URL: http://leiloesfinancas.com/
Submission: On November 30 via api from US — Scanned from DE

Summary

This website contacted 19 IPs in 7 countries across 20 domains to perform 107 HTTP transactions. The main IP is 195.201.124.227, located in Germany and belongs to HETZNER-AS, DE. The main domain is leiloesfinancas.com.
This is the only time leiloesfinancas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 195.201.124.227 24940 (HETZNER-AS)
14 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 10 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 4 2001:678:cb4:... 56396 (AMOBEE)
2 9 142.250.184.226 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.204.158.49 396982 (GOOGLE-CL...)
1 3.33.220.150 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
2 2 37.157.6.254 198622 (ADFORM)
4 172.217.16.194 15169 (GOOGLE)
1 1 35.186.193.173 15169 (GOOGLE)
1 3.66.82.152 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 178.250.1.9 44788 (ASN-CRITE...)
1 1 51.89.9.251 16276 (OVH)
107 19
Apex Domain
Subdomains
Transfer
35 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
606 KB
20 leiloesfinancas.com
leiloesfinancas.com
836 KB
19 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
153 KB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
215 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
5 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
r.turn.com — Cisco Umbrella Rank: 3570
2 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
191 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
1 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
388 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 550
363 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
717 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
147 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 4999
611 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1618
174 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
150 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
717 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
465 B
107 20
Domain Requested by
21 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
20 leiloesfinancas.com leiloesfinancas.com
14 pagead2.googlesyndication.com leiloesfinancas.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
10 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
9 cm.g.doubleclick.net 2 redirects googleads.g.doubleclick.net
7 www.gstatic.com googleads.g.doubleclick.net
5 fonts.gstatic.com fonts.googleapis.com
5 fonts.googleapis.com leiloesfinancas.com
googleads.g.doubleclick.net
4 www.googleadservices.com
3 www.googletagservices.com googleads.g.doubleclick.net
3 www.google.com tpc.googlesyndication.com
googleads.g.doubleclick.net
2 c1.adform.net 2 redirects
2 s.tribalfusion.com
2 a.tribalfusion.com 2 redirects
2 r.turn.com googleads.g.doubleclick.net
2 ad.turn.com 2 redirects
1 onetag-sys.com 1 redirects
1 dis.criteo.com googleads.g.doubleclick.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 x.bidswitch.net googleads.g.doubleclick.net
1 ipac.ctnsnet.com 1 redirects
1 tr.blismedia.com googleads.g.doubleclick.net
1 match.adsrvr.org googleads.g.doubleclick.net
1 um.simpli.fi 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
107 25

This site contains links to these domains. Also see Links.

Domain
vendas.portaldasfinancas.gov.pt
www.facebook.com
www.templatewire.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
quantserve.com
R3
2023-10-28 -
2024-01-26
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
tr.blismedia.com
GTS CA 1D4
2023-10-04 -
2024-01-02
3 months crt.sh
*.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2023-12-23
3 months crt.sh

This page contains 17 frames:

Primary Page: http://leiloesfinancas.com/
Frame ID: 4C1226E71B9AC0CE010238394F024936
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/zrt_lookup_fy2021.html
Frame ID: 7D7243990CC8A6492C0668FEE7C31CF1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&adk=2020088507&adf=637443794&lmt=1522856452&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1701365827473&bpp=2&bdt=87&idt=194&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4203965407633&frm=20&pv=2&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=210
Frame ID: 426A3CDCF56F3CE15B65B601E66E6562
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Frame ID: 3CAE622F07E1987D8FB28DE11ADDB75C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Frame ID: 64085E424BC7CD70B83BFB9F3EA2D405
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=203374720&adf=3978676269&pi=t.aa~a.2674988853~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1140x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=2652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=7
Frame ID: F2B2659715BE8DFAF2BE269D1D82EE32
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=2896271574&pi=t.aa~a.1338058185~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=0&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1140x280&nras=5&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=9
Frame ID: BC79E6E7D7B03AB5203EC23D9181F0F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=3526253708&pi=t.aa~a.816752825~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1140x280%2C1200x280&nras=6&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=11
Frame ID: 704487936CF2343F3B2CDC828DB4D089
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: E57EF5FB5A1981A5DA784AEF13268853
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B9B02B845B5C9A3DA64E2EB6C2BFAAD2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B16DEFABDD7739503D5ED10515BBD68C
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Frame ID: B440D042AC86FD32EEF065C8388F3BA3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js
Frame ID: CC579EEAD4BDC2B70B52DF9C49104D24
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 178EC4E84B0AFEF2E10A610828D9F1BD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js
Frame ID: 950818AB2068CF1B560A8E6BE1F14A58
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4758D672010DBD1317EEB342882E64E5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js
Frame ID: AEAA8A7A9052E9B82ABCC1B8A18931C4
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Venda de Bens Penhorados das Finanças

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • (?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)
  • jquery\.prettyPhoto\.js

