:56:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Dec 2021 00:52:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Dec 2021 00:52:46 GMT

GET
H/1.1 200
OK jquery.min.js Show response
plantaocredito.xyz/wp-includes/js/jquery/ 87 KB
88 KB 1237ms
348ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Mon, 11 Oct 2021 23:36:04 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164ca64-15db1"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89521
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
plantaocredito.xyz/wp-includes/js/jquery/ 11 KB
11 KB 1088ms
158ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Mon, 11 Oct 2021 23:36:02 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164ca62-2bd8"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11224
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK modernizr-custom.min.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/modernizr/ 7 KB
7 KB 1107ms
160ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/modernizr/modernizr-custom.min.js?ver=3.3.0
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2e66ce2eadd79bca0080194f87dbf2f1d01bbf996241615de43d94dfc7eb1d0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-1b70"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7024
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 57ms
18ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

8bc9e99df030393e9710d3bc34f2c81a7712da26b96ca9d10bff5350826544dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1064 / 218 of 1000 / last-modified: 1638572771"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26974
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 06 Dec 2021 00:52:47 GMT

GET
H2 200 ads1725.js Show response
script.joinads.me/ 22 KB
6 KB 909ms
907ms Script
application/javascript 2606:4700:3033::6815:34e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.joinads.me/ads1725.js
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:34e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d39c55bbf87b52c4f2b7e239f3b0d784944c02a6d85455bdc8ea2662e378ea5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Dec 2021 16:46:11 GMT
server: cloudflare
etag: W/"61a7a6d3-570b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjoUEzTEr042C4Zf%2Fu0UIPx9d34705DiE6nYlfcrEoGcKpRIBmHt%2BY8XF6XBY%2F50EVpoc7VUTqF%2Bxyfm76gWKIYTmRuKE%2BTiscL9M2UYMUGe%2F9dBmFcXFk4h9lN5Qxm7hQ1SyJTbhlvB8ISUmJzuCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b918895990a839a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
51 KB 83ms
40ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a097d121deb546540a86c2084e68b9cad24457639d617c2cb751b1bbbbabef6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51242
x-xss-protection: 0
server: cafe
etag: 34638037256671131
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 00:52:47 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 68ms
26ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8519566401851236

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ee4f520e7c3e246f1b8cdfccb2b693606ea7d529b4ae98ba3de1792f024a70e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
Origin: https://plantaocredito.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51921
x-xss-protection: 0
server: cafe
etag: 2107497257581408555
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 00:52:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 59ms
32ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-201994943-1

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f00cf2b1e9049406a0cfba145b0c28d44e236e6c39e7656e103967fc6ae2306e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36171
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Dec 2021 00:52:47 GMT

GET
H2 200 push-notification.js Show response
script.joinads.me/ 1 KB
957 B 82ms
25ms Script
application/javascript 2606:4700:3033::6815:34e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.joinads.me/push-notification.js
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:34e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39d0fd9943a1069718bb60c51587b8a2b7711d562766565fafd8ac6050e44cdb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 194494
cf-polished: origSize=1350
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 01 Apr 2021 12:59:38 GMT
server: cloudflare
etag: W/"6065c3ba-546"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpQIbK94%2BiEvLEd5OHH%2BmEPh%2FPkUYBPZw%2FcjgzMWOpnXpda4CkRxW8lJPp6TJ29LRZxFRj7V%2Fyl4aLfniHzrkgb1PnHD9yXoHXZptBsv%2FWjTnIuNYHrXoDybCNHyFhvM2fEL0qcvU50rTTMxAJu8%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 6b91888ced78839a-MXP
expires: Mon, 28 Nov 2022 18:51:12 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
plantaocredito.xyz/wp-includes/js/ 18 KB
18 KB 178ms
178ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Mon, 11 Oct 2021 23:37:12 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164caa8-4705"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18181
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK animations.min.css
plantaocredito.xyz/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
18 KB 988ms
173ms Stylesheet
text/css 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.4.4
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Mon, 11 Oct 2021 23:41:49 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164cbbd-4824"
Content-Type: text/css
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18468
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK site_tracking.js Show response
plantaocredito.xyz/wp-content/plugins/activecampaign-subscription-forms/ 1 KB
2 KB 1103ms
159ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/plugins/activecampaign-subscription-forms/site_tracking.js?ver=5.8.1
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9a19938485ca7f6c582d3f78d17d9e443d26b260cac24c9dd9499f70b5d28390

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Mon, 11 Oct 2021 23:41:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164cbb8-57b"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1403
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK regenerator-runtime.min.js Show response
plantaocredito.xyz/wp-includes/js/dist/vendor/ 6 KB
7 KB 1159ms
172ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Mon, 11 Oct 2021 23:35:55 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164ca5b-1906"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6406
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK wp-polyfill.min.js Show response
plantaocredito.xyz/wp-includes/js/dist/vendor/ 16 KB
16 KB 1220ms
159ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Mon, 11 Oct 2021 23:35:57 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164ca5d-4056"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16470
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK index.js Show response
plantaocredito.xyz/wp-content/plugins/contact-form-7/includes/js/ 12 KB
12 KB 1228ms
160ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.1
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Mon, 11 Oct 2021 23:41:46 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164cbba-2e56"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11862
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK comment-reply.min.js Show response
plantaocredito.xyz/wp-includes/js/ 3 KB
3 KB 1240ms
160ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/comment-reply.min.js?ver=5.8.1
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Mon, 11 Oct 2021 23:35:29 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164ca41-ba8"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2984
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK stickyfill.min.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/stickyfill/ 6 KB
6 KB 1260ms
158ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/stickyfill/stickyfill.min.js?ver=2.0.3
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 77bf60e84e126d1609cc0a302c3953dc25ae054aaee3514d04a4726d4f2609fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-1893"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6291
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK placeholders.jquery.min.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/jquery.placeholder/ 5 KB
6 KB 1331ms
172ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/jquery.placeholder/placeholders.jquery.min.js?ver=4.0.1
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: aabc30ee10c2b23a718fe443f43b051563fa5c58aa4b48cb64155a424e451468

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-1555"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5461
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK jquery.timeago.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/jquery.timeago/ 7 KB
7 KB 1379ms
158ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/jquery.timeago/jquery.timeago.js?ver=1.5.2
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c8a2ce0ff737cb50745bcd2b534fa03c462d897895dadb9af2d46e37db45c2f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-1c47"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7239
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK jquery.timeago.pt-br.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/jquery.timeago/locales/ 398 B
731 B 1390ms
161ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/jquery.timeago/locales/jquery.timeago.pt-br.js
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3626069ffcb1718117bbccd3d9c1f487edeb9498ec20f162162b4cb111815d8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-18e"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 398
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK matchmedia.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/matchmedia/ 2 KB
2 KB 1401ms
160ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/matchmedia/matchmedia.js
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 76b8c213b84808d8f2986bfa38e79e3f2d1a94f065e517a143999b198abd8bd6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-6a4"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1700
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK matchmedia.addlistener.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/matchmedia/ 3 KB
3 KB 1419ms
158ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/matchmedia/matchmedia.addlistener.js
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4492a4f252febe84a00d7f8246e50e43475a11d7192a279aab3c189cd3721456

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-b00"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2816
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK picturefill.min.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/picturefill/ 8 KB
8 KB 1504ms
172ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/picturefill/picturefill.min.js?ver=2.3.1
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d603b6e5c404d28a9f1c12bb0b57d8c9967836a8f53cce046a2ab3fd1f3b2f52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-1e1b"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7707
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK jquery.waypoints.min.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/jquery.waypoints/ 9 KB
9 KB 1539ms
158ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/jquery.waypoints/jquery.waypoints.min.js?ver=4.0.0
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-2281"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8833
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK libgif.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/libgif/ 33 KB
34 KB 1561ms
178ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/libgif/libgif.js
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ff1ce8732e74bc97205dfb4009d268a21dcbd5eac386e19e45f93db0defd51b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-8550"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34128
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK enquire.min.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/enquire/ 2 KB
3 KB 1551ms
160ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/enquire/enquire.min.js?ver=2.1.2
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 324dbc3f38a9f0a20763e0c0d817aadea2b441e2b872b81c69f453857da67489

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-8ce"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2254
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK global.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/ 44 KB
44 KB 1563ms
161ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/global.js?ver=8.1.2
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d3cc6b0b74b949fa886fabe7bde4f82927ad4b18fe22eac02d1b45c848d88280

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-af01"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44801
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK players.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/ 19 KB
20 KB 1578ms
158ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/players.js?ver=8.1.2
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 039d644b319f7e4a4e519d602cc92b31bc0c31d1000b3363c044a276cfa8b1e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-4d47"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19783
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK core.min.js Show response
plantaocredito.xyz/wp-includes/js/jquery/ui/ 20 KB
21 KB 1698ms
159ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Mon, 11 Oct 2021 23:36:09 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164ca69-5133"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20787
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK menu.min.js Show response
plantaocredito.xyz/wp-includes/js/jquery/ui/ 9 KB
10 KB 1716ms
164ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/jquery/ui/menu.min.js?ver=1.12.1
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e94b12cb948d3d2eff43addf04700f8611ba383c00892652dc294a76bec2a105

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Mon, 11 Oct 2021 23:36:16 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164ca70-253b"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9531
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK dom-ready.min.js Show response
plantaocredito.xyz/wp-includes/js/dist/ 1 KB
2 KB 1738ms
176ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/dist/dom-ready.min.js?ver=71883072590656bf22c74c7b887df3dd
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Mon, 11 Oct 2021 23:35:43 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164ca4f-4e9"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1257
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK hooks.min.js Show response
plantaocredito.xyz/wp-includes/js/dist/ 5 KB
6 KB 1727ms
159ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/dist/hooks.min.js?ver=a7edae857aab69d69fa10d5aef23a5de
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Mon, 11 Oct 2021 23:35:45 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164ca51-1540"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5440
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK i18n.min.js Show response
plantaocredito.xyz/wp-includes/js/dist/ 10 KB
10 KB 1735ms
158ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/dist/i18n.min.js?ver=5f1269854226b4dd90450db411a12b79
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Mon, 11 Oct 2021 23:35:46 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164ca52-268a"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9866
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK a11y.min.js Show response
plantaocredito.xyz/wp-includes/js/dist/ 3 KB
3 KB 1848ms
172ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/dist/a11y.min.js?ver=0ac8327cc1c40dcfdf29716affd7ac63
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: edc988f9162131dfa6d20d122013987468254662e7cdbc7565c39a5789edb6ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Mon, 11 Oct 2021 23:35:35 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164ca47-bc1"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3009
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK autocomplete.min.js Show response
plantaocredito.xyz/wp-includes/js/jquery/ui/ 8 KB
9 KB 1856ms
158ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.12.1
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69fc7bcafee09477b13dbda32d00410bc15a3faeb3e890cc15fef46d7c84d432

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Mon, 11 Oct 2021 23:36:08 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164ca68-215b"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8539
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK ajax-search.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/ 2 KB
2 KB 1875ms
159ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/ajax-search.js?ver=8.1.2
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 14d1267c9cf8d49aa00a026da9641071d586f1d65b78944b1430a09bb46a1f3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-80f"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2063
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK single.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/ 25 KB
26 KB 1887ms
160ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/single.js?ver=8.1.2
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5aec278ade903745f846b8d0aae9a803d098eac0076413ed822c596cda772efa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-656c"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25964
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
plantaocredito.xyz/wp-includes/js/ 1 KB
2 KB 1893ms
157ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Mon, 11 Oct 2021 23:37:11 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164caa7-592"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1426
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK jquery.smartmenus.min.js Show response
plantaocredito.xyz/wp-content/plugins/elementor-pro/assets/lib/smartmenus/ 25 KB
25 KB 1915ms
178ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Thu, 24 Jun 2021 18:11:39 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4cadb-6272"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25202
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK imagesloaded.min.js Show response
plantaocredito.xyz/wp-includes/js/ 5 KB
6 KB 2020ms
172ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Mon, 11 Oct 2021 23:35:35 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164ca47-15fd"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5629
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK webpack.runtime.min.js Show response
plantaocredito.xyz/wp-content/plugins/elementor/assets/js/ 5 KB
5 KB 2013ms
158ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.4.4
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2db8df26802be7375f544080f0430a09908fec630c48f62e8d21a08cf6ad2f84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Mon, 11 Oct 2021 23:41:49 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164cbbd-130f"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4879
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK frontend-modules.min.js Show response
plantaocredito.xyz/wp-content/plugins/elementor/assets/js/ 14 KB
14 KB 2035ms
160ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.4.4
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b8f48c4bcb8186d73a45940bfa283ec096579ec1e5b3e9ab1e54b6d61a3ebab7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Mon, 11 Oct 2021 23:41:49 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164cbbd-36b2"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14002
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK jquery.sticky.min.js Show response
plantaocredito.xyz/wp-content/plugins/elementor-pro/assets/lib/sticky/ 6 KB
7 KB 2046ms
160ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.0.10
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Thu, 24 Jun 2021 18:11:39 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4cadb-19c3"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6595
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK frontend.min.js Show response
plantaocredito.xyz/wp-content/plugins/elementor-pro/assets/js/ 184 KB
184 KB 2050ms
158ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.0.10
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f3971b50c2fef5d876fd6c9e71e3627e52a1b486c2d590756b352059319a6446

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Thu, 24 Jun 2021 18:11:39 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4cadb-2e01c"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 188444
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK waypoints.min.js Show response
plantaocredito.xyz/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
12 KB 2092ms
177ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Mon, 11 Oct 2021 23:41:49 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164cbbd-2fa6"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12198
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK swiper.min.js Show response
plantaocredito.xyz/wp-content/plugins/elementor/assets/lib/swiper/ 136 KB
136 KB 2172ms
159ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Mon, 11 Oct 2021 23:41:49 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164cbbd-21f91"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 139153
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK share-link.min.js Show response
plantaocredito.xyz/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
3 KB 2191ms
172ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.4.4
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Mon, 11 Oct 2021 23:41:49 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164cbbd-a12"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2578
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK dialog.min.js Show response
plantaocredito.xyz/wp-content/plugins/elementor/assets/lib/dialog/ 11 KB
11 KB 2195ms
160ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Mon, 11 Oct 2021 23:41:49 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164cbbd-2a6f"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10863
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK frontend.min.js Show response
plantaocredito.xyz/wp-content/plugins/elementor/assets/js/ 36 KB
36 KB 2207ms
161ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.4.4
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5cf01af520eaf211cfd403e274f7b2871502dc6e121ad79b937ef93c373a7547

