Submitted URL: https://mercantilehsv.com/0447650000
Effective URL: https://quem-chamou.info/0447650000
Submission: On March 02 via manual from SG

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 24 HTTP transactions. The main IP is 5.45.72.207, located in Dronten, Netherlands and belongs to SCALAXY-AS, NL. The main domain is quem-chamou.info.
TLS certificate: Issued by R3 on February 8th 2021. Valid for: 3 months.
This is the only time quem-chamou.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
9 pagead2.googlesyndication.com quem-chamou.info
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 quem-chamou.info quem-chamou.info
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 mercantilehsv.com 1 redirects
24 9

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
Subject Issuer Validity Valid
quem-chamou.info
R3
2021-02-08 -
2021-05-09
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
*.googleadservices.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
*.google.de
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
*.google.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh

This page contains 6 frames:

Primary Page: https://quem-chamou.info/0447650000
Frame ID: C750ED8E31618FFCAA94FD4564704A77
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/zrt_lookup.html
Frame ID: E61BECAEC753172927F5E27FB6DB55EC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1796915019298663&output=html&adk=1812271804&adf=3025194257&lmt=1614697906&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fquem-chamou.info%2F0447650000&ea=0&flash=0&pra=5&wgl=1&dt=1614697906799&bpp=15&bdt=216&idt=96&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5905987244446&frm=20&pv=2&ga_vid=2070398289.1614697907&ga_sid=1614697907&ga_hid=797771829&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060049%2C21069711&oid=3&pvsid=2838243277123723&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=114
Frame ID: E9A2868DF9BC8935E05198E7EC04A904
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1796915019298663&output=html&h=280&slotname=3742372231&adk=781906570&adf=4065594387&pi=t.ma~as.3742372231&w=1170&fwrn=4&fwrnh=100&lmt=1614697906&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fquem-chamou.info%2F0447650000&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614697906816&bpp=3&bdt=233&idt=103&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5905987244446&frm=20&pv=1&ga_vid=2070398289.1614697907&ga_sid=1614697907&ga_hid=797771829&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=78&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060049%2C21069711&oid=3&pvsid=2838243277123723&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LipxniqcxL&p=https%3A//quem-chamou.info&dtd=108
Frame ID: C721C3060B8D5C2E0AE57B2949E47BC1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1796915019298663&output=html&h=280&slotname=3742372231&adk=2650991476&adf=2339903221&pi=t.ma~as.3742372231&w=1140&fwrn=4&fwrnh=100&lmt=1614697906&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fquem-chamou.info%2F0447650000&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614697906820&bpp=1&bdt=238&idt=109&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=5905987244446&frm=20&pv=1&ga_vid=2070398289.1614697907&ga_sid=1614697907&ga_hid=797771829&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060049%2C21069711&oid=3&pvsid=2838243277123723&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=s66vCtU8Ne&p=https%3A//quem-chamou.info&dtd=112
Frame ID: 8EE42D5F12E3195FB81ACC146068B15F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 56B953447663483721460FA798C0840E
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://mercantilehsv.com/0447650000 HTTP 302
    https://quem-chamou.info/0447650000 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

24
Requests

100 %
HTTPS

71 %
IPv6

8
Domains

9
Subdomains

7
IPs

3
Countries

323 kB
Transfer

1825 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mercantilehsv.com/0447650000 HTTP 302
    https://quem-chamou.info/0447650000 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 0447650000
quem-chamou.info/
Redirect Chain
  • https://mercantilehsv.com/0447650000
  • https://quem-chamou.info/0447650000
1 MB
39 KB
Document
General
Full URL
https://quem-chamou.info/0447650000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.45.72.207 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx / PHP/7.4.8
Resource Hash
3888537007716bb5b699c9787e40959a66759f4ac41950a67a9d379721b2beba

Request headers

:method
GET
:authority
quem-chamou.info
:scheme
https
:path
/0447650000
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Tue, 02 Mar 2021 15:11:46 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.8
set-cookie
_csrfApp=6072d16b66571f45810e8ffdd693e60c9fc5d6497b3aa01c0ccabd0bce718dc7a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_csrfApp%22%3Bi%3A1%3Bs%3A32%3A%22MtjWko_MO63HhIo4Cxk4lNOVk_9n8QKA%22%3B%7D; path=/; HttpOnly
content-encoding
gzip