Page Statistics

107
Requests

67 %
HTTPS

52 %
IPv6

20
Domains

25
Subdomains

19
IPs

7
Countries

2057 kB
Transfer

3703 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESECxM1UXB-1it2huTYwxKJEE&google_cver=1&google_push=AXcoOmT0SZddOuXtpTCNlKoNik7w7cro1FipH6a9ALWEp7kXYpti6SS3Bzur0KT8urrAkq6EM7Vdqw2WyGNd8mB_QxTZ5wHqS5GuLRrd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUzMTkwMjEwODE5ODkzMTI4Nw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECxM1UXB-1it2huTYwxKJEE&google_cver=1
Request Chain 71
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBxnZlCH-4ElEXEOPTZVipQ&google_cver=1&google_push=AXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6vSsvLu&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6vSsvLu%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBxnZlCH-4ElEXEOPTZVipQ&google_cver=1&google_push=AXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6vSsvLu&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6vSsvLu%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 72
  • https://um.simpli.fi/gp_match?google_gid=CAESEJFgu52s1X__Mps3u9qU8Hg&google_cver=1&google_push=AXcoOmRQ8wG9JTXHWZCPjrvysTDPRpgy4Qd7505YlnqYXhwsx4m1MX-ueb01JmINqwMWZR1gb0cz23yEtUuEcjh9eVUbwXMZSFdEEWar HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6A291D552F234AB78CE9E202F7E7A02C&google_push=AXcoOmRQ8wG9JTXHWZCPjrvysTDPRpgy4Qd7505YlnqYXhwsx4m1MX-ueb01JmINqwMWZR1gb0cz23yEtUuEcjh9eVUbwXMZSFdEEWar
Request Chain 75
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPsEIIaHGSS6pxvLg41gnr0&google_cver=1&google_push=AXcoOmQWVRcDoM2hlvTYWH3N-m15TGSGjC9wKOPRzf1PUuB56u3WoloDYFWQlqvNAPsmbqaFmhewq_F87sYT9FyPiHk3ruq1kv_AWhE HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPsEIIaHGSS6pxvLg41gnr0&google_cver=1&google_push=AXcoOmQWVRcDoM2hlvTYWH3N-m15TGSGjC9wKOPRzf1PUuB56u3WoloDYFWQlqvNAPsmbqaFmhewq_F87sYT9FyPiHk3ruq1kv_AWhE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA3MzI2MjExNTQ1OTc4MTA2Mw&google_push=AXcoOmQWVRcDoM2hlvTYWH3N-m15TGSGjC9wKOPRzf1PUuB56u3WoloDYFWQlqvNAPsmbqaFmhewq_F87sYT9FyPiHk3ruq1kv_AWhE
Request Chain 79
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C3AhxRchoZar6AemZ7OsPxrye4AqaxcPFdNvgw6yBEur5hqCxGhABINPBzGNgleKQgqAHoAHElc2bKsgBCagDAcgDywSqBM8BT9D411Ys3tk2veXTCV7ew9h2UVK9TiHbO8K1BZTum57ovHG-QdyI4M1NlY8JCxuyMRH4NnzKkF-Y0Z9fF75w4MU8ZU6tUd5uPNjKP2XH-DDky0RenfASW2Ti3_Z--oxADI08yqS_rD9wfEY8L2kOjv-5g7tL84A-P8TFRgWJc7OMs6CNG8JFhd00OOra-1YkLnTDr8Ag1B2d2TpX9foQxQ6jFee19Be2ykE6k8TfAxblYnly2CaN_bxDLX7YwRrAy6G09DdNwf4wjOPSGBXRwASksu_D4QSIBbXa1JZNkgUECAQYAZIFBAgFGASgBi6AB8TNnfsEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQiugD0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljE7PTOoeyCA5oJrgFodHRwczovL3d3dy5oZWxwd2lyZS5jb20vYXJ0aWNsZXM_Y29udD1oZzEmcT1MYXcrZmlybStiaWxsaW5nK3NvZnR3YXJlJnNyYz1tZyZnY2g9VDAwMDEyMTQmdmlzaXRvcl9pZD0lN0JnY2xpZCU3RF9fX18lN0JwbGFjZW1lbnQlN0QmbGlua19rZXk9NTI1ZTM3YTlkYzAwODRmODFmMDMwZTU3MzA5YzQxNzSACgHICwGiDBQqEgoQ5LSxAu61sQK1uLECu7uxArgT5APYEwyIFAPQFQGAFwGyFxwKGggAEhRwdWItNzQ0MTkzNDExNjE3NjI3MRgA&sigh=5hwNcyOwI8Y&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNi1bX5lZz9bnKFQD-RT1XN_gky-f1BLFJtxS1GpmqrLop7qOtgc4BEjyhNlLKrcwXJcMnBIBy5xgB&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224954648161754984983%22,%22debug_reporting%22:true,%22destination%22:%22https://helpwire.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211332176580%22],%224%22:[%2211-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210588982033124491553%22}&andc=true
Request Chain 93
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBH4gm7lKML_sGPple9J-Vs&google_cver=1&google_push=AXcoOmR9RJczOoH83ChXDSdNFmOSQeDMJ4XBFyW-hc94VtQMUIM98jl8sAXWJ69JJm8UQxxD9YirKnCAW_mTDE1Ra80P1RcRFbHE4g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUzMTkwMjEwODE5ODkzMTI4Nw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBH4gm7lKML_sGPple9J-Vs&google_cver=1
Request Chain 94
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEF2r0GkRXfiG9Ehcj_MhEyM&google_cver=1&google_push=AXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BUxYdU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BUxYdU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF2r0GkRXfiG9Ehcj_MhEyM&google_cver=1&google_push=AXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BUxYdU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BUxYdU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 95
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEAbdn1JfkEU9-RTu6tuwcW0&google_cver=1&google_push=AXcoOmTD9WPH4ogYu9SVqYJ816uN_uovUl0rXGwfpclRvVkaqh77D4pbOie6tJ62Cz9tjGk1I--GhokhPjt0_sqj5eCWNwRsY3nb1A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTD9WPH4ogYu9SVqYJ816uN_uovUl0rXGwfpclRvVkaqh77D4pbOie6tJ62Cz9tjGk1I--GhokhPjt0_sqj5eCWNwRsY3nb1A&google_hm=gYqb9hLsRa-LotXlT4-NGkk
Request Chain 97
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEPlGRohLAzl5vex-rUyS5k&google_cver=1&google_push=AXcoOmQIxnmcjYb4mfOKi__dDwTHwt1jhUuEINhD4YUiJA4tAuLVrNIZXX7umm7GE8PmFn8wWndnPoYRpgUKM69yOa-0WEhGFpnwIw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQIxnmcjYb4mfOKi__dDwTHwt1jhUuEINhD4YUiJA4tAuLVrNIZXX7umm7GE8PmFn8wWndnPoYRpgUKM69yOa-0WEhGFpnwIw&google_hm=eS1ZeXBvTGlGRTJwRVhHa3dXdzhQLmhZRjZlS01XLjRZMn5B
Request Chain 99
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGz2bkL6-p1YMqwnmewTaVU&google_cver=1&google_push=AXcoOmSy_pKWsgjGe0dzIm0NN9qfM0XM6nRHP6ngqcr2FMtESYJV9k2qxfnQq5W2AusapFHItPgyfnNphrZoJ_QE8hXAW7OkpONM-O8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSy_pKWsgjGe0dzIm0NN9qfM0XM6nRHP6ngqcr2FMtESYJV9k2qxfnQq5W2AusapFHItPgyfnNphrZoJ_QE8hXAW7OkpONM-O8
Request Chain 104
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CHRSERchoZbu-AYG8gAPPxZmYDse74fxy9-qjnvkKro-4vdQ2EAEg08HMY2CV4pCCoAegAbSqyO8DyAEJqQI-vRN07VSyPqgDAcgDywSqBNgBT9AA8aHYCNvXgN2HzVF5FchB1jcaboG-AUDW4vJvEHjD51U4fgzE_ekJla1MHRZbml_IH_RbG6NJPisWpQ9nRisXkQNFRdVw0kWzpFN47zwI2hGmfZKEJQ8V-iM9u2lFeqlJRMVEY86suR71gwBI5ziH4ID41BY3Gs5dkeMb_Ql43yrpI-MFA1cyxmh1V2onnv4I2riVxJOX5TzdL9XR0WGCGyFctkz0n1rBzG6H7WytRT_Y-LyUO0cREwQyx9x5qQ-HEi_vfVboGluYrmLRLeL83giAZs_8wAS5ssq55AKIBcisi-EikgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7TVtxCoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCF1gTSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIu39M6h7IIDmgkYaHR0cHM6Ly93d3cubGVuc2F0aW9uLmRlgAoByAsBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxArgT5APYEwyIFALQFQGYFgGAFwGyFxwKGggAEhRwdWItNzQ0MTkzNDExNjE3NjI3MRgA&sigh=B5f5QpIQgno&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNG0fK0i4_PmyQ-0Mbx9TGGDlJcK4fPI5XzoES8EHeSuzePg3kfI-rIpzb80rxQ1Ay4vIPboJ6GAE&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213451901054381312762%22,%22debug_reporting%22:true,%22destination%22:%22https://lensation.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221039275316%22],%224%22:[%2211-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214946261242886804097%22}&andc=true