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Mon, 11 Oct 2021 23:41:49 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164cbbd-8ecd"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36557
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK preloaded-modules.min.js Show response
plantaocredito.xyz/wp-content/plugins/elementor/assets/js/ 31 KB
32 KB 2223ms
159ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.4.4
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6d09be5ae723ad43d8e44ae1719f6769efa7da5bb780f67edf03b6f7b85c16ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Mon, 11 Oct 2021 23:41:49 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6164cbbd-7d5e"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32094
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: W70IvZXXD5odE7itwtlgBxbR0dJ9VvDQSDP4ZUY6NaJxfgXaAIJhdAXGeXcNfJgIFot7KHZCpeeWrdkea4I/2Q==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 06 Dec 2021 00:52:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 37ms
12ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CPoppins%3A400%2C300%2C500%2C600%2C700&subset=latin%2Clatin-ext&ver=8.1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://plantaocredito.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 20:07:55 GMT
x-content-type-options: nosniff
age: 449092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 20:07:55 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 40ms
16ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CPoppins%3A400%2C300%2C500%2C600%2C700&subset=latin%2Clatin-ext&ver=8.1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://plantaocredito.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:59:22 GMT
x-content-type-options: nosniff
age: 395605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:48 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 10:59:22 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 32ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CPoppins%3A400%2C300%2C500%2C600%2C700&subset=latin%2Clatin-ext&ver=8.1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://plantaocredito.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:45:42 GMT
x-content-type-options: nosniff
age: 378425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 15:45:42 GMT

GET
H/1.1 200
OK bimber.woff
plantaocredito.xyz/wp-content/themes/bimber/css/8.1.2/bimber/fonts/ 10 KB
10 KB 235ms
173ms Font
application/font-woff 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/css/8.1.2/bimber/fonts/bimber.woff
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ac7f11986f311aec18f6e8346a0c2448ed4a523a16761ecd652a9707792282fa

Request headers

Referer: https://plantaocredito.xyz/
Origin: https://plantaocredito.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:47 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-281c"
Content-Type: application/font-woff
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10268
Expires: Thu, 01 Dec 2022 00:52:47 GMT

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ 47 KB
47 KB 41ms
17ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CWork+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://plantaocredito.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 05:36:22 GMT
x-content-type-options: nosniff
age: 414985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48480
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 05:36:22 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 46ms
23ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CPoppins%3A400%2C300%2C500%2C600%2C700&subset=latin%2Clatin-ext&ver=8.1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://plantaocredito.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 17:53:46 GMT
x-content-type-options: nosniff
age: 457141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 17:53:46 GMT

GET
H/1.1 200
OK logo_200x200-e1625604984706.png
plantaocredito.xyz/wp-content/uploads/sites/6/2021/07/ 4 KB
4 KB 904ms
158ms Image
image/png 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plantaocredito.xyz/wp-content/uploads/sites/6/2021/07/logo_200x200-e1625604984706.png
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 346581ef7ce7844f5261e68e1ead8e083205d05bf3014416906417a9075eec68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Tue, 06 Jul 2021 20:56:24 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60e4c378-e8c"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3724
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK como-funciona-o-limite-do-saque-do-cartao-de-credito-1600x800-c-center-728x364.jpeg
plantaocredito.xyz/wp-content/uploads/sites/6/2021/07/ 24 KB
24 KB 791ms
179ms Image
image/jpeg 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plantaocredito.xyz/wp-content/uploads/sites/6/2021/07/como-funciona-o-limite-do-saque-do-cartao-de-credito-1600x800-c-center-728x364.jpeg
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f0e403386a598f953a4948b91858de2de7b639ef30e9dd0db5c37ee3ace98f38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Tue, 06 Jul 2021 20:31:21 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60e4bd99-6046"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24646
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK Como-emitir-CRLV-Digital-300x164.jpg
plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/ 13 KB
13 KB 896ms
160ms Image
image/jpeg 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/Como-emitir-CRLV-Digital-300x164.jpg
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3cbcfe3f882ea56764020ab1c935894474a545c1952fa61f221e8c34309d22b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Thu, 25 Nov 2021 22:50:37 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "61a0133d-331a"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13082
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK Aplicativo-para-medir-a-pressao-2-300x300.jpg
plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/ 15 KB
15 KB 885ms
172ms Image
image/jpeg 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/Aplicativo-para-medir-a-pressao-2-300x300.jpg
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7737fea30590b41106722b8d2add87fd538bdec869d94eeb93553fc62b9b9a6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Thu, 25 Nov 2021 22:47:15 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "61a01273-3be3"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15331
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK Como-colocar-musica-no-status-do-WhatsApp-300x169.jpg
plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/ 17 KB
17 KB 877ms
160ms Image
image/jpeg 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/Como-colocar-musica-no-status-do-WhatsApp-300x169.jpg
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fbba921ac6117515175d0c74f53c00964749f6669203297587e0fb0aa959d347

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Thu, 25 Nov 2021 22:42:13 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "61a01145-4495"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17557
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK Aplicativos-para-ouvir-musicas-300x169.png
plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/ 44 KB
45 KB 159ms
158ms Image
image/png 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/Aplicativos-para-ouvir-musicas-300x169.png
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b7474cdfa04752d04d03e228aef9053d4eec453778bb902dc840880a84b29f63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Thu, 25 Nov 2021 22:37:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "61a01020-b184"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45444
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK Aplicativos-para-ler-a-Biblia-pelo-celular-300x179.jpg
plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/ 15 KB
15 KB 160ms
160ms Image
image/jpeg 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/Aplicativos-para-ler-a-Biblia-pelo-celular-300x179.jpg
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d27c5ac2f4ab9c52bbadf0594f13535c563b05bdb5e9b12cf7852d94ba15c804

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Thu, 25 Nov 2021 22:32:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "61a00eff-3c69"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15465
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK Aplicativos-para-recuperar-fotos-apagadas-300x169.jpg
plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/ 12 KB
12 KB 173ms
173ms Image
image/jpeg 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/Aplicativos-para-recuperar-fotos-apagadas-300x169.jpg
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 516a0d294c3b78c50cf98c177f23bcf143ce8d959108f2c31bb7bf8639d0984a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Tue, 23 Nov 2021 23:39:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "619d7bc0-3063"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12387
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK Aplicativos-para-conseguir-Wi-Fi-gratis-300x262.jpg
plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/ 16 KB
16 KB 162ms
162ms Image
image/jpeg 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/Aplicativos-para-conseguir-Wi-Fi-gratis-300x262.jpg
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2c6430763c3ef8e3b0a63980b05694b1404b50381587043b3a7ab4a14a346198

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Tue, 23 Nov 2021 23:36:25 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "619d7af9-3f4d"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16205
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK simulador-de-corte-de-cabelo-300x169.jpg
plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/ 15 KB
15 KB 158ms
158ms Image
image/jpeg 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/simulador-de-corte-de-cabelo-300x169.jpg
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 709db08158376dc842c41c3125d7ebfd75085d4755929bbce7209e685a8731e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Tue, 23 Nov 2021 23:32:30 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "619d7a0e-3a7a"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14970
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK App-para-transformar-selfie-em-desenho-300x169.jpg
plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/ 12 KB
13 KB 177ms
177ms Image
image/jpeg 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/App-para-transformar-selfie-em-desenho-300x169.jpg
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 72cafe8b64bdc38c48073665e198d48b6715b561e5793eab39180c2a5db8193b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Tue, 23 Nov 2021 23:27:55 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "619d78fb-3126"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12582
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK Aplicativos-para-transformar-foto-em-desenho-foto-2-297x300.jpg
plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/ 29 KB
30 KB 158ms
158ms Image
image/jpeg 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/Aplicativos-para-transformar-foto-em-desenho-foto-2-297x300.jpg
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ff7ff830995ee29fdc7b565b6f22fb8d6f57e793fd885a73f8057f66ec6c241e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Tue, 23 Nov 2021 23:23:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "619d77d9-75cc"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30156
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK Aplicativo-para-rejuvenescer-300x157.jpg
plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/ 11 KB
11 KB 160ms
160ms Image
image/jpeg 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/Aplicativo-para-rejuvenescer-300x157.jpg
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f5a6757cf1f347a9d7deac583f51c5792b431ebc16d7c83ca030197a80651715

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Wed, 17 Nov 2021 12:16:18 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6194f292-2ad1"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10961
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H/1.1 200
OK Aplicativo-de-teste-de-gravidez-300x169.jpg
plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/ 13 KB
13 KB 172ms
172ms Image
image/jpeg 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plantaocredito.xyz/wp-content/uploads/sites/6/2021/11/Aplicativo-de-teste-de-gravidez-300x169.jpg
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9dc88625e94e3961af4c144d8cbfb45f703b3d812c28a6b3ded970709204b0bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 00:52:48 GMT
Last-Modified: Wed, 17 Nov 2021 12:11:07 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6194f15b-3333"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13107
Expires: Thu, 01 Dec 2022 00:52:48 GMT

GET
H3 200 pubads_impl_2021113001.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 39ms
24ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

465b31f84196ddfdd21c859a1460c95d70093d91e3ae5ce5c688c398b9dc20f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119680
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 13:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 06 Dec 2021 00:52:47 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 105 B
114 B 30ms
15ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=plantaocredito.xyz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

21d2f5dffdff788f23ef5781f9088fd4d1429a8437ea12b951b8a584e466464b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 00:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89
x-xss-protection: 0
expires: Mon, 06 Dec 2021 00:52:47 GMT

GET
H3 200 941963593069024 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 133ms
124ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/941963593069024?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e38ca129c53b94dab5eb23c74ad92f91d95ea0b536c44e27ea232741c5e1d588

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: wZE97DWN0haXw4iaWLHBQnaImqYX+bhVYNvpSh3S3Q01S9P0lohud7XgYKjbkO74Ze3Ec/qusmpiP+LjrU6YBw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 06 Dec 2021 00:52:47 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/ 273 KB
99 KB 49ms
34ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8519566401851236&plah=plantaocredito.xyz&bust=31063851

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8519566401851236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

574ad33ccf9091fe607e9cdc0a691c384517f532fb7917c1c079ef9b24cde2ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100883
x-xss-protection: 0
server: cafe
etag: 2247957372737753211
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 00:52:47 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/ Frame 0CFF 11 KB
5 KB 36ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8519566401851236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 05 Dec 2021 21:23:19 GMT
expires: Sun, 19 Dec 2021 21:23:19 GMT
content-type: text/html; charset=UTF-8
etag: 6406113418471942685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4879
x-xss-protection: 0
age: 12568
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 109ms
8ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-201994943-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4664
date: Sun, 05 Dec 2021 23:35:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 06 Dec 2021 01:35:03 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 29ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=941963593069024&ev=PageView&dl=https%3A%2F%2Fplantaocredito.xyz%2F&rl=&if=false&ts=1638751967328&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638751967327.2084160494&it=1638751967156&coo=false&rqm=GET

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 06 Dec 2021 00:52:47 GMT

GET
H3

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/?id=941963593069024&ev=ViewContent&dl=https%3A%2F%2Fplantaocredito.xyz%2F&rl=&if=false&ts=1638751967331&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.163875196732...
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fplantaocredito.xyz%2F&ec=1&ev=ViewContent&fbp=fb.1.1638751967327.2084160494&id=941963593069024&if=false&it=1638751967156&o=30&r=stable&redire...

44 B
91 B

17ms
7ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fplantaocredito.xyz%2F&ec=1&ev=ViewContent&fbp=fb.1.1638751967327.2084160494&id=941963593069024&if=false&it=1638751967156&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1638751967331&v=2.9.48

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/

Protocol

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 06 Dec 2021 00:52:47 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Dec 2021 00:52:47 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
location: /tr/?coo=false&dl=https%3A%2F%2Fplantaocredito.xyz%2F&ec=1&ev=ViewContent&fbp=fb.1.1638751967327.2084160494&id=941963593069024&if=false&it=1638751967156&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1638751967331&v=2.9.48
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
expires: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
14ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1605014380&t=pageview&_s=1&dl=https%3A%2F%2Fplantaocredito.xyz%2F&ul=en-us&de=UTF-8&dt=Inicio%20-%20Plant%C3%A3o%20Cr%C3%A9dito&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=393251362&gjid=1903480946&cid=1042707922.1638751967&tid=UA-201994943-1&_gid=1474080406.1638751967&_r=1&gtm=2ouc10&z=1453496528

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://plantaocredito.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 00:52:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://plantaocredito.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 222 B
452 B 31ms
16ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=plantaocredito.xyz&callback=_gfp_s_&client=ca-pub-8519566401851236

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8519566401851236&plah=plantaocredito.xyz&bust=31063851

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f29a5fbeb31ea46d54703d1d32246172311ec91e50c2d307333e355e146ca15f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 206
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 61ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=plantaocredito.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 00:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 55ms
17ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=plantaocredito.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 00:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 27A2 214 KB
45 KB 505ms
489ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8519566401851236&output=html&adk=1812271804&adf=3025194257&lmt=1638751967&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fplantaocredito.xyz%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638751967172&bpp=3&bdt=1603&idt=218&shv=r20211201&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6115760660895&frm=20&pv=2&ga_vid=1042707922.1638751967&ga_sid=1638751967&ga_hid=1605014380&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824%2C31063851&oid=2&pvsid=3865218929640579&pem=383&tmod=459562136&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=237

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68785dfabb0608ea3368cf65bdd39a06290651bf97e570d322f607fc240832bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 06 Dec 2021 00:52:48 GMT
server: cafe
content-length: 46437
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 06 Dec 2021 00:52:48 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 66ms
21ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-201994943-1&cid=1042707922.1638751967&jid=393251362&gjid=1903480946&_gid=1474080406.1638751967&_u=YEBAAUAAAAAAAC~&z=803374227

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://plantaocredito.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 06 Dec 2021 00:52:48 GMT
content-type: text/plain
access-control-allow-origin: https://plantaocredito.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 65ms
41ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-201994943-1&cid=1042707922.1638751967&jid=393251362&_u=YEBAAUAAAAAAAC~&z=164430767

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 00:52:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 44ms
20ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-201994943-1&cid=1042707922.1638751967&jid=393251362&_u=YEBAAUAAAAAAAC~&z=164430767

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 00:52:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 1836 0
15 B 8ms
8ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://plantaocredito.xyz
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/

Response headers

content-type: text/plain
access-control-allow-origin: https://plantaocredito.xyz
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Mon, 06 Dec 2021 00:52:48 GMT

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 24 KB
6 KB 44ms
15ms Script
application/javascript 2606:4700::6811:915b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:48 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 261
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
server: cloudflare
etag: W/"4d482a43613d3966f353ec9d97452e0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: FRA2-C1
cf-ray: 6b91889bae574aaf-FRA
x-amz-cf-id: 06Md-IKTiQmqlYnrakoRyzILa1BcM4MfCimr4L-oRvVhelV01Nj8tw==