Redirect headers

server
nginx
date
Tue, 02 Mar 2021 15:11:46 GMT
content-type
text/html; charset=UTF-8
location
https://quem-chamou.info/0447650000
x-powered-by
PHP/7.4.8
strict-transport-security
max-age=31536000;
glyphicons-halflings-regular.woff2
quem-chamou.info/fonts/
18 KB
18 KB
Font
General
Full URL
https://quem-chamou.info/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: quem-chamou.info
URL: https://quem-chamou.info/0447650000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.45.72.207 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Origin
https://quem-chamou.info
Referer
https://quem-chamou.info/0447650000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 15:11:46 GMT
last-modified
Sun, 31 Jan 2021 10:25:48 GMT
server
nginx
accept-ranges
bytes
etag
"601685ac-466c"
content-length
18028
content-type
font/woff2
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
138 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: quem-chamou.info
URL: https://quem-chamou.info/0447650000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3628da8fa7768e8c2bdb2fb0856093807a7a9a9837ac50139c4afb94cc4a20a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quem-chamou.info/0447650000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 15:11:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49425
x-xss-protection
0
server
cafe
etag
12511417949189125007
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 15:11:46 GMT
177x45.png
quem-chamou.info/images/logo/
1 KB
1 KB
Image
General
Full URL
https://quem-chamou.info/images/logo/177x45.png
Requested by
Host: quem-chamou.info
URL: https://quem-chamou.info/0447650000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.45.72.207 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
0ab0ae0c8d66fcaae9f34da135f640e1c1f28dacdf6c8831357803d0b63d8b2b

Request headers

Referer
https://quem-chamou.info/0447650000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 15:11:46 GMT
last-modified
Sun, 31 Jan 2021 10:25:53 GMT
server
nginx
etag
"601685b1-4a7"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1191
expires
Thu, 01 Apr 2021 15:11:46 GMT
app.min.js
quem-chamou.info/js/build/
155 KB
50 KB
Script
General
Full URL
https://quem-chamou.info/js/build/app.min.js?revision=1612191757
Requested by
Host: quem-chamou.info
URL: https://quem-chamou.info/0447650000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.45.72.207 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf5cea367d41bccb9a7910d62d653b5147a53de200657eb72f815a78db869ccb

Request headers

Referer
https://quem-chamou.info/0447650000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 15:11:46 GMT
content-encoding
gzip
last-modified
Mon, 01 Feb 2021 15:02:37 GMT
server
nginx
etag
W/"6018180d-26dcf"
content-type
application/javascript
cache-control
max-age=2592000
expires
Thu, 01 Apr 2021 15:11:46 GMT
main.min.css
quem-chamou.info/css/
119 KB
20 KB
Stylesheet
General
Full URL
https://quem-chamou.info/css/main.min.css?build=1612088747
Requested by
Host: quem-chamou.info
URL: https://quem-chamou.info/0447650000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.45.72.207 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
2449fa8b47101215d2b9fb8b4fda0c12ea46d1ac8950c36a82e7f6dd8f3dfa5a

Request headers

Referer
https://quem-chamou.info/0447650000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 15:11:46 GMT
content-encoding
gzip
last-modified
Sun, 31 Jan 2021 10:25:47 GMT
server
nginx
etag
W/"601685ab-1dca1"
content-type
text/css
cache-control
max-age=2592000
expires
Thu, 01 Apr 2021 15:11:46 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/
227 KB
85 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1796915019298663&plah=quem-chamou.info&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quem-chamou.info/0447650000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 15:11:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87195
x-xss-protection
0
server
cafe
etag
3111314854812010922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 15:11:46 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/ Frame E61B
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210224/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://quem-chamou.info/0447650000
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://quem-chamou.info/0447650000