107 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
leiloesfinancas.com/
11 KB
11 KB
Document
General
Full URL
http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
939c781c4dc90a51b8de213be6f4217b0fed3def8412881ee7f82241a86953cb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
close
Content-Length
10789
Content-Type
text/html
Date
Thu, 30 Nov 2023 17:37:07 GMT
ETag
"5ac4f204-2a25"
Last-Modified
Wed, 04 Apr 2018 15:40:52 GMT
Server
nginx/1.12.2
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
151 KB
55 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
caabf67518fb946b780b8c2992984609f2d037576fa7b8744cf5c7de2ce063d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
55970
X-XSS-Protection
0
Server
cafe
ETag
12499261533008328120
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600
Timing-Allow-Origin
*
Expires
Thu, 30 Nov 2023 17:37:07 GMT
bootstrap.css
leiloesfinancas.com/css/
138 KB
139 KB
Stylesheet
General
Full URL
http://leiloesfinancas.com/css/bootstrap.css
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
c942686010e285633d77a24341c43850ccd6162fcc7e8281ae8a70c2921a9af5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-22936"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
141622
font-awesome.css
leiloesfinancas.com/fonts/font-awesome/css/
28 KB
28 KB
Stylesheet
General
Full URL
http://leiloesfinancas.com/fonts/font-awesome/css/font-awesome.css
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:56 GMT
Server
nginx/1.12.2
ETag
"5abb796c-704b"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
28747
style.css
leiloesfinancas.com/css/
11 KB
11 KB
Stylesheet
General
Full URL
http://leiloesfinancas.com/css/style.css
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
179ee19005026bab9f69ce52fed225c15f846d5cb2ddd1b8ad04f1499e574d77

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-2bc8"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
11208
prettyPhoto.css
leiloesfinancas.com/css/
19 KB
20 KB
Stylesheet
General
Full URL
http://leiloesfinancas.com/css/prettyPhoto.css
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
c629de9ada89b5f68c65bcfcbcb3a229f135f36f903e73325b58a9a04c74ed07

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-4d2d"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
19757
css
fonts.googleapis.com/
13 KB
1 KB
Stylesheet
General
Full URL
http://fonts.googleapis.com/css?family=Open+Sans:400,700,800,600,300
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6cd86c6340b87c80f3f60c6475619c1353eb3be682215500d67b78b3b935cd6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Thu, 30 Nov 2023 17:37:07 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Thu, 30 Nov 2023 17:37:07 GMT
modernizr.custom.js
leiloesfinancas.com/js/
0
0
Script
General
Full URL
http://leiloesfinancas.com/js/modernizr.custom.js
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Server
nginx/1.12.2
Connection
close
Content-Length
571
Content-Type
text/html
preloader.gif
leiloesfinancas.com/img/
4 KB
5 KB
Image
General
Full URL
http://leiloesfinancas.com/img/preloader.gif
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
3bf12b59b98704dce5fdfd3ded0cfcdfcabdee539dee8f000d272dfdd4c79a98

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:55 GMT
Server
nginx/1.12.2
ETag
"5abb796b-11db"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
4571
about.jpg
leiloesfinancas.com/img/
47 KB
47 KB
Image
General
Full URL
http://leiloesfinancas.com/img/about.jpg
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
39a07fe6ddf174bdf8c183d589da8f435a802f2341db30e4711a058264ccd03e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-bca7"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
48295
jquery.1.11.1.js
leiloesfinancas.com/js/
94 KB
94 KB
Script
General
Full URL
http://leiloesfinancas.com/js/jquery.1.11.1.js
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-17629"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
95785
bootstrap.js
leiloesfinancas.com/js/
66 KB
66 KB
Script
General
Full URL
http://leiloesfinancas.com/js/bootstrap.js
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
41af969ee00e8132a0040094db2b1a79a15b4d9b7e2bb485012970fdf7b5c455

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-107da"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
67546
SmoothScroll.js
leiloesfinancas.com/js/
13 KB
14 KB
Script
General
Full URL
http://leiloesfinancas.com/js/SmoothScroll.js
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
08d26d1914e042c874ab5b6fc8a857e73e9eb4180b63901570a3cacc1cf6e622

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-35e3"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
13795
jquery.prettyPhoto.js
leiloesfinancas.com/js/
22 KB
22 KB
Script
General
Full URL
http://leiloesfinancas.com/js/jquery.prettyPhoto.js
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
7d4adb5e9401f2d3c71467d1c2ab1a153e5b65fdc1d9f90ba7504fd700d7fac6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-562c"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
22060
jquery.isotope.js
leiloesfinancas.com/js/
44 KB
44 KB
Script
General
Full URL
http://leiloesfinancas.com/js/jquery.isotope.js
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
9d50c5116670be904f9c68558b5e40a9a167b08d8565268f06c80843c9835e99

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-ae71"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
44657
jquery.parallax.js
leiloesfinancas.com/js/
2 KB
2 KB
Script
General
Full URL
http://leiloesfinancas.com/js/jquery.parallax.js
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
800d1485b88577a6ff06c5af3e753433b52398c8e90d7f1e8d36f351e3995f59

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-723"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1827
jqBootstrapValidation.js
leiloesfinancas.com/js/
35 KB
36 KB
Script
General
Full URL
http://leiloesfinancas.com/js/jqBootstrapValidation.js
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
eb2978d7e1d56f151949778abaf673c6b0660aad3abc1e485b10e416894cb4d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-8d4b"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
36171
contact_me.js
leiloesfinancas.com/js/
3 KB
3 KB
Script
General
Full URL
http://leiloesfinancas.com/js/contact_me.js
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
a5a5a4bc8dc82bf80c23b9e98d6cee59a16a9197ef2d2ce25f9fa43a45dcc34b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-b1c"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
2844
main.js
leiloesfinancas.com/js/
3 KB
3 KB
Script
General
Full URL
http://leiloesfinancas.com/js/main.js
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
66d1e635446b81e17df574f071d835e5a46010434dac51077f16312c3e9b078e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-bdd"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
3037
intro-bg.jpg
leiloesfinancas.com/img/
156 KB
156 KB
Image
General
Full URL
http://leiloesfinancas.com/img/intro-bg.jpg
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/css/style.css
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
a13d0c4daecdb4cfaf9875bc1e146bc11b72b483a12195cb536fdc485a7fbe84