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/ 148 KB
53 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/reactive_library_fy2019.js?bust=31063851

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d141e0d8a4655b103043956944298a32f2ad3eeddba3e291c1acdfd42c3efc12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53779
x-xss-protection: 0
server: cafe
etag: 12394961034025925676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 00:52:48 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=plantaocredito.xyz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 00:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=plantaocredito.xyz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 00:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/ Frame 4C38 11 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 05 Dec 2021 21:27:26 GMT
expires: Sun, 19 Dec 2021 21:27:26 GMT
content-type: text/html; charset=UTF-8
etag: 6406113418471942685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4879
x-xss-protection: 0
age: 12322
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/ Frame 5C1A 11 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 05 Dec 2021 21:27:26 GMT
expires: Sun, 19 Dec 2021 21:27:26 GMT
content-type: text/html; charset=UTF-8
etag: 6406113418471942685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4879
x-xss-protection: 0
age: 12322
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
prism.app-us1.com/ 246 B
375 B 174ms
165ms Script
application/javascript 2606:4700::6811:915b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=26974550&u=https%3A%2F%2Fplantaocredito.xyz%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: f9570e7090824a0a863b53a8feaac80124cc345489aa8c70adbcc760dbefccca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:48 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.2.34
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-cache, private
cf-ray: 6b91889c5ee54aaf-FRA

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8519566401851236

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51ffb7d51c9cf2332a08a1e84d2f1a690a614154ab3bae39585aac87e8348adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51223
x-xss-protection: 0
server: cafe
etag: 11313849755976121785
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 00:52:48 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6CE0 17 KB
10 KB 625ms
625ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8519566401851236&output=html&h=90&slotname=4678813439&adk=2645007159&adf=3610118697&pi=t.ma~as.4678813439&w=728&lmt=1638751968&psa=0&format=728x90&url=https%3A%2F%2Fplantaocredito.xyz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638751968138&bpp=1&bdt=2570&idt=1&shv=r20211201&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5d91280624245f75-22643e5f3ccc0038%3AT%3D1638751967%3ART%3D1638751967%3AS%3DALNI_MZ-4Ul4XH1iEETsFNCmyly7V_CCbg&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=6115760660895&frm=20&pv=1&ga_vid=1042707922.1638751967&ga_sid=1638751967&ga_hid=1605014380&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824%2C31063851&oid=2&pvsid=3865218929640579&pem=383&tmod=459562136&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfeE%7C&abl=NF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RYa2YHMgle&p=https%3A//plantaocredito.xyz&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c1358b4aac75e9421734e818908d2cfd0ab7844b60925a574f3e3173f9b84bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 06 Dec 2021 00:52:49 GMT
server: cafe
content-length: 9748
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 06 Dec 2021 00:52:49 GMT
cache-control: private

GET
H3 200 css2
fonts.googleapis.com/ Frame 4C38 4 KB
634 B 69ms
52ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 23:42:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Dec 2021 00:52:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Dec 2021 00:52:48 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4C38 205 B
744 B 35ms
8ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 13:34:25 GMT
x-content-type-options: nosniff
age: 213503
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 03 Dec 2022 13:34:25 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4C38 604 B
695 B 35ms
8ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 18:14:09 GMT
x-content-type-options: nosniff
age: 23919
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 05 Dec 2022 18:14:09 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/ Frame 4C38 19 KB
8 KB 46ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d71682fbb31fc64ba19097a9eb389593ba1bf9f9f913bef6eaf563eb08c2a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3991
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8210
x-xss-protection: 0
server: cafe
etag: 6499249944067270656
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 23:46:17 GMT

GET
H2 200 548bdb63b969e5c27f75e62faf543d70.js Show response
www.gstatic.com/mysidia/ Frame 5C1A 7 KB
4 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/548bdb63b969e5c27f75e62faf543d70.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541a22e85f3238899f2589d44b9390a8d6d6e193a5d436c10e8ec9ce7b256e76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 04 Dec 2021 16:21:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3286
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 04 Mar 2022 16:21:31 GMT

GET
H2 200 1fbe479ac890063fc5be4921f3467642.js Show response
www.gstatic.com/mysidia/ Frame 5C1A 8 KB
4 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1fbe479ac890063fc5be4921f3467642.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bbd26c49f5ae124707da73ee22462fbc47ca1d38e85825771170e4b1c850af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 04 Dec 2021 16:21:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3713
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 04 Mar 2022 16:21:31 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5C1A 3 KB
579 B 27ms
19ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 23:36:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Dec 2021 00:52:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Dec 2021 00:52:48 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 5C1A 1 KB
959 B 39ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:51:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 00:51:09 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame 5C1A 19 KB
8 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7857
x-xss-protection: 0
server: cafe
etag: 2255741555227857113
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 00:37:51 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 5C1A 2 KB
1 KB 39ms
14ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:48:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 00:48:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C1A 119 KB
37 KB 58ms
17ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Dec 2021 00:52:48 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 5C1A 15 KB
6 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6446
x-xss-protection: 0
server: cafe
etag: 5472324691301332805
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 00:35:57 GMT

GET
H2 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame 5C1A 27 KB
11 KB 28ms
9ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 04 Dec 2021 16:21:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 04 Mar 2022 16:21:31 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4069321984588895690/ Frame 5C1A 2 KB
2 KB 24ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4069321984588895690/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00f28f80ba5f002fc08a4b78a2b9c2df70b26e14ddc704c5349fb4d65f47047d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 23:30:07 GMT
x-content-type-options: nosniff
age: 436961
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2305
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 10:20:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 23:30:07 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5C1A 0
0 50ms
50ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cza6G316tYaX6PNeC7_UPmdK5KOfAlvZm6I6Sg4YP6pT7kJQOEAEgu8zMhwFglfrwgYwHoAHq5LuMA8gBAakCA_aBFkn6sj6oAwGqBNwBT9B3IW9pPXPMXlMUDfl16m6Yd4dpZ-snNTt3tPx0CHeV00jUmCa9GTheDfERFa_xryt4j4d6oLJGn1vgUFR6FAED2wcMkV_RgyBosk1AeZg91skdU4V07p7-JtU-O13AKDZmC52ECW6IImblD0lhT4dRd5y8nkjDHZYiIskwkHn0fuoHCvWaUGQKKGK7kBR27bxM2vt5-H5LcIo4_nTPoFn8NeJkIKAZoRAPM5hbPQg9QVzR3urmEnI3jrruAGltvOWHEOGdzFYwG-X8I_vPNHVMI5B-sekDrnAJCsAEsuOs1ukDkgUECAQYAZIFBAgFGASAB_6axHOoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCGkR_SCAkIgOGAEBABGB-ACgHICwHYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItODUxOTU2NjQwMTg1MTIzNhgA&sigh=lilODxTTk-I&uach_m=[UACH]&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 06 Dec 2021 00:52:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 06 Dec 2021 00:52:48 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 24EC 143 B
163 B 11ms
9ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 06 Dec 2021 00:02:17 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3031
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame 3168 3 KB
579 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 23:38:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Dec 2021 00:52:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Dec 2021 00:52:48 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 3168 1 KB
880 B 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:51:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 00:51:09 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame 3168 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7857
x-xss-protection: 0
server: cafe
etag: 2255741555227857113
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 00:37:51 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 3168 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:48:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 00:48:58 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3168 119 KB
36 KB 39ms
24ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Dec 2021 00:52:48 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 3168 15 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6446
x-xss-protection: 0
server: cafe
etag: 5472324691301332805
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 00:35:57 GMT

GET
H3 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame 3168 27 KB
11 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 04 Dec 2021 16:21:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 04 Mar 2022 16:21:31 GMT

GET
DATA 200
OK truncated
/ Frame 5C1A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6860fe76c8d331b66bbd79b423dd26dc563e989947f6e94d23157eed026f1730

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
362 B 467ms
413ms Script
text/javascript 2606:4700::6812:10c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=26974550&prismid=1dd65060-748d-4d64-ab78-b7586ae3170e&url=https%3A%2F%2Fplantaocredito.xyz%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:10c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:49 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.1.33
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 6b91889df9650e1e-MXP
content-length: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A004 143 B
163 B 7ms
7ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 06 Dec 2021 00:02:17 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3031
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 24EC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

25ms
25ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 06 Dec 2021 00:52:48 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 06 Dec 2021 00:52:48 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 06 Dec 2021 00:52:48 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A004
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

41ms
41ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 06 Dec 2021 00:52:49 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 06 Dec 2021 00:52:49 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 06 Dec 2021 00:52:48 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6CE0 42 B
63 B 40ms
40ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CeP3iUx1P-CXkdQWk4jugHJhUx8Gpc3XqCnjN9t0RHjNMHxVz4VnyQf6-2ctcUbqxHl8yVk-viVXWB4dBJB_oScWVIlNr2wi8TGc3ZOLB3DJz9HpM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8519566401851236&output=html&h=90&slotname=4678813439&adk=2645007159&adf=3610118697&pi=t.ma~as.4678813439&w=728&lmt=1638751968&psa=0&format=728x90&url=https%3A%2F%2Fplantaocredito.xyz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638751968138&bpp=1&bdt=2570&idt=1&shv=r20211201&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5d91280624245f75-22643e5f3ccc0038%3AT%3D1638751967%3ART%3D1638751967%3AS%3DALNI_MZ-4Ul4XH1iEETsFNCmyly7V_CCbg&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=6115760660895&frm=20&pv=1&ga_vid=1042707922.1638751967&ga_sid=1638751967&ga_hid=1605014380&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824%2C31063851&oid=2&pvsid=3865218929640579&pem=383&tmod=459562136&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfeE%7C&abl=NF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RYa2YHMgle&p=https%3A//plantaocredito.xyz&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 00:52:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 6CE0 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:48:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 00:48:58 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 6CE0 15 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6446
x-xss-protection: 0
server: cafe
etag: 5472324691301332805
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 00:35:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6CE0 0
0 17ms
15ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTt48d1sQE14u24Eg2TjuqiiHBRQ3h-K5uJaIiwEziUzVbb_vd3y0KtCPduMAheMN6uFfDN_gRP3_lvo2jIHs0yOfCTAA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8519566401851236&output=html&h=90&slotname=4678813439&adk=2645007159&adf=3610118697&pi=t.ma~as.4678813439&w=728&lmt=1638751968&psa=0&format=728x90&url=https%3A%2F%2Fplantaocredito.xyz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638751968138&bpp=1&bdt=2570&idt=1&shv=r20211201&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5d91280624245f75-22643e5f3ccc0038%3AT%3D1638751967%3ART%3D1638751967%3AS%3DALNI_MZ-4Ul4XH1iEETsFNCmyly7V_CCbg&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=6115760660895&frm=20&pv=1&ga_vid=1042707922.1638751967&ga_sid=1638751967&ga_hid=1605014380&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824%2C31063851&oid=2&pvsid=3865218929640579&pem=383&tmod=459562136&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfeE%7C&abl=NF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RYa2YHMgle&p=https%3A//plantaocredito.xyz&dtd=9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6CE0 119 KB
36 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Dec 2021 00:52:49 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2700 624 B
297 B 20ms
17ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiqhuy8ATAB&v=APEucNVhKtbYhY59xgbTmcaBEa7DABV_fvBxJah2ol9h-O8WyDv1I2H67YltMS_pcmnSxBWvH2OmaRoRGDyvBbo2dTGAu7cQFz1hx2KFxjEfNpa-wg66vsW1Xu-t4OwKgmdWhPg5EX1R-_NItuEqKEY8p3XjSm8lT3CWm8hiI1r1q8e-SEnsPzE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8519566401851236&output=html&h=90&slotname=4678813439&adk=2645007159&adf=3610118697&pi=t.ma~as.4678813439&w=728&lmt=1638751968&psa=0&format=728x90&url=https%3A%2F%2Fplantaocredito.xyz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638751968138&bpp=1&bdt=2570&idt=1&shv=r20211201&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5d91280624245f75-22643e5f3ccc0038%3AT%3D1638751967%3ART%3D1638751967%3AS%3DALNI_MZ-4Ul4XH1iEETsFNCmyly7V_CCbg&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=6115760660895&frm=20&pv=1&ga_vid=1042707922.1638751967&ga_sid=1638751967&ga_hid=1605014380&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824%2C31063851&oid=2&pvsid=3865218929640579&pem=383&tmod=459562136&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfeE%7C&abl=NF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RYa2YHMgle&p=https%3A//plantaocredito.xyz&dtd=9