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 02 Mar 2021 00:12:56 GMT
expires
Tue, 16 Mar 2021 00:12:56 GMT
content-type
text/html; charset=UTF-8
etag
6440208225989294717
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4777
x-xss-protection
0
age
53930
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/
0
433 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=165&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20Only%20one%20%27enable_page_level_ads%27%20allowed%20per%20page.%0Aat%20Em%20(https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3A219%3A314)%0Aat%20Dm%20(adsbygoogle.js%3A217%3A655)%0Aat%20Lm%20(adsbygoogle.js%3A225%3A363)%0Aat%20b%20(adsbygoogle.js%3A226%3A36)%0Aat%20Mm%20(adsbygoogle.js%3A226%3A173)%0Aat%20Tm%20(adsbygoogle.js%3A234%3A234)%0Aat%20Nm%20(adsbygoogle.js%3A231%3A190)%0Aat%20adsbygoogle.js%3A227%3A47%0Aat%20df.n.ga%20(adsbygoogle.js%3A71%3A294)%0Aat%20nf%20(adsbygoogle.js%3A79%3A107)&shv=r20210224&eid=21069711&client=ca-pub-1796915019298663&url=https%3A%2F%2Fquem-chamou.info%2F0447650000
Requested by
Host: quem-chamou.info
URL: https://quem-chamou.info/0447650000
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quem-chamou.info/0447650000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 15:11:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
206 B
646 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=quem-chamou.info&callback=_gfp_s_&client=ca-pub-1796915019298663
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1796915019298663&plah=quem-chamou.info&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN (),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
f793c9ce179caf86a760de08c669fe60b974b516a33a47787720a4a1e0a0b3a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quem-chamou.info/0447650000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 15:11:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=quem-chamou.info&meb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1796915019298663&plah=quem-chamou.info&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quem-chamou.info/0447650000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 15:11:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=quem-chamou.info&meb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1796915019298663&plah=quem-chamou.info&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quem-chamou.info/0447650000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 15:11:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E9A2
2 KB
1 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1796915019298663&output=html&adk=1812271804&adf=3025194257&lmt=1614697906&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fquem-chamou.info%2F0447650000&ea=0&flash=0&pra=5&wgl=1&dt=1614697906799&bpp=15&bdt=216&idt=96&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5905987244446&frm=20&pv=2&ga_vid=2070398289.1614697907&ga_sid=1614697907&ga_hid=797771829&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060049%2C21069711&oid=3&pvsid=2838243277123723&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=114
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1796915019298663&plah=quem-chamou.info&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
311ae803bd10b5a7adfb12baece46e887050f752763bf6c15bff90990e9e0b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1796915019298663&output=html&adk=1812271804&adf=3025194257&lmt=1614697906&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fquem-chamou.info%2F0447650000&ea=0&flash=0&pra=5&wgl=1&dt=1614697906799&bpp=15&bdt=216&idt=96&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5905987244446&frm=20&pv=2&ga_vid=2070398289.1614697907&ga_sid=1614697907&ga_hid=797771829&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060049%2C21069711&oid=3&pvsid=2838243277123723&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=114
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://quem-chamou.info/0447650000
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://quem-chamou.info/0447650000

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Mar 2021 15:11:47 GMT
server
cafe
content-length
492
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 02-Mar-2021 15:26:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 02 Mar 2021 15:11:47 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
74 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1796915019298663&plah=quem-chamou.info&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quem-chamou.info/0447650000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 15:11:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Tue, 02 Mar 2021 15:11:46 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C721
405 B
229 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1796915019298663&output=html&h=280&slotname=3742372231&adk=781906570&adf=4065594387&pi=t.ma~as.3742372231&w=1170&fwrn=4&fwrnh=100&lmt=1614697906&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fquem-chamou.info%2F0447650000&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614697906816&bpp=3&bdt=233&idt=103&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5905987244446&frm=20&pv=1&ga_vid=2070398289.1614697907&ga_sid=1614697907&ga_hid=797771829&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=78&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060049%2C21069711&oid=3&pvsid=2838243277123723&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LipxniqcxL&p=https%3A//quem-chamou.info&dtd=108
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1796915019298663&plah=quem-chamou.info&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
276e8424ee8c7f43ec86a4b770eaadb14412a2e26979d3ad9078aa9e92d88fac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1796915019298663&output=html&h=280&slotname=3742372231&adk=781906570&adf=4065594387&pi=t.ma~as.3742372231&w=1170&fwrn=4&fwrnh=100&lmt=1614697906&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fquem-chamou.info%2F0447650000&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614697906816&bpp=3&bdt=233&idt=103&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5905987244446&frm=20&pv=1&ga_vid=2070398289.1614697907&ga_sid=1614697907&ga_hid=797771829&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=78&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060049%2C21069711&oid=3&pvsid=2838243277123723&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LipxniqcxL&p=https%3A//quem-chamou.info&dtd=108
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://quem-chamou.info/0447650000
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://quem-chamou.info/0447650000