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-26e9e"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
159390
services-bg.jpg
leiloesfinancas.com/img/
80 KB
81 KB
Image
General
Full URL
http://leiloesfinancas.com/img/services-bg.jpg
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/css/style.css
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
7adfdfe31d45a8e01a56b74eb9965a4a2135b317099bdc63c2e231d68fd65ad7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-1414b"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
82251
fontawesome-webfont.woff2
leiloesfinancas.com/fonts/font-awesome/fonts/
55 KB
56 KB
Font
General
Full URL
http://leiloesfinancas.com/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/fonts/font-awesome/css/font-awesome.css
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer
http://leiloesfinancas.com/fonts/font-awesome/css/font-awesome.css
Origin
http://leiloesfinancas.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:56 GMT
Server
nginx/1.12.2
ETag
"5abb796c-ddcc"
Content-Type
application/octet-stream
Connection
close
Accept-Ranges
bytes
Content-Length
56780
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/
47 KB
48 KB
Font
General
Full URL
http://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,700,800,600,300
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://leiloesfinancas.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 15:44:13 GMT
X-Content-Type-Options
nosniff
Age
6774
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
48432
X-XSS-Protection
0
Last-Modified
Thu, 14 Sep 2023 00:40:31 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 29 Nov 2024 15:44:13 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/
397 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b858da456434225d9e2c9e3b8b5cb3ea75fb7fd4d79f00aa4bda8756738376d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:37:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137282
x-xss-protection
0
server
cafe
etag
9728698683305809927
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 17:37:07 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/ Frame 7D72
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://leiloesfinancas.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
86001
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 17:43:46 GMT
etag
12051592065903069241
expires
Wed, 13 Dec 2023 17:43:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 426A
236 KB
59 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&adk=2020088507&adf=637443794&lmt=1522856452&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1701365827473&bpp=2&bdt=87&idt=194&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4203965407633&frm=20&pv=2&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=210
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b21c21346ca5a7c9ec1f1cf5a599ef300ec1bd4dacde285a17e59043c20c2339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://leiloesfinancas.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
59889
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 17:37:08 GMT
expires
Thu, 30 Nov 2023 17:37:08 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
122 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=preloader&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 17:37:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
57 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=preloader&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 17:37:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
leiloes
195.201.124.227/LeiloesAPI/api.php/
47 KB
47 KB
XHR
General
Full URL
http://195.201.124.227/LeiloesAPI/api.php/leiloes?transform=1&filter=data_leilao,ge,2023/11/30
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 / PHP/5.4.16
Resource Hash
f146ff6ac66c7849db6f35786ef6517a4e2e63a1c2dc8d8e74e3a9ba48c4f316