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 06 Dec 2021 00:52:49 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6CE0 77 KB
31 KB 101ms
98ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CCmL-GmIVIwu95oh7wDpmM__ZBeLCOkfgrbudcBLkaqGRZjQDyHFtXbs10V6h4t62RuwwTRYzdbJ33bWyPNOuokPqmQUDsWybb6Gxp5NfoBVWOBJaf95PbH9To3_SYKpF8Iij85R1EVm1bXA_8jEhmglvh_A&dbm_d=AKAmf-AL8qyImwJChOl-11JgfBq-5mORfUlnj5INnMIxH-I2JzhduxMv89fFZEMo4yRmDRw246nHDpnzKRZ5pqHOq9Zm4AwfjBiiGe1lw6QV3EKtwjifIm_Ic-TitlVCpUb481xa-eErvfjVaLf2bYHTqQYCxCnyOZLpP9OO4XXe1-PFdf_6JnApAsxAmTRzTfNVx1RdglINVMnJCFpXc4kEXXJ-mRj8bHgh-LLl4dNq3_9UDsI4slOAMKsUZcVI2iNpZ8MaRnljggjnDUlJRcUKqqHZhimxYsE29kmTfL-BXKoyEIZYOqpCk7L-3tGo1MuhHq0fHA0L1Fkzhl5J98_JK9-8uepsVeHWbHzFVP7eUagTI_vaDHEqYH8Apyr_G6Xc-3p6Axkao0jQKI7sD_px1CV1qdh9BWXNN7HX9XOORWmULCZNriuRE7v6n_XFJSbiktzvAwK8u39Gbbu7J1g55NKGqixrvFUpUcDixQABNQiDYOmXn2xXIDKP_u-Ajc0QLfppPAPTiYdMJVebapDYXW1tewxhuCcTY8ChRmzYebtA3JYspa41K_e20_ohbJzg42ZfTgPkCLZLJeF302JsH7ERC_UcBcdMYwIMesUx1ME7oj_fLaR8vuGJWZMEjqXE-JqjiDJnaUz30YVH6ux3pNGZyOTj1S5t__fAduhai9O73iiFituk5LrwTMdnueAV22Hy_WBsIHi3k7iNWTD2ZmTnLblKFT_KlSBUMboNtMqUmxaAIIGBIe91DsZyUlW3uhiQL57D1iibgbA7d-ESkhREnSZ37FJcgUzyYXIz_gZBzME91ybR6uDEFwphN-VR6UNWQJuBW9kGDua76yx2aJwHqidCJuaPQ4VAJPCic3YC5LNmdfjFUXA6TERgk6X6RPdYKxmae86-d9qcsFqBlwzAB2z8yyBpPab4WgfTc_LNp5KJH2YRjaMiYq3kWK2I2vFcm0HaAY70JdXqpw1YuwolF-80-tiEoqAngsroYdQHmWnxqbFIxIUQKC58DFrHfBub79Qp1rlTK6KfcnLfwnpvSJjCGHLmd_E95ul-pg1N-5yAOqoXPjctDQEDkWn9LfMj97Pa3OMptfCqFFBODZnUf6-2bdJ0arv7d9XV76IgegGT9o1zOB_Z3mX7BdWKk76g5BmTvvXYdKiMhWS7AMFwRXmWfeFLHygQ1HgaHnQ5muF5iESoXUFU7NBvkG6NFLbomqZHsMlV_fTFk2CbcONMOTQdLyMNqeMxyyEyz0LNdJNMVE-_i9nW0U0KmGoPEG2KVnE3P-Lyb3PjKsCdxmKag-mVrt19k8gJXDHJqNkUpVpF_vQeYwQn9gFQShOVOEPt5pbGp9DP7cB9_EWj5EGlwTmJzvQKa4ylWZhO4k_AM9GEFAQ4mPBnR6nuaUJ9xCZxcYbIqs2DKOHRf9-amigbv8yBU-ZquOBfcl66iSWqjKwKs1Y399Uv8ZGHy7FJXuuVkXbm9bUULERoRtgQFeqVMh4Y6_WDooUNB-hTLtYQHcsrwZH09siVjdjQUKYTxVnSVqLcfPLoOPpuKAHFwn4ors7dhj4yuahb2xcD1FbA09OcIGRwdVaEB5gn8YeEYO-mR1nD3ZsSFyckFBrPI4Ao06YuMhe1IePqvoRF_ECOwyteK3LQgycmfpBQRKTGw2_1h2tfZ7QODU3aP5A0iXYyM4QC08hZ0UipeT_XCIjarZUdnvGk5z9eOlhYvKtJL_5XN-qnA8IUFe1e0QNA_1QZnvX2P5QYUiPL4IL5JF-HH2cHCFjijCY0a3hUtxZxTzyokRQh4H3uH4hriHZbcvPk0epLAz4Xxd2ByPCCbQScmJjdNgy1CmOspE14u8mfTYe_ENO2FlvPW1SoMEcRvlF-PwQc15xNyA8_Ec1yAV9UYD5-LQO9axpdMDzRzsLhCGtZGmOBQLpNhGZzrpK755y5DIcDl1iO3S7QWOPDSAybnvwY2tFSP4X5yQP1f9fVKJGZ0_QkLDjUiMHNJ9BdHCg45xjpaAmmxKz96vVKhNpzCJJAotcusl6bJP2cwALdKl88m78QxrzeqVsiKNd4D8d_CYCip3psie60xvEb8-hpXdM36HgUaAIxS3IeHQLG7Ak07kdoHdWljuPpyB3SKT-hSNi9P7OUobPMVTjPNwxCkpAoOzF9RYU-7yOKwAK_OGRCR9YXQg9qp0nl08qHMdwSeF9mVMHkOHW_jwgBKmKULufSCHGC4tNO9YphORlSrtvaN3fgmx5k2Q3UiS5EaLZVQwv1uHERSPd25ClMs6dSGcA3-qeB6wqBF0KYo3ycxA3OXdY3mn0dG353POca8hBoc3kg2V8kVpIgTImKK5wAcSK3zp7mXtf69okmqcnqMIgwj08YeirPOi2i_MRIVgZXiFggyd4wVq5mJXWpy94-959GH7rSbog7_zDxJh9qDYgnoteFtLm00F31Im-9ikK4F-UE-4ENY1CNJdsecev70os5NpoM0mRnNrlvcvRmkas341gob9UnOxyWfY3WllSqCCZ7IBwOGq1WAJj-ou6G8m6_gFZyS-NUhNpEamRNmmduZeT1Ay_yCt7juE_xZ4at2IM3rPr1hV5zrvy6kTWwmiMBaPNOFLGyOPtpmwnJOnDuWd1wgbzYuE2dyQT0M-pSIUrXCZeuQi48weNiGZKBG2Nt-BXGD9y_rsY2K_HZbqk3lDaBBM5YAW6wYN50seO6YNwWaq7TgCFskDOng9axkHURdGM_QcSTRgvGlTQsTqPDYeO_KPXSnAJvc1Vkab5fZFgKK_Bqc8LU9EpAwgbbI0M9X28ngF-VW8CGFckoiBfN3phZwd3JvKyokgHvCzv_h5go9gU3mZURMK-nBDFm58wX1klzGpnFFluaGU8lu6LIwmejq7kVpEw1i3mbHHnRyUnvBcJLKIxqqzS6t4pKKGEzL8vxK7J4cho61xjMQBzSQVcKOyqGBg6Cxa1F8qbgGg---uGOQcOIY-hK_ZMka6yEr0qbdtmvjiI96DNW7h-R5vq_XiAtA5-14HLQyesn12TyuGc9aYs4aWsHAIJqW68KBB9152dLBUygUlYl4aQv1cuS1duH71DDyfECB2INnsbFa0b4sfg8hCNHWUuEDKBrA4QJ5DeE5q9LenEmt8Pf1DV9H6IfSJqp4AsMlND-OA51Y9-GlMxlg0GAfkzGi-JQmuOhfvJKqvzq_by4Yxqb9du-dk7oAP7QKSlW-V5VBvpjmd5EznRpXRRt-Ra1JRW6_9uizHwT_si_BGlGazbir--DoYlqk50s2sPgYpQ0QY0WyA&cid=CAASEuRos9wwPG-Z8EBeDqfHth4lmA&rfl=1%2Chttps%253A%252F%252Fplantaocredito.xyz%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d64632cb473ea08882673727c1b95ca3a2e040323b57206859fbc9195c0989fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8519566401851236&output=html&h=90&slotname=4678813439&adk=2645007159&adf=3610118697&pi=t.ma~as.4678813439&w=728&lmt=1638751968&psa=0&format=728x90&url=https%3A%2F%2Fplantaocredito.xyz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638751968138&bpp=1&bdt=2570&idt=1&shv=r20211201&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5d91280624245f75-22643e5f3ccc0038%3AT%3D1638751967%3ART%3D1638751967%3AS%3DALNI_MZ-4Ul4XH1iEETsFNCmyly7V_CCbg&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=6115760660895&frm=20&pv=1&ga_vid=1042707922.1638751967&ga_sid=1638751967&ga_hid=1605014380&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824%2C31063851&oid=2&pvsid=3865218929640579&pem=383&tmod=459562136&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfeE%7C&abl=NF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RYa2YHMgle&p=https%3A//plantaocredito.xyz&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 00:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31460
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2700
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKwrhBB7EYhNwiPaQ3KVTGk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKwrhBB7EYhNwiPaQ3KVTGk&google_cver=1&C=1

43 B
1014 B

30ms
30ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKwrhBB7EYhNwiPaQ3KVTGk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiqhuy8ATAB&v=APEucNVhKtbYhY59xgbTmcaBEa7DABV_fvBxJah2ol9h-O8WyDv1I2H67YltMS_pcmnSxBWvH2OmaRoRGDyvBbo2dTGAu7cQFz1hx2KFxjEfNpa-wg66vsW1Xu-t4OwKgmdWhPg5EX1R-_NItuEqKEY8p3XjSm8lT3CWm8hiI1r1q8e-SEnsPzE
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Dec 2021 00:52:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 06 Dec 2021 00:52:49 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 06 Dec 2021 00:52:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKwrhBB7EYhNwiPaQ3KVTGk&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 06 Dec 2021 00:52:49 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2700
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ya1e4TMmbDJC8zg5JFltDQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKwrhBB7EYhNwiPaQ3KVTGk&google_cver=1

43 B
894 B

24ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKwrhBB7EYhNwiPaQ3KVTGk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiqhuy8ATAB&v=APEucNVhKtbYhY59xgbTmcaBEa7DABV_fvBxJah2ol9h-O8WyDv1I2H67YltMS_pcmnSxBWvH2OmaRoRGDyvBbo2dTGAu7cQFz1hx2KFxjEfNpa-wg66vsW1Xu-t4OwKgmdWhPg5EX1R-_NItuEqKEY8p3XjSm8lT3CWm8hiI1r1q8e-SEnsPzE
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Dec 2021 00:52:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 06 Dec 2021 00:52:49 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Dec 2021 00:52:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKwrhBB7EYhNwiPaQ3KVTGk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 2700
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIWcdnd82DLTkPzyxYO3f78&google_cver=1

43 B
1004 B

33ms
14ms

Image
image/gif

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIWcdnd82DLTkPzyxYO3f78&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiqhuy8ATAB&v=APEucNVhKtbYhY59xgbTmcaBEa7DABV_fvBxJah2ol9h-O8WyDv1I2H67YltMS_pcmnSxBWvH2OmaRoRGDyvBbo2dTGAu7cQFz1hx2KFxjEfNpa-wg66vsW1Xu-t4OwKgmdWhPg5EX1R-_NItuEqKEY8p3XjSm8lT3CWm8hiI1r1q8e-SEnsPzE

Protocol

HTTP/1.1

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Dec 2021 00:52:49 GMT
X-Proxy-Origin: 194.36.108.19; 194.36.108.19; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0a87951c-564d-4888-982f-43a46b083190
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Dec 2021 00:52:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIWcdnd82DLTkPzyxYO3f78&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2700
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc0MjMyMDM5OTA5MzkzMzExOQ%3D%3D

170 B
188 B

32ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc0MjMyMDM5OTA5MzkzMzExOQ%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 00:52:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 06 Dec 2021 00:52:49 GMT
X-Proxy-Origin: 194.36.108.19; 194.36.108.19; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 169456ce-2962-4353-a833-17b267b825f8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc0MjMyMDM5OTA5MzkzMzExOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_obb_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 6CE0 169 KB
59 KB 52ms
9ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_obb_rendering_lib_200_275.js

