leiloesfinancas.com Open in urlscan Pro
195.201.124.227 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://leiloesfinancas.com/
Submission: On November 30 via api (November 30th 2023, 5:37:12 pm UTC) from US — Scanned from DE

Summary HTTP 107 Redirects Links 123 Behaviour Indicators

Summary

This website contacted 19 IPs in 7 countries across 20 domains to perform 107 HTTP transactions. The main IP is 195.201.124.227, located in Germany and belongs to HETZNER-AS, DE. The main domain is leiloesfinancas.com.

This is the only time leiloesfinancas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	195.201.124.227 195.201.124.227	24940 (HETZNER-AS) (HETZNER-AS)
14	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2 10	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 9	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
2 4	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
4	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	3.66.82.152 3.66.82.152	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:1c33:a9c0:1eba:a0fe	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
107	19

21 195.201.124.227 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.227.124.201.195.clients.your-server.de

leiloesfinancas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
195.201.124.227	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.184.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:19ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.254 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.82.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-82-152.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:1c33:a9c0:1eba:a0fe (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	606 KB
20	leiloesfinancas.com leiloesfinancas.com	836 KB
19	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	153 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	215 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	5 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	2 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	191 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 714	388 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	363 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	717 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	147 B
1	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 4999	611 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1618	174 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	150 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	717 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 749	465 B
107	20

	Domain	Requested by
21	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
20	leiloesfinancas.com	leiloesfinancas.com
14	pagead2.googlesyndication.com	leiloesfinancas.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
10	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com
9	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	leiloesfinancas.com googleads.g.doubleclick.net
4	www.googleadservices.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	s.tribalfusion.com
2	a.tribalfusion.com	2 redirects
2	r.turn.com	googleads.g.doubleclick.net
2	ad.turn.com	2 redirects
1	onetag-sys.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	ipac.ctnsnet.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
107	25

This site contains links to these domains. Also see Links.

Domain
vendas.portaldasfinancas.gov.pt
www.facebook.com
www.templatewire.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh

This page contains 17 frames:

Primary Page: http://leiloesfinancas.com/
Frame ID: 4C1226E71B9AC0CE010238394F024936
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/zrt_lookup_fy2021.html
Frame ID: 7D7243990CC8A6492C0668FEE7C31CF1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&adk=2020088507&adf=637443794&lmt=1522856452&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1701365827473&bpp=2&bdt=87&idt=194&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4203965407633&frm=20&pv=2&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=210
Frame ID: 426A3CDCF56F3CE15B65B601E66E6562
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Frame ID: 3CAE622F07E1987D8FB28DE11ADDB75C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Frame ID: 64085E424BC7CD70B83BFB9F3EA2D405
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=203374720&adf=3978676269&pi=t.aa~a.2674988853~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1140x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=2652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=7
Frame ID: F2B2659715BE8DFAF2BE269D1D82EE32
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=2896271574&pi=t.aa~a.1338058185~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=0&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1140x280&nras=5&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=9
Frame ID: BC79E6E7D7B03AB5203EC23D9181F0F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=3526253708&pi=t.aa~a.816752825~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1140x280%2C1200x280&nras=6&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=11
Frame ID: 704487936CF2343F3B2CDC828DB4D089
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: E57EF5FB5A1981A5DA784AEF13268853
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B9B02B845B5C9A3DA64E2EB6C2BFAAD2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B16DEFABDD7739503D5ED10515BBD68C
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Frame ID: B440D042AC86FD32EEF065C8388F3BA3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js
Frame ID: CC579EEAD4BDC2B70B52DF9C49104D24
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 178EC4E84B0AFEF2E10A610828D9F1BD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js
Frame ID: 950818AB2068CF1B560A8E6BE1F14A58
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4758D672010DBD1317EEB342882E64E5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js
Frame ID: AEAA8A7A9052E9B82ABCC1B8A18931C4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Venda de Bens Penhorados das Finanças

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

prettyPhoto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)
jquery\.prettyPhoto\.js

Page Statistics

107
Requests

67 %
HTTPS

52 %
IPv6

20
Domains

25
Subdomains

19
IPs

7
Countries

2057 kB
Transfer

3703 kB
Size

15
Cookies

123 Outgoing links

These are links going to different origins than the main page.