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:08 GMT
Server
nginx/1.12.2
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://leiloesfinancas.com
Access-Control-Allow-Credentials
true
Connection
close
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231128&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
401bb80801cb33885602cb55a76f4ba462d06b37e10ea8ae692a9f4f09cc8052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:37:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12286
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/
160 KB
55 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1eee861586ec33f0318d6604c3cbcf9879e2dd4f7705f58c1df4177af853d98f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:37:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55848
x-xss-protection
0
server
cafe
etag
7292660813532387720
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 17:37:08 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3CAE
124 KB
42 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8b1198c325007cee162dc6f3eb6c5b0194f35f073fdff938fe0e0465a11ac41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://leiloesfinancas.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42527
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 17:37:09 GMT
expires
Thu, 30 Nov 2023 17:37:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6408
122 KB
41 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
660748eda41a229748847270b9135bc58aea798a68e3cb34619715c047336c70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://leiloesfinancas.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42340
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 17:37:09 GMT
expires
Thu, 30 Nov 2023 17:37:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F2B2
733 B
385 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=203374720&adf=3978676269&pi=t.aa~a.2674988853~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1140x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=2652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
60b99f13fd4a5c1826fbc83dd8209f6c92c3fccf834238078e031f689d333738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://leiloesfinancas.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
360
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 17:37:09 GMT
expires
Thu, 30 Nov 2023 17:37:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BC79
733 B
386 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=2896271574&pi=t.aa~a.1338058185~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=0&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1140x280&nras=5&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db69ea4ed47f5e79aab92365cb35aa72ba4ce447100965c200795059d29bf4ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://leiloesfinancas.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
361
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 17:37:09 GMT
expires
Thu, 30 Nov 2023 17:37:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7044
733 B
383 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=3526253708&pi=t.aa~a.816752825~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1140x280%2C1200x280&nras=6&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
639c6bb2d4729d9196b06b310edf06fbe4bad998ce91c74e1283e76e3d1ed9d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://leiloesfinancas.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
358
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 17:37:09 GMT
expires
Thu, 30 Nov 2023 17:37:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 17:37:09 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/ Frame E57E
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://leiloesfinancas.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
61587
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 00:30:42 GMT
etag
12051592065903069241
expires
Thu, 14 Dec 2023 00:30:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame E57E
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Nov 2023 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 16:29:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Nov 2023 17:37:09 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E57E
205 B
296 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:28:44 GMT
x-content-type-options
nosniff
age
86905
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 28 Nov 2024 17:28:44 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E57E
604 B
1 KB
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:39:41 GMT
x-content-type-options
nosniff
age
82648
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 28 Nov 2024 18:39:41 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/ Frame E57E
16 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:55:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
70886
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6758
x-xss-protection
0
server
cafe
etag
13232977368472197749
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:55:43 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/ Frame E57E
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c62cf063fdcf1a931187196cbbc50783ff4c9a5fbcf55ba058c77aaf28ca28b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:55:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
70886
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9188
x-xss-protection
0
server
cafe
etag
17726137969773036382
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:55:43 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B9B0
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://leiloesfinancas.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
14721
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 13:31:48 GMT
expires
Fri, 29 Nov 2024 13:31:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B16D
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
13a49ce9a4039220071f76fa220adc75ce8cc84064a952876401bff64c23a5a7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aEubT6qd9Nd5xa56-bFFZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://leiloesfinancas.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-aEubT6qd9Nd5xa56-bFFZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 17:37:09 GMT
expires
Thu, 30 Nov 2023 17:37:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js
pagead2.googlesyndication.com/bg/ Frame B9B0
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 13:31:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
14720
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15254
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Nov 2024 13:31:49 GMT
38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js
www.gstatic.com/mysidia/ Frame B440
9 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 14:04:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
531160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4046
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 22 Feb 2024 14:04:29 GMT
7d372031074aa956156fdf66de49b945.js
www.gstatic.com/mysidia/ Frame B440
144 KB
53 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/7d372031074aa956156fdf66de49b945.js?tag=video_mra/web_interstitial_raspberry_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
122b116a6724299f61531803a1c77758b73d96c4b975e6bad3cf57a611693fa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:14:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
580955
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54135
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 22 Feb 2024 00:14:34 GMT
css
fonts.googleapis.com/ Frame B440
21 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C600
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Nov 2023 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 16:33:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Nov 2023 17:37:09 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame B440
2 KB
822 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:53:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
71030
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:53:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/ Frame B440
24 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:53:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
71048
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:53:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame B440
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 13:10:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
15992
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 13:10:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame B440
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:51:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
71110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:51:59 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B440
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Nov 2023 17:37:09 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame B440
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 10:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
199674
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 10:09:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B16D
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231128&jk=932257012118522&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame B9B0
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?P927Yw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:37:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js
pagead2.googlesyndication.com/bg/ Frame CC57
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eb4e63b89c3a63555afd424180e8f44f0d362dc5e8c5edacbab9c035706b363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:19:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
227875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15224
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 02:19:14 GMT
css
fonts.googleapis.com/ Frame 3CAE
4 KB
655 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Nov 2023 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 16:30:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Nov 2023 17:37:09 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 3CAE
2 KB
822 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:53:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
71030
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:53:19 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/13745123224176964170/ Frame 3CAE
174 KB
174 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13745123224176964170/14763004658117789537
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b006442e7c69aed587f4cb3a26f8831c0941dd7e291392f1e51cb36a8a61333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:16:55 GMT
x-content-type-options
nosniff
age
184814
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177884
x-xss-protection
0
last-modified
Sun, 29 Oct 2023 08:17:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 27 Nov 2024 14:16:55 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/10345164013127454634/ Frame 3CAE
1 KB
1 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/10345164013127454634/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfdaac1471892b9227870749fb27101ec5a63f74d5ceb7c0d404a7fec1e7ccb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 14:14:31 GMT
x-content-type-options
nosniff
age
98558
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1218