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

406b4457b753e6582999535eb520f2e7994a3dacab6b1650fe4c99010f46597a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 20:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17109
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60223
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 Dec 2021 20:07:40 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/ Frame 6CE0 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CCmL-GmIVIwu95oh7wDpmM__ZBeLCOkfgrbudcBLkaqGRZjQDyHFtXbs10V6h4t62RuwwTRYzdbJ33bWyPNOuokPqmQUDsWybb6Gxp5NfoBVWOBJaf95PbH9To3_SYKpF8Iij85R1EVm1bXA_8jEhmglvh_A&dbm_d=AKAmf-AL8qyImwJChOl-11JgfBq-5mORfUlnj5INnMIxH-I2JzhduxMv89fFZEMo4yRmDRw246nHDpnzKRZ5pqHOq9Zm4AwfjBiiGe1lw6QV3EKtwjifIm_Ic-TitlVCpUb481xa-eErvfjVaLf2bYHTqQYCxCnyOZLpP9OO4XXe1-PFdf_6JnApAsxAmTRzTfNVx1RdglINVMnJCFpXc4kEXXJ-mRj8bHgh-LLl4dNq3_9UDsI4slOAMKsUZcVI2iNpZ8MaRnljggjnDUlJRcUKqqHZhimxYsE29kmTfL-BXKoyEIZYOqpCk7L-3tGo1MuhHq0fHA0L1Fkzhl5J98_JK9-8uepsVeHWbHzFVP7eUagTI_vaDHEqYH8Apyr_G6Xc-3p6Axkao0jQKI7sD_px1CV1qdh9BWXNN7HX9XOORWmULCZNriuRE7v6n_XFJSbiktzvAwK8u39Gbbu7J1g55NKGqixrvFUpUcDixQABNQiDYOmXn2xXIDKP_u-Ajc0QLfppPAPTiYdMJVebapDYXW1tewxhuCcTY8ChRmzYebtA3JYspa41K_e20_ohbJzg42ZfTgPkCLZLJeF302JsH7ERC_UcBcdMYwIMesUx1ME7oj_fLaR8vuGJWZMEjqXE-JqjiDJnaUz30YVH6ux3pNGZyOTj1S5t__fAduhai9O73iiFituk5LrwTMdnueAV22Hy_WBsIHi3k7iNWTD2ZmTnLblKFT_KlSBUMboNtMqUmxaAIIGBIe91DsZyUlW3uhiQL57D1iibgbA7d-ESkhREnSZ37FJcgUzyYXIz_gZBzME91ybR6uDEFwphN-VR6UNWQJuBW9kGDua76yx2aJwHqidCJuaPQ4VAJPCic3YC5LNmdfjFUXA6TERgk6X6RPdYKxmae86-d9qcsFqBlwzAB2z8yyBpPab4WgfTc_LNp5KJH2YRjaMiYq3kWK2I2vFcm0HaAY70JdXqpw1YuwolF-80-tiEoqAngsroYdQHmWnxqbFIxIUQKC58DFrHfBub79Qp1rlTK6KfcnLfwnpvSJjCGHLmd_E95ul-pg1N-5yAOqoXPjctDQEDkWn9LfMj97Pa3OMptfCqFFBODZnUf6-2bdJ0arv7d9XV76IgegGT9o1zOB_Z3mX7BdWKk76g5BmTvvXYdKiMhWS7AMFwRXmWfeFLHygQ1HgaHnQ5muF5iESoXUFU7NBvkG6NFLbomqZHsMlV_fTFk2CbcONMOTQdLyMNqeMxyyEyz0LNdJNMVE-_i9nW0U0KmGoPEG2KVnE3P-Lyb3PjKsCdxmKag-mVrt19k8gJXDHJqNkUpVpF_vQeYwQn9gFQShOVOEPt5pbGp9DP7cB9_EWj5EGlwTmJzvQKa4ylWZhO4k_AM9GEFAQ4mPBnR6nuaUJ9xCZxcYbIqs2DKOHRf9-amigbv8yBU-ZquOBfcl66iSWqjKwKs1Y399Uv8ZGHy7FJXuuVkXbm9bUULERoRtgQFeqVMh4Y6_WDooUNB-hTLtYQHcsrwZH09siVjdjQUKYTxVnSVqLcfPLoOPpuKAHFwn4ors7dhj4yuahb2xcD1FbA09OcIGRwdVaEB5gn8YeEYO-mR1nD3ZsSFyckFBrPI4Ao06YuMhe1IePqvoRF_ECOwyteK3LQgycmfpBQRKTGw2_1h2tfZ7QODU3aP5A0iXYyM4QC08hZ0UipeT_XCIjarZUdnvGk5z9eOlhYvKtJL_5XN-qnA8IUFe1e0QNA_1QZnvX2P5QYUiPL4IL5JF-HH2cHCFjijCY0a3hUtxZxTzyokRQh4H3uH4hriHZbcvPk0epLAz4Xxd2ByPCCbQScmJjdNgy1CmOspE14u8mfTYe_ENO2FlvPW1SoMEcRvlF-PwQc15xNyA8_Ec1yAV9UYD5-LQO9axpdMDzRzsLhCGtZGmOBQLpNhGZzrpK755y5DIcDl1iO3S7QWOPDSAybnvwY2tFSP4X5yQP1f9fVKJGZ0_QkLDjUiMHNJ9BdHCg45xjpaAmmxKz96vVKhNpzCJJAotcusl6bJP2cwALdKl88m78QxrzeqVsiKNd4D8d_CYCip3psie60xvEb8-hpXdM36HgUaAIxS3IeHQLG7Ak07kdoHdWljuPpyB3SKT-hSNi9P7OUobPMVTjPNwxCkpAoOzF9RYU-7yOKwAK_OGRCR9YXQg9qp0nl08qHMdwSeF9mVMHkOHW_jwgBKmKULufSCHGC4tNO9YphORlSrtvaN3fgmx5k2Q3UiS5EaLZVQwv1uHERSPd25ClMs6dSGcA3-qeB6wqBF0KYo3ycxA3OXdY3mn0dG353POca8hBoc3kg2V8kVpIgTImKK5wAcSK3zp7mXtf69okmqcnqMIgwj08YeirPOi2i_MRIVgZXiFggyd4wVq5mJXWpy94-959GH7rSbog7_zDxJh9qDYgnoteFtLm00F31Im-9ikK4F-UE-4ENY1CNJdsecev70os5NpoM0mRnNrlvcvRmkas341gob9UnOxyWfY3WllSqCCZ7IBwOGq1WAJj-ou6G8m6_gFZyS-NUhNpEamRNmmduZeT1Ay_yCt7juE_xZ4at2IM3rPr1hV5zrvy6kTWwmiMBaPNOFLGyOPtpmwnJOnDuWd1wgbzYuE2dyQT0M-pSIUrXCZeuQi48weNiGZKBG2Nt-BXGD9y_rsY2K_HZbqk3lDaBBM5YAW6wYN50seO6YNwWaq7TgCFskDOng9axkHURdGM_QcSTRgvGlTQsTqPDYeO_KPXSnAJvc1Vkab5fZFgKK_Bqc8LU9EpAwgbbI0M9X28ngF-VW8CGFckoiBfN3phZwd3JvKyokgHvCzv_h5go9gU3mZURMK-nBDFm58wX1klzGpnFFluaGU8lu6LIwmejq7kVpEw1i3mbHHnRyUnvBcJLKIxqqzS6t4pKKGEzL8vxK7J4cho61xjMQBzSQVcKOyqGBg6Cxa1F8qbgGg---uGOQcOIY-hK_ZMka6yEr0qbdtmvjiI96DNW7h-R5vq_XiAtA5-14HLQyesn12TyuGc9aYs4aWsHAIJqW68KBB9152dLBUygUlYl4aQv1cuS1duH71DDyfECB2INnsbFa0b4sfg8hCNHWUuEDKBrA4QJ5DeE5q9LenEmt8Pf1DV9H6IfSJqp4AsMlND-OA51Y9-GlMxlg0GAfkzGi-JQmuOhfvJKqvzq_by4Yxqb9du-dk7oAP7QKSlW-V5VBvpjmd5EznRpXRRt-Ra1JRW6_9uizHwT_si_BGlGazbir--DoYlqk50s2sPgYpQ0QY0WyA&cid=CAASEuRos9wwPG-Z8EBeDqfHth4lmA&rfl=1%2Chttps%253A%252F%252Fplantaocredito.xyz%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 00:51:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame 6CE0 24 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b2d2472f310f3a4c880947f473b8de3e58662291206e24a5426ee2bd64684ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9494
x-xss-protection: 0
server: cafe
etag: 6798282995721486617
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 00:35:36 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6CE0 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 04 Dec 2021 13:40:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126760
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 04 Dec 2022 13:40:09 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 91D3 1 KB
749 B 8ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 05 Dec 2021 13:26:12 GMT
expires: Mon, 06 Dec 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 41197
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6CE0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8bb032821c8f9b1c826bb1f72a32c3351b4d79bfde7eda18822ef9503bd5381

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 249E 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sun, 05 Dec 2021 13:10:52 GMT
expires: Mon, 05 Dec 2022 13:10:52 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 42117
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15768295053150174721/ Frame A948 193 KB
38 KB 30ms
16ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15768295053150174721/index.html?e=69&leftOffset=0&topOffset=0&c=mUBNjaoa8R&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_obb_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e00ca72c38a4c2bd3e5dbbc2455457343737a1d3b4904975d43bdde3c012c05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Mon, 06 Dec 2021 00:52:49 GMT
expires: Tue, 06 Dec 2022 00:52:49 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Oct 2021 15:02:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6CE0 0
571 B 94ms
51ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuju2M1IBJpDY3d8B-w0nWO-h3AjNblG61JlYaObotKMb9nWEb3t7amwIQPnHGibRtaxMsWENOuo9gzGFJ8DdIVWldfLIquy-yc4VJ_XdkFMRaDxsAfHCbRdtMGi_1Fg0tQmJ6dpQVv2oAxZVLcbL3iyKalwGCdDHC2VCz_WyE98Xao1s9PBP4vhBOxnmjSDsnZ_dkKtPLUTeq2cxwVnKbszEDwMoS6UhR-1xs2KTk4pyTGMgQ5_P2u22O87ezTLoH9BoON3TrMfPjzNu-02ctU3Jku0oNwp5khHVsrsuMAcUHSXAwy2K7yqIARthVBFxKSYjGJVCOZ2XUPJTydKDLn_SJhwJDqGYxCxkqdH38zMBGy86KLirExCOdSS0uGqeEDN7xlPbuE0ySwdgiwvHQ90SmpR7kZiFmx5ZDH464T4XxwVO9ZEQC5XMqD4Pc8SMcrAJKyRcA3UxvYY8s1PC5wNfLqiHvhy5XrrXeydJ1bvT4SxaDOT74LQy5GDSX-UtDVQKlKb8Q_9bGIvMEGzqUTJwkBpWZ2sKlMmhnvEvrocXMDPJsIIVmR20K6b8sAv4fBt2E_M6rc9epZS9rzikNBsDwE25QOjHazALPsY87LphThSLn5Drgrp_3zCm1elZmTsWllCIuNvobgoE1Y3Pq4mQy01rgFiFSIAfxwmhOwL_XAVtS-J9hlrvZ0CPVIkWdTgYc4XXm5d6TAVknabbFpvMZOgSgFcCJzg1kU8GgzMUVGESKOlnzgaUS3RSnyGIoW29Eo01NjhRKwexoKwKnHgnfraYXBSGFyGsGheZZ-iTnRziCpkvNDfR7674FjuIeV4LSyvjwlpIbx3noY3OlARZBn0WWipSpmi19pUrMY7DzrnfgeyfbD3MHQXS3IQl99QTiZ8kfFzTdZSFEduCRujTSAELhl6O4lBLeRQWmFh5Hv2BuZTy1sII89EIZvQD4xHcnmvrkVp0raHBixxnEplsOcx74VcrP1bZ85sNy5HVwcgsstIWqAfclVPfZ6Qv5BWGFhJAqZ2cHnmLkOjz5hrijnW8TxRduOwQGnM1nySNL4TVSvRAmyx_3N5ut_Zk_g9kKgslV-yVM0Xj29HoHCRcdYYEXtDKHZMZRp1ZcJOAmIVaNenHGFhKKbBxS12twrcN84INal5nEwUdWrKWr7KZb8ju2uu-naK3EQFdmI1fehBPROG6_EM8cwcL09oZd6SElchOWRkqPmbfLQMOvDr3CwyS0qtQr2a_eTRYPt1KCkHV3gzAOkQUlphpWqh1lCWVU4khP4YSKRc6wpjWTdoeilQujQVknqzZg&sai=AMfl-YTHjfZt3bMwcBKZwDrwRfxGzusRa-K0FoHL-RMmO5C0YRnEerCh4uOZaQ8dY898ytI6SLnI6nu8xIz-IGXz9W-kNoIITwTs3nzgHWtiD9kYqpKSrTA1f4A0f1K8ZbUQ1FTnpZG6Xx5fgf0nTODEzdj8Juf7rWHrwd0tKqpK_to-JZUpvPN2zg&sig=Cg0ArKJSzE-7a0DOIw9HEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=87&cbvp=1&cstd=80&cisv=r20211201.55409&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 06 Dec 2021 00:52:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 91D3
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJuZJeDhXn2udbGTbQh5yyqObfJcSryj83n7aU...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWExZTRRQUFBSTVHYXdmeA&google_push=AYg5qPJuZJeDhXn2udbGTbQh5yyqObfJcSryj83n7aU_fQGqdp7JE9p1WCZkVbqOwKbreCda1ATqosFe72kudNMKjGX1ZcjVsLVI

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWExZTRRQUFBSTVHYXdmeA&google_push=AYg5qPJuZJeDhXn2udbGTbQh5yyqObfJcSryj83n7aU_fQGqdp7JE9p1WCZkVbqOwKbreCda1ATqosFe72kudNMKjGX1ZcjVsLVI

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 00:52:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWExZTRRQUFBSTVHYXdmeA&google_push=AYg5qPJuZJeDhXn2udbGTbQh5yyqObfJcSryj83n7aU_fQGqdp7JE9p1WCZkVbqOwKbreCda1ATqosFe72kudNMKjGX1ZcjVsLVI
Date: Mon, 06 Dec 2021 00:52:49 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 91D3
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEBtNqvcIJg1TH8TG0DMQJkk&google_cver=1&google_push=AYg5qPKhWKxBLInplOspkJqPFMs1JMzi-YzcQCxY6F84MKsZFp72bquUo2-LNOlNt5x1EM50OcNAcNOYW7gjmazhjzpZ0yIZmao3
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKhWKxBLInplOspkJqPFMs1JMzi-YzcQCxY6F84MKsZFp72bquUo2-LNOlNt5x1EM50OcNAcNOYW7gjmazhjzpZ0yIZmao3&google_hm=Q0FFU0VCdE5xdmNJSmcxV...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKhWKxBLInplOspkJqPFMs1JMzi-YzcQCxY6F84MKsZFp72bquUo2-LNOlNt5x1EM50OcNAcNOYW7gjmazhjzpZ0yIZmao3&google_hm=Q0FFU0VCdE5xdmNJSmcxVEg4VEcwRE1RSmtr

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 00:52:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 06 Dec 2021 00:52:49 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKhWKxBLInplOspkJqPFMs1JMzi-YzcQCxY6F84MKsZFp72bquUo2-LNOlNt5x1EM50OcNAcNOYW7gjmazhjzpZ0yIZmao3&google_hm=Q0FFU0VCdE5xdmNJSmcxVEg4VEcwRE1RSmtr
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 91D3
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJgHfgt...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJgHfgt...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMDYwMDUyNDkwMDA0MjYzMTUxNTgzOA%3D%3D&google_push=AYg5qPJgHfgtk3wxh5F2BXd-HYARNhMT9j-d4yptkGufIlCmFxiqlArk3vXBDoEDMwefxH...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMDYwMDUyNDkwMDA0MjYzMTUxNTgzOA%3D%3D&google_push=AYg5qPJgHfgtk3wxh5F2BXd-HYARNhMT9j-d4yptkGufIlCmFxiqlArk3vXBDoEDMwefxHQf2heBFBnkk1sjiEevFqZ7pYQy_to

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 00:52:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMDYwMDUyNDkwMDA0MjYzMTUxNTgzOA%3D%3D&google_push=AYg5qPJgHfgtk3wxh5F2BXd-HYARNhMT9j-d4yptkGufIlCmFxiqlArk3vXBDoEDMwefxHQf2heBFBnkk1sjiEevFqZ7pYQy_to
pragma: no-cache
date: Mon, 06 Dec 2021 00:52:50 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Mon, 06 Dec 2021 00:52:50 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 91D3 43 B
351 B 43ms
21ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDHb1d24K5x0Wb2Ngo5CCmM&google_cver=1&google_push=AYg5qPI_d_p3ckynAgH9nKqakIxJZtLyzegQfyyghkX1qG9gIVgA-C5cRF2n40t284by2QkX2NEOaKcHlk8jE-Kpaw5UCrZeFOJf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8519566401851236&output=html&h=90&slotname=4678813439&adk=2645007159&adf=3610118697&pi=t.ma~as.4678813439&w=728&lmt=1638751968&psa=0&format=728x90&url=https%3A%2F%2Fplantaocredito.xyz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638751968138&bpp=1&bdt=2570&idt=1&shv=r20211201&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5d91280624245f75-22643e5f3ccc0038%3AT%3D1638751967%3ART%3D1638751967%3AS%3DALNI_MZ-4Ul4XH1iEETsFNCmyly7V_CCbg&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=6115760660895&frm=20&pv=1&ga_vid=1042707922.1638751967&ga_sid=1638751967&ga_hid=1605014380&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824%2C31063851&oid=2&pvsid=3865218929640579&pem=383&tmod=459562136&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfeE%7C&abl=NF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RYa2YHMgle&p=https%3A//plantaocredito.xyz&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 00:52:48 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: vluvgrb55c1q11sudjd6i6vbeqnnai88