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=56&sf=1821&ano=2020
Title: 2025-08-27 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=120&sf=1872&ano=2020
Title: 2025-09-16 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=56&sf=1791&ano=2020
Title: 2025-10-03 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=49&sf=2348&ano=2020
Title: 2028-02-24 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=50&sf=2348&ano=2020
Title: 2028-03-16 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=68&sf=2208&ano=2020
Title: 2028-07-14 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=496&sf=3522&ano=2014
Title: 2030-11-20 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=1&sf=3212&ano=2023
Title: 2024-01-31 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=26&sf=2810&ano=2023
Title: 2023-12-05 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=28&sf=2810&ano=2023
Title: 2023-12-05 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=27&sf=2810&ano=2023
Title: 2023-12-05 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=23&sf=2810&ano=2023
Title: 2023-12-27 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=22&sf=2810&ano=2023
Title: 2023-12-27 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=24&sf=2810&ano=2023
Title: 2023-12-27 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=32&sf=1546&ano=2023
Title: 2024-02-15 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=29&sf=2810&ano=2023
Title: 2023-12-19 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=30&sf=2810&ano=2023
Title: 2023-12-05 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=13&sf=2224&ano=2023
Title: 2023-12-18 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=9&sf=2887&ano=2023
Title: 2023-12-07 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=10&sf=2887&ano=2023
Title: 2023-11-30 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=35&sf=0159&ano=2023
Title: 2023-12-12 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=11&sf=2887&ano=2023
Title: 2023-12-12 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=35&sf=3549&ano=2023
Title: 2023-12-18 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=13&sf=2011&ano=2023
Title: 2024-01-18 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=7&sf=2089&ano=2023
Title: 2023-12-12 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=14&sf=0175&ano=2023
Title: 2023-12-15 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=22&sf=3344&ano=2023
Title: 2024-04-24 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=21&sf=3344&ano=2023
Title: 2024-04-24 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=23&sf=3344&ano=2023
Title: 2024-04-24 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=6&sf=0914&ano=2023
Title: 2023-11-30 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=29&sf=3611&ano=2023
Title: 2024-01-25 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=30&sf=3611&ano=2023
Title: 2024-01-25 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=20&sf=3654&ano=2023
Title: 2024-02-20 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=16&sf=1902&ano=2023
Title: 2024-01-04 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=23&sf=1821&ano=2023
Title: 2023-12-07 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=3&sf=2038&ano=2023
Title: 2024-01-17 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=24&sf=3344&ano=2023
Title: 2024-04-24 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=12&sf=2887&ano=2023
Title: 2024-01-10 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=13&sf=2887&ano=2023
Title: 2024-01-10 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=35&sf=3565&ano=2023
Title: 2023-12-05 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=6&sf=2232&ano=2023
Title: 2023-12-12 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=1219&sf=0450&ano=2015
Title: 2023-12-14 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=611&sf=1465&ano=2014
Title: 2023-12-28 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=29&sf=1899&ano=2023
Title: 2024-01-04 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=84&sf=2887&ano=2015
Title: 2024-01-17 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=12&sf=3417&ano=2023
Title: 2024-01-18 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=2&sf=0744&ano=2023
Title: 2023-12-06 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=16&sf=0353&ano=2023
Title: 2023-12-07 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=28&sf=1821&ano=2023
Title: 2023-12-13 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=6&sf=1520&ano=2023
Title: 2024-01-10 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=28&sf=3530&ano=2023
Title: 2023-11-30 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=67&sf=2348&ano=2023
Title: 2023-12-05 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=1&sf=0558&ano=2023
Title: 2023-12-12 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=14&sf=2011&ano=2023
Title: 2024-02-22 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=84&sf=1848&ano=2023
Title: 2024-01-08 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=23&sf=1856&ano=2023
Title: 2024-01-09 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=86&sf=1848&ano=2023
Title: 2023-12-18 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=10&sf=1805&ano=2023
Title: 2023-12-12 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=11&sf=0132&ano=2023
Title: 2023-12-19 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=87&sf=1848&ano=2023
Title: 2024-01-18 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=15&sf=2224&ano=2023
Title: 2024-01-29 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=25&sf=3344&ano=2023
Title: 2024-04-24 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=26&sf=3344&ano=2023
Title: 2024-05-17 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=71&sf=2348&ano=2023
Title: 2023-12-12 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=8&sf=2089&ano=2023
Title: 2024-01-16 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=4&sf=2194&ano=2023
Title: 2024-01-16 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=89&sf=1848&ano=2023
Title: 2024-01-23 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=31&sf=3433&ano=2023
Title: 2023-12-21 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=20&sf=3344&ano=2023
Title: 2024-04-24 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=642&sf=2160&ano=2015
Title: 2024-01-12 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=17&sf=1902&ano=2023
Title: 2023-12-05 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=42&sf=3433&ano=2023
Title: 2024-01-25 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=90&sf=1848&ano=2023
Title: 2024-02-06 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=29&sf=3530&ano=2023
Title: 2023-12-06 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=26&sf=1783&ano=2023
Title: 2023-12-20 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=19&sf=0450&ano=2023
Title: 2023-12-28 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=33&sf=1899&ano=2023
Title: 2024-02-07 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=31&sf=2810&ano=2023
Title: 2024-05-21 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=37&sf=3204&ano=2023
Title: 2023-12-05 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=11&sf=2992&ano=2023
Title: 2024-02-06 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=12&sf=2992&ano=2023
Title: 2024-02-06 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=34&sf=1899&ano=2023
Title: 2024-02-06 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=21&sf=3522&ano=2023
Title: 2024-02-09 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=22&sf=3522&ano=2023
Title: 2024-02-12 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=20&sf=4219&ano=2023
Title: 2024-02-17 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=8&sf=1988&ano=2023
Title: 2024-01-18 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=146&sf=3158&ano=2013
Title: 2024-01-22 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=69&sf=1775&ano=2023
Title: 2023-12-14 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=32&sf=2810&ano=2023
Title: 2024-01-09 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=34&sf=2810&ano=2023
Title: 2024-02-20 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=17&sf=3425&ano=2023
Title: 2024-01-17 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=15&sf=2011&ano=2023
Title: 2024-02-27 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=9&sf=1988&ano=2023
Title: 2024-01-18 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=30&sf=3530&ano=2023
Title: 2023-12-27 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=19&sf=1902&ano=2023
Title: 2024-01-30 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=27&sf=1783&ano=2023
Title: 2024-01-08 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=5&sf=3140&ano=2023
Title: 2024-01-11 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=4&sf=1686&ano=2023
Title: 2024-01-12 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=7&sf=2232&ano=2023
Title: 2024-01-23 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=5&sf=1562&ano=2010
Title: 2024-01-30 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=15&sf=1880&ano=2023
Title: 2024-01-26 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=120&sf=3409&ano=2013
Title: 2024-02-26 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=31&sf=3530&ano=2023
Title: 2024-01-10 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=16&sf=1880&ano=2023
Title: 2024-01-19 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=45&sf=3433&ano=2023
Title: 2024-01-30 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=6&sf=0108&ano=2023
Title: 2024-02-13 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=7&sf=3166&ano=2023
Title: 2024-03-08 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=10&sf=1988&ano=2023
Title: 2024-01-22 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=28&sf=3590&ano=2023
Title: 2024-02-07 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=3&sf=3328&ano=2023
Title: 2024-01-24 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=6&sf=0051&ano=2023
Title: 2024-01-16 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=74&sf=2348&ano=2023
Title: 2024-01-28 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=8&sf=3166&ano=2023
Title: 2024-03-13 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=67&sf=0418&ano=2012
Title: 2024-01-10 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=29&sf=1783&ano=2023
Title: 2024-01-18 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=8&sf=2232&ano=2023
Title: 2024-01-23 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=32&sf=3530&ano=2023
Title: 2024-01-31 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=21&sf=3050&ano=2023
Title: 2024-02-13 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=41&sf=3433&ano=2023
Title: 2024-02-22 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=31&sf=1910&ano=2023
Title: 2024-02-26 00:00:00