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 10:50:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 28 Nov 2024 14:14:31 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/ Frame 3CAE
24 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:53:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
71048
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:53:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 3CAE
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 13:10:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
15992
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 13:10:37 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 178E
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4739
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 16:18:10 GMT
etag
48472445140208031
expires
Fri, 01 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 3CAE
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:51:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
71110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:51:59 GMT
l
www.google.com/ads/measurement/ Frame 3CAE
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdbIK7crjbPuFQSZgPCJIRhUCHHchjzuYaZMQHhFtUoy9bGHNe3Z8mLCTGQggl_M2Er71nvDm0ONjt6Q_GJJ_sNnwmfQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3CAE
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Nov 2023 17:37:09 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 3CAE
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 10:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
199674
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 10:09:15 GMT
truncated
/ Frame 3CAE
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42d336001666b35f678b69b1e129c3a708cc3574870b3750284724418fe2475f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 178E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESECxM1UXB-1it2huTYwxKJEE&google_cver=1&google_push=AXcoOmT0SZddOuXtpTCNlKoNik7w7cro1FipH6a9ALWEp7kXYpti6SS3Bzur0KT8urrAkq6EM7Vdqw2WyGNd8mB_QxTZ5wHqS5GuLRrd
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUzMTkwMjEwODE5ODkzMTI4Nw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECxM1UXB-1it2huTYwxKJEE&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECxM1UXB-1it2huTYwxKJEE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 30 Nov 2023 17:37:09 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 30 Nov 2023 17:37:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECxM1UXB-1it2huTYwxKJEE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 178E
35 B
465 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELmcsidfpvy5fU7i3nsQLJQ&google_cver=1&google_push=AXcoOmSp-ttVHxjjS7X7QUNLct0r42yrqbHiZT6EN1yz_6fmyMkoHF7dgRaiyp9XndYvIlrTwAYJLRezF-PpfecfTjYxjwI56LAxHKHe
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 17:37:09 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 178E
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBxnZlCH-4ElEXEOPTZVipQ&google_cver=1&google_push=AXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6vSs...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBxnZlCH-4ElEXEOPTZVipQ&google_cver=1&google_push=AXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6v...
43 B
434 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBxnZlCH-4ElEXEOPTZVipQ&google_cver=1&google_push=AXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6vSsvLu&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6vSsvLu%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 17:37:10 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82e4db55194a39be-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 30 Nov 2023 17:37:09 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
186
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBxnZlCH-4ElEXEOPTZVipQ&google_cver=1&google_push=AXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6vSsvLu&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6vSsvLu%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82e4db53ffe239be-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 178E
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJFgu52s1X__Mps3u9qU8Hg&google_cver=1&google_push=AXcoOmRQ8wG9JTXHWZCPjrvysTDPRpgy4Qd7505YlnqYXhwsx4m1MX-ueb01JmINqwMWZR1gb0cz23yEtUuEcjh9eVUbwXMZSFdEEWar
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6A291D552F234AB78CE9E202F7E7A02C&google_push=AXcoOmRQ8wG9JTXHWZCPjrvysTDPRpgy4Qd7505YlnqYXhwsx4m1MX-ueb01JmINqwMWZR1gb0cz23yEtUuEcjh...
170 B
330 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6A291D552F234AB78CE9E202F7E7A02C&google_push=AXcoOmRQ8wG9JTXHWZCPjrvysTDPRpgy4Qd7505YlnqYXhwsx4m1MX-ueb01JmINqwMWZR1gb0cz23yEtUuEcjh9eVUbwXMZSFdEEWar
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H2
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 17:37:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 30 Nov 2023 17:37:09 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6A291D552F234AB78CE9E202F7E7A02C&google_push=AXcoOmRQ8wG9JTXHWZCPjrvysTDPRpgy4Qd7505YlnqYXhwsx4m1MX-ueb01JmINqwMWZR1gb0cz23yEtUuEcjh9eVUbwXMZSFdEEWar
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 29 Nov 2023 17:37:09 GMT
google
match.adsrvr.org/track/cmf/ Frame 178E
70 B
150 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEA8uUTa_fbspfK8-xfofIjw&google_cver=1&google_push=AXcoOmRnYrWbn3nvX8QUvac5ACw7EqGd8oHCFUOg-atK3dBfX2JM2jZ40zeaU5tZq9p8NNg9kDS9EASsqycajWNNOZ2zO80G-A3_WAw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:37:09 GMT
server
Kestrel
content-length
70
content-type
image/gif
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 178E
0
174 B
Image
General
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIUaFgU7gP6Nw2WtTvyNoPM&google_cver=1&google_push=AXcoOmQ_zMVAq7Dfsw5QF1SFZTB3uhtj3_8H4VEIir1m5fvzAS2gh8qviwSFvWNsrBqFSvHSd_MS7EEkwALznYgABG5ZJiqjRCwXizRp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:37:09 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 178E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPsEIIaHGSS6pxvLg41gnr0&google_cver=1&google_push=AXcoOmQWVRcDoM2hlvTYWH3N-m15TGSGjC9wKOPRzf1PUuB56u3WoloDYFWQlqvNAPsmbqaFmhewq_F8...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPsEIIaHGSS6pxvLg41gnr0&google_cver=1&google_push=AXcoOmQWVRcDoM2hlvTYWH3N-m15TGSGjC9wKOPRzf1PUuB56u3WoloDYFWQlqvNAPsmbqaFmhe...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA3MzI2MjExNTQ1OTc4MTA2Mw&google_push=AXcoOmQWVRcDoM2hlvTYWH3N-m15TGSGjC9wKOPRzf1PUuB56u3WoloDYFWQlqvNAPsmbqaFmhewq_...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA3MzI2MjExNTQ1OTc4MTA2Mw&google_push=AXcoOmQWVRcDoM2hlvTYWH3N-m15TGSGjC9wKOPRzf1PUuB56u3WoloDYFWQlqvNAPsmbqaFmhewq_F87sYT9FyPiHk3ruq1kv_AWhE
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 17:37:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 30 Nov 2023 17:37:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA3MzI2MjExNTQ1OTc4MTA2Mw&google_push=AXcoOmQWVRcDoM2hlvTYWH3N-m15TGSGjC9wKOPRzf1PUuB56u3WoloDYFWQlqvNAPsmbqaFmhewq_F87sYT9FyPiHk3ruq1kv_AWhE
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 178E
0
140 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LFdPkQMBYJfLdZ4Dur3M8IC6ARntcFYoDz6qev6sUNytmTE47BbxOaPgvm5N_IPTMX4hfX
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:37:09 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3CAE
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 08:19:38 GMT
x-content-type-options
nosniff
age
465451
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 08:19:38 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3CAE
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 13:37:09 GMT
x-content-type-options
nosniff
age
446400
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 13:37:09 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 3CAE
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C3AhxRchoZar6AemZ7OsPxrye4AqaxcPFdNvgw6yBEur5hqCxGhABINPBzGNgleKQgqAHoAHElc2bKsgBCagDAcgDywSqBM8BT9D411Ys3tk2veXTCV7ew9h2UVK9TiHbO8K1BZTum57ovHG...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224954648161754984983%22,%22debug_reporting%22:true,%22destination%22:%22https://helpwire.com%22,%22event_report_window%22:%...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224954648161754984983%22,%22debug_reporting%22:true,%22destination%22:%22https://helpwire.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211332176580%22],%224%22:[%2211-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210588982033124491553%22}&andc=true
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:37:10 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"4954648161754984983","debug_reporting":true,"destination":"https://helpwire.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11332176580"],"4":["11-30"],"6":["true"]},"priority":"500","source_event_id":"10588982033124491553"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 30 Nov 2023 17:37:10 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 30 Nov 2023 17:37:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4954648161754984983","debug_reporting":true,"destination":"https://helpwire.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11332176580"],"4":["11-30"],"6":["true"]},"priority":"500","source_event_id":"10588982033124491553"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js
pagead2.googlesyndication.com/bg/ Frame 9508
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eb4e63b89c3a63555afd424180e8f44f0d362dc5e8c5edacbab9c035706b363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:19:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
227875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15224
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 02:19:14 GMT
css
fonts.googleapis.com/ Frame 6408
4 KB
655 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Nov 2023 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 16:28:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Nov 2023 17:37:09 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 6408
2 KB
822 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:53:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
71030
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:53:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/ Frame 6408
24 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:53:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
71048
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:53:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 6408
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 13:10:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
15992
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 13:10:37 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4758
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4739
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 16:18:10 GMT
etag
48472445140208031
expires
Fri, 01 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 6408
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:51:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
71110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:51:59 GMT
l
www.google.com/ads/measurement/ Frame 6408
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRblP-YptiCBjzb74pdadNlVA1IYsUCBcFh_pdRKP8TDyNqujz0kotLak7-K66_S2dF6R1hEX6kosP5Q-tmRM2nCWMJNA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6408
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Nov 2023 17:37:09 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 6408
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 10:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
199674
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 10:09:15 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/17725521996851891527/ Frame 6408