GET

pixel
cm.g.doubleclick.net/ Frame 91D3
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBReg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBReg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBReg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBReg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBReg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBReg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBReg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBReg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBReg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBReg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBReg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBReg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBReg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBReg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBReg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBReg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBReg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBReg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBReg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBReg...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 91D3 43 B
296 B 132ms
21ms Image
image/gif 2a05:d01c:1d8:8102:a212:76ab:db1a:a790
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEBPl2K18R1N26xYDMzZ52vg&google_cver=1&google_push=AYg5qPJFNFnlp6VByYjXFrG4HMyvvooHWo_SERbCNuEUuMqysU7xXqovYPIPnb_EN5-GIbE_ioXZywZU7NmuBz7hfon2O3VJrGU0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8519566401851236&output=html&h=90&slotname=4678813439&adk=2645007159&adf=3610118697&pi=t.ma~as.4678813439&w=728&lmt=1638751968&psa=0&format=728x90&url=https%3A%2F%2Fplantaocredito.xyz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638751968138&bpp=1&bdt=2570&idt=1&shv=r20211201&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5d91280624245f75-22643e5f3ccc0038%3AT%3D1638751967%3ART%3D1638751967%3AS%3DALNI_MZ-4Ul4XH1iEETsFNCmyly7V_CCbg&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=6115760660895&frm=20&pv=1&ga_vid=1042707922.1638751967&ga_sid=1638751967&ga_hid=1605014380&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824%2C31063851&oid=2&pvsid=3865218929640579&pem=383&tmod=459562136&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfeE%7C&abl=NF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RYa2YHMgle&p=https%3A//plantaocredito.xyz&dtd=9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:a212:76ab:db1a:a790 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 00:52:49 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 91D3
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEBWPBt2GSyS_Li8PYCjeE6c&google_cver=1&google_push=AYg5qPI64wnegs9h3W7X2epI...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPI64wnegs9h3W7X2epIeEx4wakSVQtkYXzxjhkpCFNsIK0OjNeIOZDevZYBvW49S2g7SxguT1HREBUKJiFuTaxrm8Gdcmlv1A&google_hm=

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPI64wnegs9h3W7X2epIeEx4wakSVQtkYXzxjhkpCFNsIK0OjNeIOZDevZYBvW49S2g7SxguT1HREBUKJiFuTaxrm8Gdcmlv1A&google_hm=

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 00:52:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Dec 2021 00:52:49 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPI64wnegs9h3W7X2epIeEx4wakSVQtkYXzxjhkpCFNsIK0OjNeIOZDevZYBvW49S2g7SxguT1HREBUKJiFuTaxrm8Gdcmlv1A&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 05 Dec 2021 00:52:49 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 91D3 0
12 B 14ms
14ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JnyslCmFfuV7nI87zT8d3hIKxO2fSNU9wZbcCyy5ks9pjr9uEWhhNPJ6YLJ-OgRmcMG1f6jg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js Show response
pagead2.googlesyndication.com/bg/ Frame 249E 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

969b16dbf7df3d84d9f2b6498dbd14531a8de0cb889e0532a9d1fd3f1f3c46b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 19:45:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13349
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 19:45:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A948 5 KB
660 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700,600

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15768295053150174721/index.html?e=69&leftOffset=0&topOffset=0&c=mUBNjaoa8R&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1be93958af6816f513607e8a7c1791b5d33d87c6aaa0378edaa687de4282db79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 23:45:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Dec 2021 00:52:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Dec 2021 00:52:49 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame A948 118 KB
40 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15768295053150174721/index.html?e=69&leftOffset=0&topOffset=0&c=mUBNjaoa8R&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15768295053150174721/index.html?e=69&leftOffset=0&topOffset=0&c=mUBNjaoa8R&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 15:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32532
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 Dec 2021 15:50:37 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame A948 44 KB
44 KB 23ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:57:38 GMT
x-content-type-options: nosniff
age: 377711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 15:57:38 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6CE0 0
23 B 60ms
45ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuju2M1IBJpDY3d8B-w0nWO-h3AjNblG61JlYaObotKMb9nWEb3t7amwIQPnHGibRtaxMsWENOuo9gzGFJ8DdIVWldfLIquy-yc4VJ_XdkFMRaDxsAfHCbRdtMGi_1Fg0tQmJ6dpQVv2oAxZVLcbL3iyKalwGCdDHC2VCz_WyE98Xao1s9PBP4vhBOxnmjSDsnZ_dkKtPLUTeq2cxwVnKbszEDwMoS6UhR-1xs2KTk4pyTGMgQ5_P2u22O87ezTLoH9BoON3TrMfPjzNu-02ctU3Jku0oNwp5khHVsrsuMAcUHSXAwy2K7yqIARthVBFxKSYjGJVCOZ2XUPJTydKDLn_SJhwJDqGYxCxkqdH38zMBGy86KLirExCOdSS0uGqeEDN7xlPbuE0ySwdgiwvHQ90SmpR7kZiFmx5ZDH464T4XxwVO9ZEQC5XMqD4Pc8SMcrAJKyRcA3UxvYY8s1PC5wNfLqiHvhy5XrrXeydJ1bvT4SxaDOT74LQy5GDSX-UtDVQKlKb8Q_9bGIvMEGzqUTJwkBpWZ2sKlMmhnvEvrocXMDPJsIIVmR20K6b8sAv4fBt2E_M6rc9epZS9rzikNBsDwE25QOjHazALPsY87LphThSLn5Drgrp_3zCm1elZmTsWllCIuNvobgoE1Y3Pq4mQy01rgFiFSIAfxwmhOwL_XAVtS-J9hlrvZ0CPVIkWdTgYc4XXm5d6TAVknabbFpvMZOgSgFcCJzg1kU8GgzMUVGESKOlnzgaUS3RSnyGIoW29Eo01NjhRKwexoKwKnHgnfraYXBSGFyGsGheZZ-iTnRziCpkvNDfR7674FjuIeV4LSyvjwlpIbx3noY3OlARZBn0WWipSpmi19pUrMY7DzrnfgeyfbD3MHQXS3IQl99QTiZ8kfFzTdZSFEduCRujTSAELhl6O4lBLeRQWmFh5Hv2BuZTy1sII89EIZvQD4xHcnmvrkVp0raHBixxnEplsOcx74VcrP1bZ85sNy5HVwcgsstIWqAfclVPfZ6Qv5BWGFhJAqZ2cHnmLkOjz5hrijnW8TxRduOwQGnM1nySNL4TVSvRAmyx_3N5ut_Zk_g9kKgslV-yVM0Xj29HoHCRcdYYEXtDKHZMZRp1ZcJOAmIVaNenHGFhKKbBxS12twrcN84INal5nEwUdWrKWr7KZb8ju2uu-naK3EQFdmI1fehBPROG6_EM8cwcL09oZd6SElchOWRkqPmbfLQMOvDr3CwyS0qtQr2a_eTRYPt1KCkHV3gzAOkQUlphpWqh1lCWVU4khP4YSKRc6wpjWTdoeilQujQVknqzZg&sai=AMfl-YTHjfZt3bMwcBKZwDrwRfxGzusRa-K0FoHL-RMmO5C0YRnEerCh4uOZaQ8dY898ytI6SLnI6nu8xIz-IGXz9W-kNoIITwTs3nzgHWtiD9kYqpKSrTA1f4A0f1K8ZbUQ1FTnpZG6Xx5fgf0nTODEzdj8Juf7rWHrwd0tKqpK_to-JZUpvPN2zg&sig=Cg0ArKJSzE-7a0DOIw9HEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=246&vt=11&dtpt=159&dett=3&cstd=80&cisv=r20211201.55409&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 00:52:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6CE0 6 KB
4 KB 34ms
18ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_obb_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

351537fb41944b499ea0793eda78d1fa59643abc4c59784ff9ca9088a2b45810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 00:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4430
x-xss-protection: 0

GET
H3 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.3.1/ 20 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-app.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aade4473b4c7427f41a5b3aeacddf7a2e3532f2b7fece88a77644ec0e27d81a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 16:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6586
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
expires: Thu, 01 Dec 2022 16:13:48 GMT

GET
H3 200 firebase-analytics.js Show response
www.gstatic.com/firebasejs/8.3.1/ 35 KB
11 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-analytics.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5bda00a5ec63e26748b9f40cf1356b3823db279199d74813874255c748657d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 06:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10746
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="firebase-js"
expires: Sat, 03 Dec 2022 06:52:37 GMT

GET
H3 200 firebase-auth.js Show response
www.gstatic.com/firebasejs/8.3.1/ 173 KB
56 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-auth.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0460dfa53507eb6b050b3035d367ab5ddd0d2c7ccb31fe7a68fc6ac1cfbb2c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 05:33:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56866
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
expires: Thu, 01 Dec 2022 05:33:33 GMT

GET
H3 200 firebase-firestore.js Show response
www.gstatic.com/firebasejs/8.3.1/ 320 KB
320 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-firestore.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d73b123cd2ef3afda65cb6e76579341b1bb1f27faddb0dfc54875e7a05b0114b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 23:34:30 GMT
x-content-type-options: nosniff
age: 436699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327420
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
expires: Wed, 30 Nov 2022 23:34:30 GMT

GET
H3 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.3.1/ 40 KB
11 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-messaging.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5243470d2be31f9aaf768f030f06b894aad081801460b75f6b396aca06fd8dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 11:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10884
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
expires: Thu, 01 Dec 2022 11:29:05 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
26 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/ads1725.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22345199e9b67bd30fa151488e170bd46ccf396f98da9250df55d4ac669f5551

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1064 / 584 of 1000 / last-modified: 1638572869"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26975
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 06 Dec 2021 00:52:49 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 32ms
19ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211201&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bcbefe9c4c9ec1388e336c208b26e8934663f4437b34613823af38a23ef63e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 00:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8633
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A948 6 KB
4 KB 18ms
16ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bc11128d77ceff588b66df87cf0058ac521808a00dd010ad7de61ad1fe98982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 00:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4557
x-xss-protection: 0

GET
H3 200 60022945_20211008065655514_vodafone.png
s0.2mdn.net/ads/richmedia/studio/60022945/ Frame A948 8 KB
8 KB 33ms
32ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60022945/60022945_20211008065655514_vodafone.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29b40a9ea62e073fd394c6e8ce72df34b0bdeb88df7bf38df25eae257f5c7d45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15768295053150174721/index.html?e=69&leftOffset=0&topOffset=0&c=mUBNjaoa8R&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8268
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 13:56:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Dec 2021 00:52:49 GMT

GET
H3 200 60022945_20211004090929332_stoerer_01.png
s0.2mdn.net/ads/richmedia/studio/60022945/ Frame A948 3 KB
3 KB 26ms
24ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60022945/60022945_20211004090929332_stoerer_01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f281334eea58ea165cfc8d93d6b4fa8ec4d6481c1b023d6ab6cb276d6011c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15768295053150174721/index.html?e=69&leftOffset=0&topOffset=0&c=mUBNjaoa8R&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3444
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 16:09:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Dec 2021 00:52:49 GMT

GET
H3 200 60022945_20210928073923528_stoerer_02.png
s0.2mdn.net/ads/richmedia/studio/60022945/ Frame A948 10 KB
10 KB 26ms
24ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60022945/60022945_20210928073923528_stoerer_02.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c655db6db19d869c8373231c69398ac48d23a23d0c85690d646567376e6779b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15768295053150174721/index.html?e=69&leftOffset=0&topOffset=0&c=mUBNjaoa8R&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9739
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 14:39:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Dec 2021 00:52:49 GMT

GET
H3 200 60022945_20210928073901570_logoleiste_blau.png
s0.2mdn.net/ads/richmedia/studio/60022945/ Frame A948 11 KB
11 KB 25ms
24ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60022945/60022945_20210928073901570_logoleiste_blau.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf7569ae7074ad83959c96c65c02d5994d2795b5cf90f3a933e2e110736123bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15768295053150174721/index.html?e=69&leftOffset=0&topOffset=0&c=mUBNjaoa8R&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11006
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 14:39:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Dec 2021 00:52:49 GMT

GET
H3 200 60022945_20210928073927147_visual_01.png
s0.2mdn.net/ads/richmedia/studio/60022945/ Frame A948 18 KB
18 KB 34ms
33ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60022945/60022945_20210928073927147_visual_01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c5c164d279626cbb73a85245a80b3719315c089db777ad1caf12b49f692d100

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15768295053150174721/index.html?e=69&leftOffset=0&topOffset=0&c=mUBNjaoa8R&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18019
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 14:39:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Dec 2021 00:52:49 GMT

GET
H3 200 60022945_20210928073930495_hintergrund_gruen.jpg
s0.2mdn.net/ads/richmedia/studio/60022945/ Frame A948 6 KB
6 KB 32ms
31ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60022945/60022945_20210928073930495_hintergrund_gruen.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd92c663a55c68ef3affebda496d8e34b023c2342f8e9c5d695a417aa802735a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15768295053150174721/index.html?e=69&leftOffset=0&topOffset=0&c=mUBNjaoa8R&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6496
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 14:39:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Dec 2021 00:52:49 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A948 17 KB
6 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 06 Dec 2021 00:52:49 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6CE0 17 KB
6 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_obb_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 06 Dec 2021 00:52:49 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 06 Dec 2021 00:52:49 GMT

GET
H3 200 lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js Show response
pagead2.googlesyndication.com/bg/ Frame A007 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

969b16dbf7df3d84d9f2b6498dbd14531a8de0cb889e0532a9d1fd3f1f3c46b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 19:45:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13349
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 19:45:18 GMT

GET
H3 200 lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js Show response
pagead2.googlesyndication.com/bg/ Frame 4404 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

969b16dbf7df3d84d9f2b6498dbd14531a8de0cb889e0532a9d1fd3f1f3c46b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 19:45:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13349
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 19:45:18 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3348 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Sun, 05 Dec 2021 22:10:37 GMT
expires: Mon, 05 Dec 2022 22:10:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9732
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6D38 783 B
535 B 18ms
18ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5a7a6b78b5482eccd6d9f91d654f003e572991764c71cdccfa3be781774d30ea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mrDY+zP/Oy672lvbNOFMvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 06 Dec 2021 00:52:49 GMT
date: Mon, 06 Dec 2021 00:52:49 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-mrDY+zP/Oy672lvbNOFMvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 249E 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpdsF4V6tYYCrGcj5-gbbm5rgDQAAAAA4AeAEAg&bg=!FBelF1PNAAaQHwIOkB87ACkAdvg8WtG6GAhe2LxQzKqi7kAsScvsNiDBscPjOUaCKbhvBJ5urt0vbwIAAAESUgAAAEFoAQeZAtt6Oqq8fhmxh6JpLp3yKq90HFEcvVVvEdWID8PW-j6URDZeMxOuZnpBXGYHUpiNJm6DfwCtqoO0lK8W7ExaM_f6jUo-xZbd9e-n-Kufsa-2BuaOQ3KhFjzD0sO95k5q9whgXT5koCykkbDQEI4yJQrDcWv57AJNrHJenzAX5KntVyH4V0gg6W6bv7ZmVICqRRMbhnm8KPuoRtasPlAxld1DwtzJCEaGhWVZctOvYAv6s9CEKy3Y0m--TD7wzsfHj60ZlyR_SN55Od6latNDUFI0IgZtdGn8eo-wytd3NUD2BDPL7fK6xAe9O2DCVYMbVlbGOf6QsXNsPToF-QMdZ5JTJXUfHfsa8GNp-ziUtwHATt-LI97WCJvGbOlWZRub9kYYHA04jAjcG3G9xcu8INHoNEJbVSWMYPilAZIYehmw9l93IE252zPcnBQL2pDCua_xFJBWCutGRg1DG6KWxPE_Mg-_u_NoPP692ORcqlf4VwesLMnuVjjbEQ9KfcC8hfkPwOGyhZxpNhOFep-T7xd2D4fTAh5H2ManIZdKzvKPBZVKYP-QZTmUGrA8n-qHz2bmZQQOh5pcSdymRP6Ytl3GtdDB9zto1bfhB1Etnpsqpih4FLObAnmwFYG_k13Cbm3AtseCWsoiiksIJWdwxCxOBu4FKTIhrN1Y1fYMvRh52F7M377NCgolq4yNn8IdOS1faHpZQ8qtSyR__d3Ktcl5ZDsybZq8sCYMv-HBBDzZPcJ-YApoNtdeioXJPMo26VOeeINgqFvxQ0Evev_2rUFyVehUF2BfwWkMNoc1IwgqcdDGP2TtM0ifRwiyGVm9BxNYwvHWdhjmGOEZPt2khRmgIB0rxSTOP5EQO_zHlHsIhOadtFNjPeLx6L58AOhKtqJ4UiWzhU0bS0L92PbfxrVa9lH306tvC1dPp_OR8l6rfpoJ1meMKIP4IuBdBAQVuSrhSGz1T10P4Ff_aQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 00:52:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6D38 0
0 25ms
23ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211201&jk=3865218929640579&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3348 35 KB
13 KB 15ms
9ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