Search URL Search Domain Scan URL

URL: https://vendas.portaldasfinancas.gov.pt/bens/detalheVenda.action?idVenda=10&sf=2089&ano=2023
Title: 2024-02-29 00:00:00

Search URL Search Domain Scan URL

URL: https://www.facebook.com/leiloesfinancas/
Title: página no Facebook

Search URL Search Domain Scan URL

URL: http://www.templatewire.com/
Title: TemplateWire

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://ad.turn.com/r/cs?pid=3&google_gid=CAESECxM1UXB-1it2huTYwxKJEE&google_cver=1&google_push=AXcoOmT0SZddOuXtpTCNlKoNik7w7cro1FipH6a9ALWEp7kXYpti6SS3Bzur0KT8urrAkq6EM7Vdqw2WyGNd8mB_QxTZ5wHqS5GuLRrd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUzMTkwMjEwODE5ODkzMTI4Nw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECxM1UXB-1it2huTYwxKJEE&google_cver=1

Request Chain 71

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBxnZlCH-4ElEXEOPTZVipQ&google_cver=1&google_push=AXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6vSsvLu&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6vSsvLu%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBxnZlCH-4ElEXEOPTZVipQ&google_cver=1&google_push=AXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6vSsvLu&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6vSsvLu%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 72

https://um.simpli.fi/gp_match?google_gid=CAESEJFgu52s1X__Mps3u9qU8Hg&google_cver=1&google_push=AXcoOmRQ8wG9JTXHWZCPjrvysTDPRpgy4Qd7505YlnqYXhwsx4m1MX-ueb01JmINqwMWZR1gb0cz23yEtUuEcjh9eVUbwXMZSFdEEWar HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6A291D552F234AB78CE9E202F7E7A02C&google_push=AXcoOmRQ8wG9JTXHWZCPjrvysTDPRpgy4Qd7505YlnqYXhwsx4m1MX-ueb01JmINqwMWZR1gb0cz23yEtUuEcjh9eVUbwXMZSFdEEWar