24 KB
24 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/17725521996851891527/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9ea472727054d04fac60a4545bceaf2918cda50c57d2e0da6923e4a6ca6dfce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 12:05:35 GMT
x-content-type-options
nosniff
age
19894
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24315
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 01:10:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 29 Nov 2024 12:05:35 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/6501730898157348517/ Frame 6408
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/6501730898157348517/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f61455a4f3be1147f7c84264c10e68d780245e4cc3e9d77147623e39fa2a82a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:26:49 GMT
x-content-type-options
nosniff
age
87020
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3423
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 06:42:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 28 Nov 2024 17:26:49 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224954648161754984983%22,%22debug_reporting%22:true,%22destination%22:%22https://helpwire.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211332176580%22],%224%22:[%2211-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210588982033124491553%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 30 Nov 2023 17:37:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4758
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBH4gm7lKML_sGPple9J-Vs&google_cver=1&google_push=AXcoOmR9RJczOoH83ChXDSdNFmOSQeDMJ4XBFyW-hc94VtQMUIM98jl8sAXWJ69JJm8UQxxD9YirKnCAW_mTDE1Ra80P1RcRFbHE4g
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUzMTkwMjEwODE5ODkzMTI4Nw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBH4gm7lKML_sGPple9J-Vs&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBH4gm7lKML_sGPple9J-Vs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 30 Nov 2023 17:37:09 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 30 Nov 2023 17:37:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBH4gm7lKML_sGPple9J-Vs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 4758
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEF2r0GkRXfiG9Ehcj_MhEyM&google_cver=1&google_push=AXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BUxY...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF2r0GkRXfiG9Ehcj_MhEyM&google_cver=1&google_push=AXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BU...
43 B
397 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF2r0GkRXfiG9Ehcj_MhEyM&google_cver=1&google_push=AXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BUxYdU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BUxYdU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 17:37:10 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82e4db560ab839be-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 30 Nov 2023 17:37:10 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
185
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF2r0GkRXfiG9Ehcj_MhEyM&google_cver=1&google_push=AXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BUxYdU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BUxYdU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82e4db54f91439be-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4758
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEAbdn1JfkEU9-RTu6tuwcW0&google_cver=1&google_push=AXcoOmTD9WPH4ogYu9SVqYJ816uN_uovUl0rXGwfpclRvVkaqh77D4pbOie6tJ62Cz9tjGk1I--Ghok...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTD9WPH4ogYu9SVqYJ816uN_uovUl0rXGwfpclRvVkaqh77D4pbOie6tJ62Cz9tjGk1I--GhokhPjt0_sqj5eCWNwRsY3nb1A&google_hm=gYqb9hLsRa-LotX...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTD9WPH4ogYu9SVqYJ816uN_uovUl0rXGwfpclRvVkaqh77D4pbOie6tJ62Cz9tjGk1I--GhokhPjt0_sqj5eCWNwRsY3nb1A&google_hm=gYqb9hLsRa-LotXlT4-NGkk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 17:37:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 30 Nov 2023 17:37:09 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTD9WPH4ogYu9SVqYJ816uN_uovUl0rXGwfpclRvVkaqh77D4pbOie6tJ62Cz9tjGk1I--GhokhPjt0_sqj5eCWNwRsY3nb1A&google_hm=gYqb9hLsRa-LotXlT4-NGkk
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 4758
43 B
147 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEG9mc1UbcGFg9mm4bKSSSNY&google_cver=1&google_push=AXcoOmSqigCjc2EVNgUmQQub5XOgGu9zeVz1_tv8MI1xKOX1PDeyTTt7GICjCKL6E7C5zPSYrktWVsBVihWaQbny6cQubmSm1avwPAY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.82.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-82-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:37:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 4758
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEPlGRohLAzl5vex-rUyS5k&google_cver=1&google_push=AXcoOmQIxnmcjYb4mfOKi__dDwTHwt1jhUuEINhD4YUiJA4tAuLVrNIZXX7umm7GE8PmFn8wWndnPoYRpgUKM69yOa-0WEh...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQIxnmcjYb4mfOKi__dDwTHwt1jhUuEINhD4YUiJA4tAuLVrNIZXX7umm7GE8PmFn8wWndnPoYRpgUKM69yOa-0WEhGFpnwIw&google_hm=eS1ZeXBvTGlGRTJwRVhH...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQIxnmcjYb4mfOKi__dDwTHwt1jhUuEINhD4YUiJA4tAuLVrNIZXX7umm7GE8PmFn8wWndnPoYRpgUKM69yOa-0WEhGFpnwIw&google_hm=eS1ZeXBvTGlGRTJwRVhHa3dXdzhQLmhZRjZlS01XLjRZMn5B
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 17:37:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 30 Nov 2023 17:37:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQIxnmcjYb4mfOKi__dDwTHwt1jhUuEINhD4YUiJA4tAuLVrNIZXX7umm7GE8PmFn8wWndnPoYRpgUKM69yOa-0WEhGFpnwIw&google_hm=eS1ZeXBvTGlGRTJwRVhHa3dXdzhQLmhZRjZlS01XLjRZMn5B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 4758
43 B
363 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT-_tuo1xYtH6MTZL7ZdwrktUR3kTXtjlzRYiS74FQird1PX8ANAgrSmsDJCO3agchB6qW6IT6rUx9gjtAuGyXLWii0wiThHOA&google_gid=CAESEEKMj1C3pmHprzIPY9DXtrc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 17:37:09 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
190968
expires
Thu, 30 Nov 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4758
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGz2bkL6-p1YMqwnmewTaVU&google_cver=1&google_push=AXcoOmSy_pKWsgjGe0dzIm0NN9qfM0XM6nRHP6ngqcr2FMtESYJV9k2qxfnQq5W2AusapFHItPgyfnNphrZo...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSy_pKWsgjGe0dzIm0NN9qfM0XM6nRHP6ngqcr2FMtESYJV9k2qxfnQq5W2AusapFHItPgyfnNphrZoJ_QE8hXAW7OkpONM-O8
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSy_pKWsgjGe0dzIm0NN9qfM0XM6nRHP6ngqcr2FMtESYJV9k2qxfnQq5W2AusapFHItPgyfnNphrZoJ_QE8hXAW7OkpONM-O8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 17:37:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSy_pKWsgjGe0dzIm0NN9qfM0XM6nRHP6ngqcr2FMtESYJV9k2qxfnQq5W2AusapFHItPgyfnNphrZoJ_QE8hXAW7OkpONM-O8
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 4758
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KdyuakIAgVTH2wGmLqRT52MIXf9X1cAVDD0IZyoBuDBjwPbEY0U1Cd-J_oJ4nW7UFAEQiH
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:37:09 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 6408
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a247c3fed9b7632b4259e3c7dec617b6557a2c2d571fc65752574a102001f55d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6408
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 08:19:38 GMT
x-content-type-options
nosniff
age
465451
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 08:19:38 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6408
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 13:37:09 GMT
x-content-type-options
nosniff
age
446400
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 13:37:09 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 6408
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CHRSERchoZbu-AYG8gAPPxZmYDse74fxy9-qjnvkKro-4vdQ2EAEg08HMY2CV4pCCoAegAbSqyO8DyAEJqQI-vRN07VSyPqgDAcgDywSqBNgBT9AA8aHYCNvXgN2HzVF5FchB1jcaboG-AUD...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213451901054381312762%22,%22debug_reporting%22:true,%22destination%22:%22https://lensation.de%22,%22event_report_window%22:...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213451901054381312762%22,%22debug_reporting%22:true,%22destination%22:%22https://lensation.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221039275316%22],%224%22:[%2211-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214946261242886804097%22}&andc=true
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:37:10 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"13451901054381312762","debug_reporting":true,"destination":"https://lensation.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1039275316"],"4":["11-30"],"6":["true"]},"priority":"500","source_event_id":"14946261242886804097"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 30 Nov 2023 17:37:10 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 30 Nov 2023 17:37:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13451901054381312762","debug_reporting":true,"destination":"https://lensation.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1039275316"],"4":["11-30"],"6":["true"]},"priority":"500","source_event_id":"14946261242886804097"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js
pagead2.googlesyndication.com/bg/ Frame AEAA
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eb4e63b89c3a63555afd424180e8f44f0d362dc5e8c5edacbab9c035706b363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:19:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
227875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15224
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 02:19:14 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213451901054381312762%22,%22debug_reporting%22:true,%22destination%22:%22https://lensation.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221039275316%22],%224%22:[%2211-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214946261242886804097%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 30 Nov 2023 17:37:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231128&jk=932257012118522&bg=!3t2l3ZLNAAaGYW-ApmE7ADQBe5WfOJkz1pj3Alzp2ZMRGoFmxKBKCD3ueqPoDMHefutB_lY1lBmyKlgMlEJD3YC-i0uwAgAAAFpSAAAAAmgBB5kCxD1k289YADZ55nxhx99yL2RKKA9OUv67NFZB5hKsl9-pI9vq0pVilysNeyvOT7bh5xh9nHnWquBtmE_RYM1VZj85e-zT3wqyFC1joRaryHjTqwCg9G2XdnSJ5peo_NpS9QqdTUIYTH0UL52odauAFxmZLAIbvH4VNxY4aBDU2eKoIVMfZPouqqlpmDPaZ_N5V75et2_J_zRtKa3jX0MMJ6MieBB_nClAdfRyiWaQ3sRibKuvyj719SMt_pT5mcV1wIUKiE2CJJD-BNdzPxIHAYzvE9GFLsFp5OSoDd_jBnYPyZC3vBf8M43FAaGbhn9mwhvaUOLpYMjDQdbpZOai2v5bJEjUyy--4XPE3KSawE_T3AU8TcHctC2-JDURE-KgPs5sdQg3DFo2TlKbPaGyFYSP_0e1sOJWzjjXaM3t5mnMp0BgkjCjLWON1wviiQ0XyD8ZFzJPzjB1CmVAiZRJPm7cYB4rhc44wKnJjefTzkU9O9j6kGNpJRUxvQpC6TTvKhzdUl3aKrkrUADwNV_ir3kDythSrw7_edTTuhJoqu9NaGKacwf1AC9EH0ITPFDZPYbUJBcA0RcFk3dB4TdKkc2A_71szdC3HbMpqLX050z4v30KcSzMgCIOyktY8-5EeUCGnDCnVrCzxWMvggFBHtRiXVy-HjEzCQ73VpMyiKeUcskVC6ueP-PvtHDbk2CQ4q7__ZB9Fmyy3MDodatE24FeMc5yTn699QBHirf6yIb_K2jQWY_DKeoOtm2h4-GVswvvn2Q71fDo_rZyzNKeEj_R5rc4ADmpX0LlTDMgjuTMggzNc8v-vOdZxRTl8kF6qfw8byQW9d4857GsKDT_8xaQaKeOwn-I6bp_hZnrG3b1Tw4-nyAeb8RmHf7y3MbbJN1xd3OZCeuoQYLv5_Hm_MNsVCUKENMaa4dv4Dv3NPYcyCj2Jg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| adsbygoogle function| $ function| jQuery object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| jQuery111109680725970759625 boolean| pp_alreadyInitialized object| Modernizr function| autorun function| main boolean| doresize object| scroll_pos boolean| hashtag function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| GoogleGcLKhOms object| googletag