969b16dbf7df3d84d9f2b6498dbd14531a8de0cb889e0532a9d1fd3f1f3c46b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 19:45:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13349
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 19:45:18 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5C1A 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_6HCQ0qow6WKW2zjqH87SGa981B9uH5uGehoFYJh9_LYlYwVj8kreDrd030sAHwrV-DlzUYaq7VpP13xF_SfQMEfZ71iowA9ILnT7At8O00v3r0wCXA&sai=AMfl-YSTzMQ99lRmlVbU9nPw-CRJMmWQV2JfQDmMKu7qPHWOabMe04EqkFb5CPqLdmeI8tYFuxbZzK1n61Im&sig=Cg0ArKJSzHkqzKwVUmYUEAE&id=lidar2&mcvt=1007&p=0,0,124,1005&mtos=75,774,1007,1123,1133&tos=75,699,233,116,10&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638751968102&rpt=261&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 00:52:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3348 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-f4zhg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211201&jk=3865218929640579&bg=!MTKlMnbNAAaQHwIOkB87ACkAdvg8WqhkAZ9geC-hB2CAVaqcBWZPexVsujZu7Mf-DT7fiJf7Bm2y3QIAAACZUgAAAAloAQcKAHTr4iMq5RRNmDX2p-55Jm8UNaJLuOcZz4rbDMkV7OTIARTXo-5xJjC-e2QIzlKaXkwmRMAsAKz1kkBCftF_Ezlz6xCa95RrpSY2LNeEL1VIuYriqXjTTFbfQCtJVTy0soLpIApVMp4wvCVSyGwAiPOsf1Gf0JkC2lPye02NBn-wRwm4fY9chDboXAhfC-xjlvco2krl_eeTyRW-yyMViJ1R6Js0AC4DuO8rRd-E6lzsMd1IN1aajT8_G_43-7pgwuBqvFc4g98C8COiny3L65xWaENOt3i4Pk92L2yhvUwk5nAGdB7mU0BRK-YLOGLmao5iTFoOGepCB_d0_4ZGQWTLN91wnRpySJaaa6ypj3hmfDFijXIi_ASZZbCkSvWaZfB8JYQQx5Kt4k_DyUuoeoJ0vcjkdbDHFQkHJ62iD7rzcAz0MxkjPDS-I7nQDkNmSgXCyc_zptAleNNMGzQ2PZXwSUStyAfsltKfpvshGcg3TtrMqL4Jm27yTR6b5knN8-OB-S97B5n1o2mitMlO9eZPmkQNdVxMHgXmOXBYAaM3LWnou5MzTcO4LhHXEU2lR4EkqE6c_Skmpejrcram9SzyC8eNzv8iZLe-USEdbAnF5K4n5koSziPkPXJ5SQ4V5cnw0SsuW0q_tGUJeR4K__j2eCA4JNtTMMKrc3QdWwrjh37JWIMc57gjffDj3rq7gbcxYAangQgbKUQDXvFV-E4lUhqfWElU2KWyJX55hnXV47U3U4WmOEVwym_AoOnLmF0RqFNfey5Y29PxSvhdgwBFemFNL1U_O5Fe2zUJZBS3GkpfVXbg20ah6JMQJcXJ8-oCeXiHIQ9Xzpq_tFEC3o-ZKiOkcA6qf4G9ls-mTC5Vt9-K3tSnwjQeidLlxf970gGUfAk61tG-EG-MybrGNmW7h4oywDbAT-ifIG1Mzi14MAWV2OATVF6ysHYk_iKaLCgNG3NIIJuFhnCjGfIIKjpSqdXtnTJzLHVN-568GW_K4F4-XXHzZK8NmfN0iUqnBDOjbeB7N4YQs0MLHjFjrZ8JXOBlaTEgWXIhb0nS7aHs9YydOeE119QM02gE08LUbvJxxPY8onFQp_bhyxmcpTC65HWVW6bZB-XSEl37uu6MrJw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 00:52:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=plantaocredito.xyz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 00:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=plantaocredito.xyz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 00:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 119 KB
31 KB 269ms
269ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3865218929640579&correlator=813408818129471&output=ldjh&impl=fif&eid=31063754%2C44752586&vrg=2021113001&ptt=17&sc=1&sfv=1-0-38&ecs=20211206&iu_parts=22088551542%3A22367029404%2Cplantaocredito.xyz%2CPlantaocredito_WEB_Interstitial_Content_20210901&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&didk=2034380535&cookie=ID%3D5d91280624245f75-22643e5f3ccc0038%3AT%3D1638751967%3ART%3D1638751967%3AS%3DALNI_MZ-4Ul4XH1iEETsFNCmyly7V_CCbg&bc=31&abxe=1&lmt=1638751969&dt=1638751969894&dlt=1638751965569&idt=1673&frm=20&biw=1600&bih=1200&oid=2&adks=2585661396&ucis=1&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fplantaocredito.xyz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1042707922.1638751967&ga_sid=1638751967&ga_hid=1605014380&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

714f958f2a4eeea47c0667dee2839e5ecf44ff05d83dce11729b7c8f7f9f3793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31795
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://plantaocredito.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6280 6 KB
4 KB 83ms
15ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 06 Dec 2021 00:52:50 GMT
expires: Tue, 06 Dec 2022 00:52:50 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2021113001.js Show response
securepubads.g.doubleclick.net/gpt/ 34 KB
13 KB 15ms
15ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021113001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

a28c298706a0383d4cc660fdbf6390198031c5b31640198d679fe9bed740769d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12899
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 13:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 06 Dec 2021 00:52:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
61 KB 30ms
16ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7K1FEGD034

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/ads1725.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b401491a373a0c6e82f0d3ae8c1d010860caf58ea15cd2857e399e018e1881f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62497
x-xss-protection: 0
expires: Mon, 06 Dec 2021 00:52:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-181670863-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-201994943-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

122a5cd0709dce5ca9c9c28f6391907f9ce0015be9de0a57a3cd7849ccdb46f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36189
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Dec 2021 00:52:50 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 15ms
15ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1605014380&t=pageview&_s=1&dl=https%3A%2F%2Fplantaocredito.xyz%2F&ul=en-us&de=UTF-8&dt=Inicio%20-%20Plant%C3%A3o%20Cr%C3%A9dito&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1726500038&gjid=52438863&cid=1042707922.1638751967&tid=UA-181670863-2&_gid=1474080406.1638751967&_r=1&gtm=2ouc10&z=403108786

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://plantaocredito.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 00:52:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://plantaocredito.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-181670863-2&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4667
date: Sun, 05 Dec 2021 23:35:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 06 Dec 2021 01:35:03 GMT

GET
H3 200 container.html Show response
4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D228 6 KB
3 KB 23ms
8ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 06 Dec 2021 00:52:50 GMT
expires: Tue, 06 Dec 2022 00:52:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6CE0 42 B
64 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvczSwnE88yl74XKD8dt4ffvC0ZLST6AKvu7fO7_k_pVZCK6T05AKB1TrFciJ0cSBTNd7SGc0dw9NcNoYweL-6ppbAEodw9Q2YBw2qVhc2Gd8SIYELXkQ&sai=AMfl-YQ2t7WVYqXc-ymq3WxIbKTVWMssRRwKw-q3-z1dedAnVCyx2_RVUFYj0oiLdee_xxp6kZz6dY1rSLFk2mo-bgIbct0NuUS6H0YNbPEdqc1yCU6W6oEnMrIMPsY&sig=Cg0ArKJSzMXwWEeiWpcvEAE&cid=CAASEuRos9wwPG-Z8EBeDqfHth4lmA&id=lidar2&mcvt=1042&p=0,0,90,728&mtos=1042,1042,1042,1042,1042&tos=1042,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2645007159&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638751968148&rpt=1022&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 00:52:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame D228 4 KB
634 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com
URL: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 23:42:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Dec 2021 00:52:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Dec 2021 00:52:50 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 19AE 6 KB
670 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: 4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com
URL: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 23:41:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Dec 2021 00:52:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Dec 2021 00:52:50 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 19AE 1 KB
881 B 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com
URL: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:51:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 00:51:09 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame 19AE 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite_fy2019.js

Requested by

Host: 4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com
URL: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7857
x-xss-protection: 0
server: cafe
etag: 2255741555227857113
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 00:37:51 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 19AE 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com
URL: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:48:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 00:48:58 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 19AE 15 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com
URL: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1013
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6446
x-xss-protection: 0
server: cafe
etag: 5472324691301332805
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 00:35:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 19AE 0
0 17ms
16ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSslaxUQ5QqJoZeY5GdK0axQqEs11CChhF3jHe8rsZ5R_Uyiw2RkE-kvjLDQUiE8MPJU08e
Requested by: Host: 4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com
URL: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 19AE 119 KB
36 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com
URL: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Dec 2021 00:52:50 GMT

GET
H3 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame 19AE 27 KB
11 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com
URL: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 04 Dec 2021 16:21:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 04 Mar 2022 16:21:31 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D228 205 B
229 B 9ms
9ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com
URL: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 13:34:25 GMT
x-content-type-options: nosniff
age: 213505
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 03 Dec 2022 13:34:25 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D228 604 B
628 B 10ms
9ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com
URL: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 18:14:09 GMT
x-content-type-options: nosniff
age: 23921
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 05 Dec 2022 18:14:09 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/ Frame D228 19 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: 4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com
URL: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d71682fbb31fc64ba19097a9eb389593ba1bf9f9f913bef6eaf563eb08c2a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3993
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8210
x-xss-protection: 0
server: cafe
etag: 6499249944067270656
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 23:46:17 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-7K1FEGD034&gtm=2oec10&_p=1605014380&sr=1600x1200&ul=en-us&cid=1042707922.1638751967&_s=1&dl=https%3A%2F%2Fplantaocredito.xyz%2F&dt=Inicio%20-%20Plant%C3%A3o%20Cr%C3%A9dito&sid=1638751970&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7K1FEGD034
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://plantaocredito.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 00:52:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://plantaocredito.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 script-push.js Show response
script.joinads.me/ 1 KB
1 KB 24ms
24ms Script
application/javascript 2606:4700:3033::6815:34e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.joinads.me/script-push.js
Requested by: Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:34e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3cb238c7630ba8bd60ede523b57d4b3619086b3c54c04297662d2fddc65c6c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 00:52:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 194424
cf-polished: origSize=1468
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 01 Apr 2021 12:59:37 GMT
server: cloudflare
etag: W/"6065c3b9-5bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LrsqjIQVYiwZ%2FRXm8rX1X0H01KkStUNHEEPB0qb6FKpCm9f6weVuhJCrox%2BVOKgomZzciydc13%2BoA147M3VPATOBVNTon4wTgzGFI6Xq%2FbFCuw22WinQ0%2Bye1P3kZQVyP6zs5rkAvfdukKqlXrIWkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 6b9188af697d5a37-MXP
expires: Mon, 28 Nov 2022 18:52:27 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBRegiqLq8RUdhSFrXt2wyO5g08mZXXqVdOLOehCh4PoDwWHBqrsPFX7G9l8K5omSNXs

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.plantaocredito.xyz/	1970-01-20 01:22:07	Name: _fbp Value: fb.1.1638751967327.2084160494
.plantaocredito.xyz/	1970-01-19 23:13:58	Name: _gid Value: GA1.2.1474080406.1638751967
.plantaocredito.xyz/	1970-01-19 23:12:32	Name: _gat_gtag_UA_201994943_1 Value: 1
prism.app-us1.com/	1970-01-19 23:55:43	Name: prism_26974550 Value: 1dd65060-748d-4d64-ab78-b7586ae3170e
.plantaocredito.xyz/	1970-01-19 23:55:43	Name: prism_26974550 Value: 1dd65060-748d-4d64-ab78-b7586ae3170e
.doubleclick.net/	1970-01-19 23:12:35	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 08:34:07	Name: IDE Value: AHWqTUnoVtKJLPwCP5-9BTpiAEhbL0Tm9UXgH_L0Q6hRGI55BIBCX1MDYE8MBdP5dxw
.adnxs.com/	1970-01-20 01:22:07	Name: uuid2 Value: 5742320399093933119
.adnxs.com/	1970-01-20 01:22:07	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?euX'J_!]tbPl1M>e)ZlrFUfJ+tGXxoTKbLHdQQ:4R>Mt]t@JsYucR$cUOyyYBBG8%ObpRzqF1`ba4UBWwo
.casalemedia.com/	1970-01-20 01:22:07	Name: CMPS Value: 5209
.casalemedia.com/	1970-01-19 23:13:58	Name: CMST Value: Ya1e4WGtXuEA
.casalemedia.com/	1970-01-20 07:58:07	Name: CMRUM3 Value: 2d61ad5ee12760CAESEKwrhBB7EYhNwiPaQ3KVTGk
.agkn.com/	1970-01-20 07:58:07	Name: ab Value: 0001%3APf219cGhfN%2BbgOxtQ03d0UyUd5HufzLp
.agkn.com/	1970-01-20 07:58:07	Name: u Value: C\|0CEApQBthKUAbYQAAAAAAAQ13AQCAAQpAAAAAAA
.casalemedia.com/	1970-01-20 07:58:07	Name: CMID Value: Ya1e4TMmbDJC8zg5JFltDQAA
.casalemedia.com/	1970-01-20 01:22:07	Name: CMPRO Value: 1131
.innovid.com/	1970-01-20 01:22:07	Name: uuid Value: 3e612c6f-b870-4a7b-ab95-14cecc79ac25-20211205 19:52:49
.e.dlx.addthis.com/	1970-01-20 08:42:46	Name: na_tc Value: Y
.addthis.com/	1970-01-20 08:42:46	Name: na_id Value: 2021120600524900042631515838
.addthis.com/	1970-01-20 08:42:46	Name: na_tc Value: Y
.addthis.com/	1970-01-20 08:42:46	Name: uid Value: 61ad5ee1080916ad
.addthis.com/	1970-01-20 08:42:46	Name: ouid Value: 61ad5ee10001540752268082ee84593b12de667709cd2d336cfa
.dlx.addthis.com/	1970-01-19 23:55:43	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-19 23:55:43	Name: na_sr Value: 20211206
.dlx.addthis.com/	1970-01-19 23:12:32	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-19 23:55:43	Name: na_sc_e Value: 0
.plantaocredito.xyz/	1970-01-19 23:12:32	Name: _gat_gtag_UA_181670863_2 Value: 1
.plantaocredito.xyz/	1970-01-20 08:34:07	Name: __gads Value: ID=5d91280624245f75:T=1638751967:S=ALNI_MafXeCy9BzRUTaB1MMvvqCGPMNH7g
.plantaocredito.xyz/	1970-01-20 16:43:43	Name: _ga_7K1FEGD034 Value: GS1.1.1638751970.1.0.1638751970.0
.plantaocredito.xyz/	1970-01-20 16:43:43	Name: _ga Value: GA1.1.1042707922.1638751967