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Mar 2021 15:11:47 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 02-Mar-2021 15:26:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 02 Mar 2021 15:11:47 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 8EE4
405 B
232 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1796915019298663&output=html&h=280&slotname=3742372231&adk=2650991476&adf=2339903221&pi=t.ma~as.3742372231&w=1140&fwrn=4&fwrnh=100&lmt=1614697906&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fquem-chamou.info%2F0447650000&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614697906820&bpp=1&bdt=238&idt=109&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=5905987244446&frm=20&pv=1&ga_vid=2070398289.1614697907&ga_sid=1614697907&ga_hid=797771829&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060049%2C21069711&oid=3&pvsid=2838243277123723&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=s66vCtU8Ne&p=https%3A//quem-chamou.info&dtd=112
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1796915019298663&plah=quem-chamou.info&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
acc93f3cd48b1ac2e5f0ca592693cb88c668c7782f1e3e450bb8331afc784723
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1796915019298663&output=html&h=280&slotname=3742372231&adk=2650991476&adf=2339903221&pi=t.ma~as.3742372231&w=1140&fwrn=4&fwrnh=100&lmt=1614697906&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fquem-chamou.info%2F0447650000&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614697906820&bpp=1&bdt=238&idt=109&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=5905987244446&frm=20&pv=1&ga_vid=2070398289.1614697907&ga_sid=1614697907&ga_hid=797771829&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060049%2C21069711&oid=3&pvsid=2838243277123723&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=s66vCtU8Ne&p=https%3A//quem-chamou.info&dtd=112
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://quem-chamou.info/0447650000
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://quem-chamou.info/0447650000

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Mar 2021 15:11:47 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 02-Mar-2021 15:26:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 02 Mar 2021 15:11:47 GMT
cache-control
private
gen_204
pagead2.googlesyndication.com/pagead/
0
46 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-1796915019298663&warn=12%2C13&w=1600&h=1200&eatf=false&reatf=true&a=6%2C1%2C5%2C7&apv=20210224_103841&sat=1614599668642&afm=0&as_count=2&d_count=0&ng_count=0&am_count=0&atf_count=1&mdns=0.308&alldns=0.308&allp=10&pgh=1820&su=quem-chamou.info&r=0.1
Requested by
Host: quem-chamou.info
URL: https://quem-chamou.info/0447650000
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quem-chamou.info/0447650000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 15:11:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
23 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=2650991476&adf=2339903221&fmt=1140x280&str=true&ad_y=1400&vph=1200&r_nh=0&qid=CIjYp7nyke8CFcdv0wodNCEFsQ&w=1140&h=280&nh=0&rsz=%7C%7CeE%7C&abl=CS&frsz=false&err=0&url=https%3A%2F%2Fquem-chamou.info%2F0447650000
Requested by
Host: quem-chamou.info
URL: https://quem-chamou.info/0447650000
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quem-chamou.info/0447650000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 15:11:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
23 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=781906570&adf=4065594387&fmt=1170x280&str=false&ad_y=78&vph=1200&r_nh=0&qid=CLfcp7nyke8CFUXL3godF7IKCQ&w=1170&h=280&err=1&url=https%3A%2F%2Fquem-chamou.info%2F0447650000
Requested by
Host: quem-chamou.info
URL: https://quem-chamou.info/0447650000
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quem-chamou.info/0447650000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 15:11:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
8 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1796915019298663&plah=quem-chamou.info&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80934c80ba51d088efe3e50a81016bf7265c8422f8fb4196649673a1d406c764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quem-chamou.info/0447650000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 15:11:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6563
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1796915019298663&plah=quem-chamou.info&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quem-chamou.info/0447650000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 15:11:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 15:11:47 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 56B9
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://quem-chamou.info/0447650000
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://quem-chamou.info/0447650000