Request Chain 75

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPsEIIaHGSS6pxvLg41gnr0&google_cver=1&google_push=AXcoOmQWVRcDoM2hlvTYWH3N-m15TGSGjC9wKOPRzf1PUuB56u3WoloDYFWQlqvNAPsmbqaFmhewq_F87sYT9FyPiHk3ruq1kv_AWhE HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPsEIIaHGSS6pxvLg41gnr0&google_cver=1&google_push=AXcoOmQWVRcDoM2hlvTYWH3N-m15TGSGjC9wKOPRzf1PUuB56u3WoloDYFWQlqvNAPsmbqaFmhewq_F87sYT9FyPiHk3ruq1kv_AWhE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA3MzI2MjExNTQ1OTc4MTA2Mw&google_push=AXcoOmQWVRcDoM2hlvTYWH3N-m15TGSGjC9wKOPRzf1PUuB56u3WoloDYFWQlqvNAPsmbqaFmhewq_F87sYT9FyPiHk3ruq1kv_AWhE

Request Chain 79

https://googleads.g.doubleclick.net/pagead/adview?ai=C3AhxRchoZar6AemZ7OsPxrye4AqaxcPFdNvgw6yBEur5hqCxGhABINPBzGNgleKQgqAHoAHElc2bKsgBCagDAcgDywSqBM8BT9D411Ys3tk2veXTCV7ew9h2UVK9TiHbO8K1BZTum57ovHG-QdyI4M1NlY8JCxuyMRH4NnzKkF-Y0Z9fF75w4MU8ZU6tUd5uPNjKP2XH-DDky0RenfASW2Ti3_Z--oxADI08yqS_rD9wfEY8L2kOjv-5g7tL84A-P8TFRgWJc7OMs6CNG8JFhd00OOra-1YkLnTDr8Ag1B2d2TpX9foQxQ6jFee19Be2ykE6k8TfAxblYnly2CaN_bxDLX7YwRrAy6G09DdNwf4wjOPSGBXRwASksu_D4QSIBbXa1JZNkgUECAQYAZIFBAgFGASgBi6AB8TNnfsEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQiugD0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljE7PTOoeyCA5oJrgFodHRwczovL3d3dy5oZWxwd2lyZS5jb20vYXJ0aWNsZXM_Y29udD1oZzEmcT1MYXcrZmlybStiaWxsaW5nK3NvZnR3YXJlJnNyYz1tZyZnY2g9VDAwMDEyMTQmdmlzaXRvcl9pZD0lN0JnY2xpZCU3RF9fX18lN0JwbGFjZW1lbnQlN0QmbGlua19rZXk9NTI1ZTM3YTlkYzAwODRmODFmMDMwZTU3MzA5YzQxNzSACgHICwGiDBQqEgoQ5LSxAu61sQK1uLECu7uxArgT5APYEwyIFAPQFQGAFwGyFxwKGggAEhRwdWItNzQ0MTkzNDExNjE3NjI3MRgA&sigh=5hwNcyOwI8Y&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNi1bX5lZz9bnKFQD-RT1XN_gky-f1BLFJtxS1GpmqrLop7qOtgc4BEjyhNlLKrcwXJcMnBIBy5xgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224954648161754984983%22,%22debug_reporting%22:true,%22destination%22:%22https://helpwire.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211332176580%22],%224%22:[%2211-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210588982033124491553%22}&andc=true

Request Chain 93

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBH4gm7lKML_sGPple9J-Vs&google_cver=1&google_push=AXcoOmR9RJczOoH83ChXDSdNFmOSQeDMJ4XBFyW-hc94VtQMUIM98jl8sAXWJ69JJm8UQxxD9YirKnCAW_mTDE1Ra80P1RcRFbHE4g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUzMTkwMjEwODE5ODkzMTI4Nw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBH4gm7lKML_sGPple9J-Vs&google_cver=1

Request Chain 94

https://a.tribalfusion.com/i.match?p=b6&u=CAESEF2r0GkRXfiG9Ehcj_MhEyM&google_cver=1&google_push=AXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BUxYdU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BUxYdU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF2r0GkRXfiG9Ehcj_MhEyM&google_cver=1&google_push=AXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BUxYdU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BUxYdU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 95

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEAbdn1JfkEU9-RTu6tuwcW0&google_cver=1&google_push=AXcoOmTD9WPH4ogYu9SVqYJ816uN_uovUl0rXGwfpclRvVkaqh77D4pbOie6tJ62Cz9tjGk1I--GhokhPjt0_sqj5eCWNwRsY3nb1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTD9WPH4ogYu9SVqYJ816uN_uovUl0rXGwfpclRvVkaqh77D4pbOie6tJ62Cz9tjGk1I--GhokhPjt0_sqj5eCWNwRsY3nb1A&google_hm=gYqb9hLsRa-LotXlT4-NGkk