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya1e4TMmbDJC8zg5JFltDQAABGsAAAIB&google_gid=CAESEKZowwUxBO07_ZEKQW9qzRA&google_cver=1&google_push=AYg5qPK6bluoSfrSMhRnfn0Srg5t-4XkdBRegiqLq8RUdhSFrXt2wyO5g08mZXXqVdOLOehCh4PoDwWHBqrsPFX7G9l8K5omSNXs Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-8519566401851236&fa=1&ifi=3&uci=a!3&btvi=1 Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4bdda59c23510e6ac47521f1468278de.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
ag.innovid.com
cm.g.doubleclick.net
connect.facebook.net
d.agkn.com
diffuser-cdn.app-us1.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
plantaocredito.xyz
prism.app-us1.com
rtb.openx.net
s0.2mdn.net
script.joinads.me
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
trackcmp.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
104.111.215.191
142.250.184.226
142.250.186.34
142.250.186.98
143.198.150.47
185.33.221.91
2.18.234.21
217.182.200.29
2606:4700:3033::6815:34e4
2606:4700::6811:915b
2606:4700::6812:10c
2a00:1450:4001:801::2008
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2006
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:400c:c00::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d01c:1d8:8102:a212:76ab:db1a:a790
35.156.157.11
35.227.252.103
54.73.238.193
00f28f80ba5f002fc08a4b78a2b9c2df70b26e14ddc704c5349fb4d65f47047d
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
039d644b319f7e4a4e519d602cc92b31bc0c31d1000b3363c044a276cfa8b1e0
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
0aade4473b4c7427f41a5b3aeacddf7a2e3532f2b7fece88a77644ec0e27d81a
0b401491a373a0c6e82f0d3ae8c1d010860caf58ea15cd2857e399e018e1881f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcbefe9c4c9ec1388e336c208b26e8934663f4437b34613823af38a23ef63e3
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
122a5cd0709dce5ca9c9c28f6391907f9ce0015be9de0a57a3cd7849ccdb46f2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
14d1267c9cf8d49aa00a026da9641071d586f1d65b78944b1430a09bb46a1f3d
15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648
16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1be93958af6816f513607e8a7c1791b5d33d87c6aaa0378edaa687de4282db79
1c8265dfea61fdbeb7770b27478fa751de4f9a0d8647867f98a0a47c00255842
1d71682fbb31fc64ba19097a9eb389593ba1bf9f9f913bef6eaf563eb08c2a7a
1ee4f520e7c3e246f1b8cdfccb2b693606ea7d529b4ae98ba3de1792f024a70e
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
21d2f5dffdff788f23ef5781f9088fd4d1429a8437ea12b951b8a584e466464b
22345199e9b67bd30fa151488e170bd46ccf396f98da9250df55d4ac669f5551
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb
29b40a9ea62e073fd394c6e8ce72df34b0bdeb88df7bf38df25eae257f5c7d45
2b2d2472f310f3a4c880947f473b8de3e58662291206e24a5426ee2bd64684ca
2c5c164d279626cbb73a85245a80b3719315c089db777ad1caf12b49f692d100
2c6430763c3ef8e3b0a63980b05694b1404b50381587043b3a7ab4a14a346198
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2db8df26802be7375f544080f0430a09908fec630c48f62e8d21a08cf6ad2f84
2e66ce2eadd79bca0080194f87dbf2f1d01bbf996241615de43d94dfc7eb1d0d
324dbc3f38a9f0a20763e0c0d817aadea2b441e2b872b81c69f453857da67489
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
346581ef7ce7844f5261e68e1ead8e083205d05bf3014416906417a9075eec68
351537fb41944b499ea0793eda78d1fa59643abc4c59784ff9ca9088a2b45810
3626069ffcb1718117bbccd3d9c1f487edeb9498ec20f162162b4cb111815d8a
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
39d0fd9943a1069718bb60c51587b8a2b7711d562766565fafd8ac6050e44cdb
3f281334eea58ea165cfc8d93d6b4fa8ec4d6481c1b023d6ab6cb276d6011c2d
406b4457b753e6582999535eb520f2e7994a3dacab6b1650fe4c99010f46597a
4492a4f252febe84a00d7f8246e50e43475a11d7192a279aab3c189cd3721456
465b31f84196ddfdd21c859a1460c95d70093d91e3ae5ce5c688c398b9dc20f7
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c1358b4aac75e9421734e818908d2cfd0ab7844b60925a574f3e3173f9b84bf
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
516a0d294c3b78c50cf98c177f23bcf143ce8d959108f2c31bb7bf8639d0984a
51ffb7d51c9cf2332a08a1e84d2f1a690a614154ab3bae39585aac87e8348adb
5243470d2be31f9aaf768f030f06b894aad081801460b75f6b396aca06fd8dda
533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020
541a22e85f3238899f2589d44b9390a8d6d6e193a5d436c10e8ec9ce7b256e76
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55bd442d45ef481e3f0eb795894dd94f1a5e38f2a4847c2f49371010e1e013c2
574ad33ccf9091fe607e9cdc0a691c384517f532fb7917c1c079ef9b24cde2ee
577eab66d8845a5fa792d22b09f2bb43acc4ac3dcf9dff821e61c0abe5e7b3c8
5a7a6b78b5482eccd6d9f91d654f003e572991764c71cdccfa3be781774d30ea
5aec278ade903745f846b8d0aae9a803d098eac0076413ed822c596cda772efa
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cf01af520eaf211cfd403e274f7b2871502dc6e121ad79b937ef93c373a7547
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620048f7c4eaa7b906ad7d9e98225f0e1889f76c6b0578face435ae79757c8d5
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
6860fe76c8d331b66bbd79b423dd26dc563e989947f6e94d23157eed026f1730
68785dfabb0608ea3368cf65bdd39a06290651bf97e570d322f607fc240832bf
69fc7bcafee09477b13dbda32d00410bc15a3faeb3e890cc15fef46d7c84d432
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc11128d77ceff588b66df87cf0058ac521808a00dd010ad7de61ad1fe98982
6c655db6db19d869c8373231c69398ac48d23a23d0c85690d646567376e6779b
6d09be5ae723ad43d8e44ae1719f6769efa7da5bb780f67edf03b6f7b85c16ef
709db08158376dc842c41c3125d7ebfd75085d4755929bbce7209e685a8731e4
714f958f2a4eeea47c0667dee2839e5ecf44ff05d83dce11729b7c8f7f9f3793
72cafe8b64bdc38c48073665e198d48b6715b561e5793eab39180c2a5db8193b
76b8c213b84808d8f2986bfa38e79e3f2d1a94f065e517a143999b198abd8bd6
7737fea30590b41106722b8d2add87fd538bdec869d94eeb93553fc62b9b9a6e
77bf60e84e126d1609cc0a302c3953dc25ae054aaee3514d04a4726d4f2609fe
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87405338b6b370e7995c862b8b1e5730ce5db3e505ac7ab21298c9d7d45cb6ca
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8bc9e99df030393e9710d3bc34f2c81a7712da26b96ca9d10bff5350826544dd
8da4ba63c0631c15e1fbebacc34c51ddf4d51b8b2bd7a6c9a3885e913f408301
8e00ca72c38a4c2bd3e5dbbc2455457343737a1d3b4904975d43bdde3c012c05
933a7afc9634cbd2cbe461c85494ed2b6cb054860aed2ae567c1fe2f9897fd9a
969b16dbf7df3d84d9f2b6498dbd14531a8de0cb889e0532a9d1fd3f1f3c46b7
97f234a27b6737ae353c0f2e8dcbfd55c474e9ca484a0ea906a40a02e0f0dad7
9a19938485ca7f6c582d3f78d17d9e443d26b260cac24c9dd9499f70b5d28390
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bbd26c49f5ae124707da73ee22462fbc47ca1d38e85825771170e4b1c850af7
9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9dc88625e94e3961af4c144d8cbfb45f703b3d812c28a6b3ded970709204b0bf
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a097d121deb546540a86c2084e68b9cad24457639d617c2cb751b1bbbbabef6c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a28c298706a0383d4cc660fdbf6390198031c5b31640198d679fe9bed740769d
a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aabc30ee10c2b23a718fe443f43b051563fa5c58aa4b48cb64155a424e451468
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac7f11986f311aec18f6e8346a0c2448ed4a523a16761ecd652a9707792282fa
adca5d0e2d8cf963ea169f370334d59fe2a8fddaf00fb4878687686f2580a814
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b4d44a56ea08f2e71de40c07cca623339b0e76cf824c5d7d1d42fe6794f80231
b5bda00a5ec63e26748b9f40cf1356b3823db279199d74813874255c748657d2
b7474cdfa04752d04d03e228aef9053d4eec453778bb902dc840880a84b29f63
b8f48c4bcb8186d73a45940bfa283ec096579ec1e5b3e9ab1e54b6d61a3ebab7
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf7569ae7074ad83959c96c65c02d5994d2795b5cf90f3a933e2e110736123bf
c8a2ce0ff737cb50745bcd2b534fa03c462d897895dadb9af2d46e37db45c2f2
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d0460dfa53507eb6b050b3035d367ab5ddd0d2c7ccb31fe7a68fc6ac1cfbb2c2
d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce
d141e0d8a4655b103043956944298a32f2ad3eeddba3e291c1acdfd42c3efc12
d27c5ac2f4ab9c52bbadf0594f13535c563b05bdb5e9b12cf7852d94ba15c804
d39c55bbf87b52c4f2b7e239f3b0d784944c02a6d85455bdc8ea2662e378ea5c
d3cc6b0b74b949fa886fabe7bde4f82927ad4b18fe22eac02d1b45c848d88280
d41bf65826c3499d81d6043ce04a5522bb038504230bb231254e72ae6991a23e
d43d42d97a74018432cf24585b78a896e5bf41f7f1068811264a844aea1a82f5
d603b6e5c404d28a9f1c12bb0b57d8c9967836a8f53cce046a2ab3fd1f3b2f52
d64632cb473ea08882673727c1b95ca3a2e040323b57206859fbc9195c0989fa
d73b123cd2ef3afda65cb6e76579341b1bb1f27faddb0dfc54875e7a05b0114b
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2
dd92c663a55c68ef3affebda496d8e34b023c2342f8e9c5d695a417aa802735a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e32e77d49c38f1cb0b4c87d1f9d4eb2b2e36a685b550625405d8119fe6263e41
e38ca129c53b94dab5eb23c74ad92f91d95ea0b536c44e27ea232741c5e1d588
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cb238c7630ba8bd60ede523b57d4b3619086b3c54c04297662d2fddc65c6c4
e3cbcfe3f882ea56764020ab1c935894474a545c1952fa61f221e8c34309d22b
e50bb464e8257ff1391db4b7a9fec036fc876ad95b0a72f8b0f4bd7b5997a0a6
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e8bb032821c8f9b1c826bb1f72a32c3351b4d79bfde7eda18822ef9503bd5381
e94b12cb948d3d2eff43addf04700f8611ba383c00892652dc294a76bec2a105
edb9155737a1151ce1c8b5aeb936d79cb06d1ae7ec19c3c0e78a8cf5330f6ba3
edc988f9162131dfa6d20d122013987468254662e7cdbc7565c39a5789edb6ca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00cf2b1e9049406a0cfba145b0c28d44e236e6c39e7656e103967fc6ae2306e
f0e403386a598f953a4948b91858de2de7b639ef30e9dd0db5c37ee3ace98f38
f29a5fbeb31ea46d54703d1d32246172311ec91e50c2d307333e355e146ca15f
f3971b50c2fef5d876fd6c9e71e3627e52a1b486c2d590756b352059319a6446
f5a6757cf1f347a9d7deac583f51c5792b431ebc16d7c83ca030197a80651715
f9570e7090824a0a863b53a8feaac80124cc345489aa8c70adbcc760dbefccca
fbba921ac6117515175d0c74f53c00964749f6669203297587e0fb0aa959d347
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
ff1ce8732e74bc97205dfb4009d268a21dcbd5eac386e19e45f93db0defd51b5
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
ff7ff830995ee29fdc7b565b6f22fb8d6f57e793fd885a73f8057f66ec6c241e

plantaocredito.xyz Open in urlscan Pro 143.198.150.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

225 Requests

96 %HTTPS

66 %IPv6

25 Domains

35 Subdomains

29 IPs

7 Countries

3887 kBTransfer

7065 kBSize

30 Cookies

0 Outgoing links

Redirected requests

225 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

plantaocredito.xyz Open in urlscan Pro
143.198.150.47 Public Scan

Screenshot
Live screenshot

Full Image

225
Requests

96 %
HTTPS

66 %
IPv6

25
Domains

35
Subdomains

29
IPs

7
Countries

3887 kB
Transfer

7065 kB
Size

30
Cookies

225 HTTP transactions
2 data transactions