15 Cookies

Domain/Path Name / Value
.leiloesfinancas.com/ Name: __gads
Value: ID=7fd15fa361dfc858:T=1701365828:RT=1701365828:S=ALNI_MYjsYJFwKemt6hmIbVH-kCamVSsSQ
.leiloesfinancas.com/ Name: __gpi
Value: UID=00000ce1e7ae4607:T=1701365828:RT=1701365828:S=ALNI_MY0WVjevbXQ1fSZyxPIkhtDpLFCbg
.blismedia.com/ Name: b
Value: 6568C8459C7B10962060F442BLIS
.quantserve.com/ Name: d
Value: EHQBCQHGKoEA
.quantserve.com/ Name: mc
Value: 6568c845-be1de-a0239-478ae
.simpli.fi/ Name: suid
Value: 6A291D552F234AB78CE9E202F7E7A02C
.turn.com/ Name: uid
Value: 7531902108198931287
.adform.net/ Name: C
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUk2GWIxMWcQ-JbM_GMV6aWVqZPH5FOb2tvM12UM-_bVYjEBnDpgqj5MS0JgOlE
.adform.net/ Name: uid
Value: 6073262115459781063
.ctnsnet.com/ Name: cid_818a9bf612ec45af8ba2d5e54f8f8d1a
Value: 1
.ctnsnet.com/ Name: gid_CAESEAbdn1JfkEU9-RTu6tuwcW0
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBEXIaGUCEFlpP3sS7DiesUUUVX7GR3IFEgEBAQEZamVyZQAAAAAA_eMAAA&S=AQAAAnAvjsKsXeDN92S1VfDAYPY
.googleadservices.com/ Name: ar_debug
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: aintuJt3er66AxvPBQpBmoT4SrlO3wEtymVm3B1iMUwrQ8DbDwOTmqY5aZaaraxNZc93NYGLXUkjYqZbpqVeIuvEXVZc

1 Console Messages

Source Level URL
Text
network error URL: http://leiloesfinancas.com/js/modernizr.custom.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ipac.ctnsnet.com
leiloesfinancas.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
r.turn.com
s.tribalfusion.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.184.226
172.217.16.194
178.250.1.9
195.201.124.227
2001:678:cb4:bbbb::11
2606:4700::6812:19ad
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:800::2004
2a00:1450:4001:808::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a05:d018:d29:3602:1c33:a9c0:1eba:a0fe
3.33.220.150
3.66.82.152
34.96.105.8
35.186.193.173
35.204.158.49
37.157.6.254
51.89.9.251
017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7
08d26d1914e042c874ab5b6fc8a857e73e9eb4180b63901570a3cacc1cf6e622
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
122b116a6724299f61531803a1c77758b73d96c4b975e6bad3cf57a611693fa0
13a49ce9a4039220071f76fa220adc75ce8cc84064a952876401bff64c23a5a7
179ee19005026bab9f69ce52fed225c15f846d5cb2ddd1b8ad04f1499e574d77
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1b006442e7c69aed587f4cb3a26f8831c0941dd7e291392f1e51cb36a8a61333
1eee861586ec33f0318d6604c3cbcf9879e2dd4f7705f58c1df4177af853d98f
24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
39a07fe6ddf174bdf8c183d589da8f435a802f2341db30e4711a058264ccd03e
3b858da456434225d9e2c9e3b8b5cb3ea75fb7fd4d79f00aa4bda8756738376d
3bf12b59b98704dce5fdfd3ded0cfcdfcabdee539dee8f000d272dfdd4c79a98
401bb80801cb33885602cb55a76f4ba462d06b37e10ea8ae692a9f4f09cc8052
41af969ee00e8132a0040094db2b1a79a15b4d9b7e2bb485012970fdf7b5c455
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42d336001666b35f678b69b1e129c3a708cc3574870b3750284724418fe2475f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb4e63b89c3a63555afd424180e8f44f0d362dc5e8c5edacbab9c035706b363
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60b99f13fd4a5c1826fbc83dd8209f6c92c3fccf834238078e031f689d333738
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
639c6bb2d4729d9196b06b310edf06fbe4bad998ce91c74e1283e76e3d1ed9d7
660748eda41a229748847270b9135bc58aea798a68e3cb34619715c047336c70
66d1e635446b81e17df574f071d835e5a46010434dac51077f16312c3e9b078e
6cd86c6340b87c80f3f60c6475619c1353eb3be682215500d67b78b3b935cd6d
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f
7adfdfe31d45a8e01a56b74eb9965a4a2135b317099bdc63c2e231d68fd65ad7
7d4adb5e9401f2d3c71467d1c2ab1a153e5b65fdc1d9f90ba7504fd700d7fac6
800d1485b88577a6ff06c5af3e753433b52398c8e90d7f1e8d36f351e3995f59
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
939c781c4dc90a51b8de213be6f4217b0fed3def8412881ee7f82241a86953cb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9d50c5116670be904f9c68558b5e40a9a167b08d8565268f06c80843c9835e99
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a13d0c4daecdb4cfaf9875bc1e146bc11b72b483a12195cb536fdc485a7fbe84
a247c3fed9b7632b4259e3c7dec617b6557a2c2d571fc65752574a102001f55d
a5a5a4bc8dc82bf80c23b9e98d6cee59a16a9197ef2d2ce25f9fa43a45dcc34b
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b21c21346ca5a7c9ec1f1cf5a599ef300ec1bd4dacde285a17e59043c20c2339
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e
c629de9ada89b5f68c65bcfcbcb3a229f135f36f903e73325b58a9a04c74ed07
c62cf063fdcf1a931187196cbbc50783ff4c9a5fbcf55ba058c77aaf28ca28b2
c942686010e285633d77a24341c43850ccd6162fcc7e8281ae8a70c2921a9af5
caabf67518fb946b780b8c2992984609f2d037576fa7b8744cf5c7de2ce063d0
cfdaac1471892b9227870749fb27101ec5a63f74d5ceb7c0d404a7fec1e7ccb6
db69ea4ed47f5e79aab92365cb35aa72ba4ce447100965c200795059d29bf4ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e9ea472727054d04fac60a4545bceaf2918cda50c57d2e0da6923e4a6ca6dfce
eb2978d7e1d56f151949778abaf673c6b0660aad3abc1e485b10e416894cb4d5
f146ff6ac66c7849db6f35786ef6517a4e2e63a1c2dc8d8e74e3a9ba48c4f316
f61455a4f3be1147f7c84264c10e68d780245e4cc3e9d77147623e39fa2a82a9
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f8b1198c325007cee162dc6f3eb6c5b0194f35f073fdff938fe0e0465a11ac41