Request Chain 97

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEPlGRohLAzl5vex-rUyS5k&google_cver=1&google_push=AXcoOmQIxnmcjYb4mfOKi__dDwTHwt1jhUuEINhD4YUiJA4tAuLVrNIZXX7umm7GE8PmFn8wWndnPoYRpgUKM69yOa-0WEhGFpnwIw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQIxnmcjYb4mfOKi__dDwTHwt1jhUuEINhD4YUiJA4tAuLVrNIZXX7umm7GE8PmFn8wWndnPoYRpgUKM69yOa-0WEhGFpnwIw&google_hm=eS1ZeXBvTGlGRTJwRVhHa3dXdzhQLmhZRjZlS01XLjRZMn5B

Request Chain 99

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGz2bkL6-p1YMqwnmewTaVU&google_cver=1&google_push=AXcoOmSy_pKWsgjGe0dzIm0NN9qfM0XM6nRHP6ngqcr2FMtESYJV9k2qxfnQq5W2AusapFHItPgyfnNphrZoJ_QE8hXAW7OkpONM-O8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSy_pKWsgjGe0dzIm0NN9qfM0XM6nRHP6ngqcr2FMtESYJV9k2qxfnQq5W2AusapFHItPgyfnNphrZoJ_QE8hXAW7OkpONM-O8

Request Chain 104

https://googleads.g.doubleclick.net/pagead/adview?ai=CHRSERchoZbu-AYG8gAPPxZmYDse74fxy9-qjnvkKro-4vdQ2EAEg08HMY2CV4pCCoAegAbSqyO8DyAEJqQI-vRN07VSyPqgDAcgDywSqBNgBT9AA8aHYCNvXgN2HzVF5FchB1jcaboG-AUDW4vJvEHjD51U4fgzE_ekJla1MHRZbml_IH_RbG6NJPisWpQ9nRisXkQNFRdVw0kWzpFN47zwI2hGmfZKEJQ8V-iM9u2lFeqlJRMVEY86suR71gwBI5ziH4ID41BY3Gs5dkeMb_Ql43yrpI-MFA1cyxmh1V2onnv4I2riVxJOX5TzdL9XR0WGCGyFctkz0n1rBzG6H7WytRT_Y-LyUO0cREwQyx9x5qQ-HEi_vfVboGluYrmLRLeL83giAZs_8wAS5ssq55AKIBcisi-EikgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7TVtxCoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCF1gTSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIu39M6h7IIDmgkYaHR0cHM6Ly93d3cubGVuc2F0aW9uLmRlgAoByAsBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxArgT5APYEwyIFALQFQGYFgGAFwGyFxwKGggAEhRwdWItNzQ0MTkzNDExNjE3NjI3MRgA&sigh=B5f5QpIQgno&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNG0fK0i4_PmyQ-0Mbx9TGGDlJcK4fPI5XzoES8EHeSuzePg3kfI-rIpzb80rxQ1Ay4vIPboJ6GAE&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213451901054381312762%22,%22debug_reporting%22:true,%22destination%22:%22https://lensation.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221039275316%22],%224%22:[%2211-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214946261242886804097%22}&andc=true

107 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
leiloesfinancas.com/ 11 KB
11 KB 44ms
9ms Document
text/html 195.201.124.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://leiloesfinancas.com/
Protocol: HTTP/1.1
Server: 195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.124.201.195.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 939c781c4dc90a51b8de213be6f4217b0fed3def8412881ee7f82241a86953cb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: close
Content-Length: 10789
Content-Type: text/html
Date: Thu, 30 Nov 2023 17:37:07 GMT
ETag: "5ac4f204-2a25"
Last-Modified: Wed, 04 Apr 2018 15:40:52 GMT
Server: nginx/1.12.2

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
55 KB 63ms
56ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

caabf67518fb946b780b8c2992984609f2d037576fa7b8744cf5c7de2ce063d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 17:37:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 55970
X-XSS-Protection: 0
Server: cafe
ETag: 12499261533008328120
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Thu, 30 Nov 2023 17:37:07 GMT

GET
H/1.1 200
OK bootstrap.css
leiloesfinancas.com/css/ 138 KB
139 KB 19ms
10ms Stylesheet
text/css 195.201.124.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://leiloesfinancas.com/css/bootstrap.css
Requested by: Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol: HTTP/1.1
Server: 195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.124.201.195.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: c942686010e285633d77a24341c43850ccd6162fcc7e8281ae8a70c2921a9af5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified: Wed, 28 Mar 2018 11:15:54 GMT
Server: nginx/1.12.2
ETag: "5abb796a-22936"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 141622