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 02 Mar 2021 14:52:58 GMT
expires
Wed, 02 Mar 2022 14:52:58 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1129
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame 56B9
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
122363
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
23 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210224&jk=2838243277123723&bg=!9Pel97TNAAXB_3NtwTsAKQB2-DxaAxF3WjMdK63wrbqYGbL-PtKAP89hj6hPRe2q7FbucIhmRP-OAgAAAGtSAAAAC2gBBwoBsegYK9euPK9eOonEiV_Dd2YnM5BVQd8NjBMZCUs_-yqVANTb0_dKjhkh3lUQxFGAw4DCBq8VEMvqNYTg1jnysHpIHa_QmjlbTveCMyPHZP13B3VNSTMAfzjDDK7MBQRo8ChU4CjIX7MNaq2x1BpI9rFsGVZmGHKz7lu6J4itD5XdMmkQKo-wq9l5ettg750iIG7D4abwtt71HGs6cUwdSLjde4TUa3CNWtlu6mAwp5P1bgw5o-pPoetzNYzuAlcFYxHS31C-U_iMwZ5zJZ1uKV_VZanGS8zqobQcLBarW4xjyRN90r6ho1ju50I4wgIFFnPvJvRkNP29b7VUVSAH1kpHcN3rU3WxCYWRSH9PaPVQUQLo4yYfEdmvxLyJCWnnI8iW4T48_v7F-JO6HNDOZqAwAvCpovJQU92vK38I7A9xkYfAiaEEoRMUg-bucBFIeOBLt4jn3IySSVND0A9n8UxZvGN0R3DU_Rbj3uoZTpvky330fcC0rUnjt1AujkNh2sA2PkmkpCGjnMO5gZzFjkJsjg8Llnhh41hjEJcJVg8ONZIUFx39ueLx64zIUK0Gf1aZAc3FJzB2OOURjUqRHywqT24qN_pVf1o29UR6u9W2KhqRwDOXuvZ2QcfYLuDvn_YV2NdDYYXN1-pH3e-EqE8iCeADL_UYQUCkxmmFANoBqAszTnwrsEBdqEGnMuX5OzU2Zh-ow6dceKL5VYSCyIyfkqxPZlUTYnDquYlZd1LwVnty2sYFiVyyShpXrCeaQ5ATqLvrIfwwlbuWLNrKayL49kiG9PE0iZgGSwrpNOicSqyBaeNJl-J-NL7nE7Cy6EYZQ6JNPJeY4C3iE-7A7AWPmhFAeP0kTGsDVDEfhAjJi_tL7-FQTMeDn1ewLi4DAG0EY3Bq5D_F98BncGtf9S8bMj6xgoREGY3dHX2NkuDrkiH8WuQHXkjBaLZQFzHOVrQI6A3p9GkAdbtsQDBQoJ8c0qzShGbV4ly7OweEX_DVtuwqGKp30PTjOmAuZVMyo8QqwrugzX0ex_tjCt2Am1_PSoI5ZNVS83LR71RJPoDCcwkFQiyRL_y4koeEq8bqK7vcdMu2B8UlR9URl95ksyCTvqRSkCvh6i4wrdd_0ZQ_Ib2f8iI3VrT_0_XPrGqV-FQMV4WYSdH09cb5bROuEIXGjjwipHmXRcz7e3Wh4B5vUQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quem-chamou.info/0447650000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 15:11:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| adsbygoogle object| APP function| localStorageGet function| localStorageSet function| $ function| jQuery object| jQuery112408000371715775783 object| lazySizesConfig object| lazySizes object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map object| google_image_requests number| google_lpabyc function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms

3 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.quem-chamou.info/ Name: __gads
Value: ID=5de7353f77fcf284-22152fb3a2ba00c5:T=1614697907:RT=1614697907:S=ALNI_Mbx3VQs0ZC-ds2GtR5mDAlHyXqywA
quem-chamou.info/ Name: _csrfApp
Value: 6072d16b66571f45810e8ffdd693e60c9fc5d6497b3aa01c0ccabd0bce718dc7a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22_csrfApp%22%3Bi%3A1%3Bs%3A32%3A%22MtjWko_MO63HhIo4Cxk4lNOVk_9n8QKA%22%3B%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
mercantilehsv.com
pagead2.googlesyndication.com
partner.googleadservices.com
quem-chamou.info
tpc.googlesyndication.com
www.googletagservices.com
142.250.186.34
2a00:1450:4001:800::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2002
5.45.72.207
0ab0ae0c8d66fcaae9f34da135f640e1c1f28dacdf6c8831357803d0b63d8b2b
2449fa8b47101215d2b9fb8b4fda0c12ea46d1ac8950c36a82e7f6dd8f3dfa5a
276e8424ee8c7f43ec86a4b770eaadb14412a2e26979d3ad9078aa9e92d88fac
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
311ae803bd10b5a7adfb12baece46e887050f752763bf6c15bff90990e9e0b5a
3888537007716bb5b699c9787e40959a66759f4ac41950a67a9d379721b2beba
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
80934c80ba51d088efe3e50a81016bf7265c8422f8fb4196649673a1d406c764
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
acc93f3cd48b1ac2e5f0ca592693cb88c668c7782f1e3e450bb8331afc784723
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
c3628da8fa7768e8c2bdb2fb0856093807a7a9a9837ac50139c4afb94cc4a20a
cf5cea367d41bccb9a7910d62d653b5147a53de200657eb72f815a78db869ccb
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5
f793c9ce179caf86a760de08c669fe60b974b516a33a47787720a4a1e0a0b3a7
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c