GET
H/1.1 200
OK font-awesome.css
leiloesfinancas.com/fonts/font-awesome/css/ 28 KB
28 KB 18ms
9ms Stylesheet
text/css 195.201.124.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://leiloesfinancas.com/fonts/font-awesome/css/font-awesome.css
Requested by: Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol: HTTP/1.1
Server: 195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.124.201.195.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified: Wed, 28 Mar 2018 11:15:56 GMT
Server: nginx/1.12.2
ETag: "5abb796c-704b"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 28747

GET
H/1.1 200
OK style.css
leiloesfinancas.com/css/ 11 KB
11 KB 19ms
11ms Stylesheet
text/css 195.201.124.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://leiloesfinancas.com/css/style.css
Requested by: Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol: HTTP/1.1
Server: 195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.124.201.195.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 179ee19005026bab9f69ce52fed225c15f846d5cb2ddd1b8ad04f1499e574d77

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified: Wed, 28 Mar 2018 11:15:54 GMT
Server: nginx/1.12.2
ETag: "5abb796a-2bc8"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 11208

GET
H/1.1 200
OK prettyPhoto.css
leiloesfinancas.com/css/ 19 KB
20 KB 20ms
11ms Stylesheet
text/css 195.201.124.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://leiloesfinancas.com/css/prettyPhoto.css
Requested by: Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol: HTTP/1.1
Server: 195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.124.201.195.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: c629de9ada89b5f68c65bcfcbcb3a229f135f36f903e73325b58a9a04c74ed07

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified: Wed, 28 Mar 2018 11:15:54 GMT
Server: nginx/1.12.2
ETag: "5abb796a-4d2d"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 19757

GET
H/1.1 200
OK css
fonts.googleapis.com/ 13 KB
1 KB 22ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans:400,700,800,600,300

Requested by

Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6cd86c6340b87c80f3f60c6475619c1353eb3be682215500d67b78b3b935cd6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 17:37:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Thu, 30 Nov 2023 17:37:07 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 30 Nov 2023 17:37:07 GMT

GET
H/1.1 404
Not Found modernizr.custom.js
leiloesfinancas.com/js/ 0
0 20ms
12ms Script
text/html 195.201.124.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://leiloesfinancas.com/js/modernizr.custom.js
Requested by: Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol: HTTP/1.1
Server: 195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.124.201.195.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 17:37:07 GMT
Server: nginx/1.12.2
Connection: close
Content-Length: 571
Content-Type: text/html

GET
H/1.1 200
OK preloader.gif
leiloesfinancas.com/img/ 4 KB
5 KB 22ms
9ms Image
image/gif 195.201.124.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leiloesfinancas.com/img/preloader.gif
Requested by: Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol: HTTP/1.1
Server: 195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.124.201.195.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 3bf12b59b98704dce5fdfd3ded0cfcdfcabdee539dee8f000d272dfdd4c79a98

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified: Wed, 28 Mar 2018 11:15:55 GMT
Server: nginx/1.12.2
ETag: "5abb796b-11db"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 4571

GET
H/1.1 200
OK about.jpg
leiloesfinancas.com/img/ 47 KB
47 KB 21ms
12ms Image
image/jpeg 195.201.124.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leiloesfinancas.com/img/about.jpg
Requested by: Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol: HTTP/1.1
Server: 195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.124.201.195.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 39a07fe6ddf174bdf8c183d589da8f435a802f2341db30e4711a058264ccd03e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified: Wed, 28 Mar 2018 11:15:54 GMT
Server: nginx/1.12.2
ETag: "5abb796a-bca7"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 48295

GET
H/1.1 200
OK jquery.1.11.1.js Show response
leiloesfinancas.com/js/ 94 KB
94 KB 21ms
12ms Script
application/javascript 195.201.124.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://leiloesfinancas.com/js/jquery.1.11.1.js
Requested by: Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol: HTTP/1.1
Server: 195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.124.201.195.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified: Wed, 28 Mar 2018 11:15:54 GMT
Server: nginx/1.12.2
ETag: "5abb796a-17629"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 95785

GET
H/1.1 200
OK bootstrap.js Show response
leiloesfinancas.com/js/ 66 KB
66 KB 18ms
9ms Script
application/javascript 195.201.124.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://leiloesfinancas.com/js/bootstrap.js
Requested by: Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol: HTTP/1.1
Server: 195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.124.201.195.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 41af969ee00e8132a0040094db2b1a79a15b4d9b7e2bb485012970fdf7b5c455

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified: Wed, 28 Mar 2018 11:15:54 GMT
Server: nginx/1.12.2
ETag: "5abb796a-107da"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 67546

GET
H/1.1 200
OK SmoothScroll.js Show response
leiloesfinancas.com/js/ 13 KB
14 KB 19ms
10ms Script
application/javascript 195.201.124.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://leiloesfinancas.com/js/SmoothScroll.js
Requested by: Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol: HTTP/1.1
Server: 195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.124.201.195.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 08d26d1914e042c874ab5b6fc8a857e73e9eb4180b63901570a3cacc1cf6e622

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified: Wed, 28 Mar 2018 11:15:54 GMT
Server: nginx/1.12.2
ETag: "5abb796a-35e3"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 13795

GET
H/1.1 200
OK jquery.prettyPhoto.js Show response
leiloesfinancas.com/js/ 22 KB
22 KB 19ms
10ms Script
application/javascript 195.201.124.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://leiloesfinancas.com/js/jquery.prettyPhoto.js
Requested by: Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol: HTTP/1.1
Server: 195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.124.201.195.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 7d4adb5e9401f2d3c71467d1c2ab1a153e5b65fdc1d9f90ba7504fd700d7fac6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified: Wed, 28 Mar 2018 11:15:54 GMT
Server: nginx/1.12.2
ETag: "5abb796a-562c"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 22060

GET
H/1.1 200
OK jquery.isotope.js Show response
leiloesfinancas.com/js/ 44 KB
44 KB 20ms
11ms Script
application/javascript 195.201.124.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://leiloesfinancas.com/js/jquery.isotope.js
Requested by: Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol: HTTP/1.1
Server: 195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.124.201.195.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 9d50c5116670be904f9c68558b5e40a9a167b08d8565268f06c80843c9835e99

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified: Wed, 28 Mar 2018 11:15:54 GMT
Server: nginx/1.12.2
ETag: "5abb796a-ae71"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 44657

GET
H/1.1 200
OK jquery.parallax.js Show response
leiloesfinancas.com/js/ 2 KB
2 KB 45ms
9ms Script
application/javascript 195.201.124.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://leiloesfinancas.com/js/jquery.parallax.js
Requested by: Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol: HTTP/1.1
Server: 195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.124.201.195.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 800d1485b88577a6ff06c5af3e753433b52398c8e90d7f1e8d36f351e3995f59

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified: Wed, 28 Mar 2018 11:15:54 GMT
Server: nginx/1.12.2
ETag: "5abb796a-723"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 1827

GET
H/1.1 200
OK jqBootstrapValidation.js Show response
leiloesfinancas.com/js/ 35 KB
36 KB 19ms
10ms Script
application/javascript 195.201.124.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://leiloesfinancas.com/js/jqBootstrapValidation.js
Requested by: Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol: HTTP/1.1
Server: 195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.124.201.195.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: eb2978d7e1d56f151949778abaf673c6b0660aad3abc1e485b10e416894cb4d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified: Wed, 28 Mar 2018 11:15:54 GMT
Server: nginx/1.12.2
ETag: "5abb796a-8d4b"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 36171

GET
H/1.1 200
OK contact_me.js Show response
leiloesfinancas.com/js/ 3 KB
3 KB 18ms
9ms Script
application/javascript 195.201.124.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://leiloesfinancas.com/js/contact_me.js
Requested by: Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol: HTTP/1.1
Server: 195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.124.201.195.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: a5a5a4bc8dc82bf80c23b9e98d6cee59a16a9197ef2d2ce25f9fa43a45dcc34b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified: Wed, 28 Mar 2018 11:15:54 GMT
Server: nginx/1.12.2
ETag: "5abb796a-b1c"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 2844

GET
H/1.1 200
OK main.js Show response
leiloesfinancas.com/js/ 3 KB
3 KB 18ms
9ms Script
application/javascript 195.201.124.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://leiloesfinancas.com/js/main.js
Requested by: Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol: HTTP/1.1
Server: 195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.124.201.195.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 66d1e635446b81e17df574f071d835e5a46010434dac51077f16312c3e9b078e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified: Wed, 28 Mar 2018 11:15:54 GMT
Server: nginx/1.12.2
ETag: "5abb796a-bdd"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 3037

GET
H/1.1 200
OK intro-bg.jpg
leiloesfinancas.com/img/ 156 KB
156 KB 30ms
9ms Image
image/jpeg 195.201.124.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leiloesfinancas.com/img/intro-bg.jpg
Requested by: Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/css/style.css
Protocol: HTTP/1.1
Server: 195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.124.201.195.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: a13d0c4daecdb4cfaf9875bc1e146bc11b72b483a12195cb536fdc485a7fbe84

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified: Wed, 28 Mar 2018 11:15:54 GMT
Server: nginx/1.12.2
ETag: "5abb796a-26e9e"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 159390

GET
H/1.1 200
OK services-bg.jpg
leiloesfinancas.com/img/ 80 KB
81 KB 18ms
9ms Image
image/jpeg 195.201.124.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leiloesfinancas.com/img/services-bg.jpg
Requested by: Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/css/style.css
Protocol: HTTP/1.1
Server: 195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.124.201.195.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 7adfdfe31d45a8e01a56b74eb9965a4a2135b317099bdc63c2e231d68fd65ad7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified: Wed, 28 Mar 2018 11:15:54 GMT
Server: nginx/1.12.2
ETag: "5abb796a-1414b"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 82251

GET
H/1.1 200
OK fontawesome-webfont.woff2
leiloesfinancas.com/fonts/font-awesome/fonts/ 55 KB
56 KB 15ms
9ms Font
application/octet-stream 195.201.124.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://leiloesfinancas.com/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/fonts/font-awesome/css/font-awesome.css
Protocol: HTTP/1.1
Server: 195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.124.201.195.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: http://leiloesfinancas.com/fonts/font-awesome/css/font-awesome.css
Origin: http://leiloesfinancas.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified: Wed, 28 Mar 2018 11:15:56 GMT
Server: nginx/1.12.2
ETag: "5abb796c-ddcc"
Content-Type: application/octet-stream
Connection: close
Accept-Ranges: bytes
Content-Length: 56780

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,700,800,600,300

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://leiloesfinancas.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 15:44:13 GMT
X-Content-Type-Options: nosniff
Age: 6774
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 48432
X-XSS-Protection: 0
Last-Modified: Thu, 14 Sep 2023 00:40:31 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 29 Nov 2024 15:44:13 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
135 KB 97ms
77ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b858da456434225d9e2c9e3b8b5cb3ea75fb7fd4d79f00aa4bda8756738376d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 17:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137282
x-xss-protection: 0
server: cafe
etag: 9728698683305809927
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 17:37:07 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/ Frame 7D72 9 KB
4 KB 29ms
8ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://leiloesfinancas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 86001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 17:43:46 GMT
etag: 12051592065903069241
expires: Wed, 13 Dec 2023 17:43:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 426A 236 KB
59 KB 1138ms
1138ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&adk=2020088507&adf=637443794&lmt=1522856452&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1701365827473&bpp=2&bdt=87&idt=194&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4203965407633&frm=20&pv=2&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=210

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b21c21346ca5a7c9ec1f1cf5a599ef300ec1bd4dacde285a17e59043c20c2339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://leiloesfinancas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 59889
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 17:37:08 GMT
expires: Thu, 30 Nov 2023 17:37:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
122 B 46ms
44ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=preloader&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 17:37:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
57 B 46ms
45ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=preloader&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 17:37:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK leiloes Show response
195.201.124.227/LeiloesAPI/api.php/ 47 KB
47 KB 74ms
65ms XHR
application/json 195.201.124.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://195.201.124.227/LeiloesAPI/api.php/leiloes?transform=1&filter=data_leilao,ge,2023/11/30
Requested by: Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol: HTTP/1.1
Server: 195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.124.201.195.clients.your-server.de
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: f146ff6ac66c7849db6f35786ef6517a4e2e63a1c2dc8d8e74e3a9ba48c4f316

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 17:37:08 GMT
Server: nginx/1.12.2
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://leiloesfinancas.com
Access-Control-Allow-Credentials: true
Connection: close

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 71ms
57ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231128&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

401bb80801cb33885602cb55a76f4ba462d06b37e10ea8ae692a9f4f09cc8052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 17:37:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12286
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 160 KB
55 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1eee861586ec33f0318d6604c3cbcf9879e2dd4f7705f58c1df4177af853d98f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 17:37:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55848
x-xss-protection: 0
server: cafe
etag: 7292660813532387720
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 17:37:08 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3CAE 124 KB
42 KB 845ms
845ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8b1198c325007cee162dc6f3eb6c5b0194f35f073fdff938fe0e0465a11ac41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://leiloesfinancas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42527
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 17:37:09 GMT
expires: Thu, 30 Nov 2023 17:37:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6408 122 KB
41 KB 999ms
998ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

660748eda41a229748847270b9135bc58aea798a68e3cb34619715c047336c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://leiloesfinancas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42340
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 17:37:09 GMT
expires: Thu, 30 Nov 2023 17:37:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F2B2 733 B
385 B 674ms
673ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=203374720&adf=3978676269&pi=t.aa~a.2674988853~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1140x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=2652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60b99f13fd4a5c1826fbc83dd8209f6c92c3fccf834238078e031f689d333738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://leiloesfinancas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 360
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 17:37:09 GMT
expires: Thu, 30 Nov 2023 17:37:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BC79 733 B
386 B 526ms
526ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=2896271574&pi=t.aa~a.1338058185~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=0&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1140x280&nras=5&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db69ea4ed47f5e79aab92365cb35aa72ba4ce447100965c200795059d29bf4ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://leiloesfinancas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 361
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 17:37:09 GMT
expires: Thu, 30 Nov 2023 17:37:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7044 733 B
383 B 534ms
534ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=3526253708&pi=t.aa~a.816752825~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1140x280%2C1200x280&nras=6&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

639c6bb2d4729d9196b06b310edf06fbe4bad998ce91c74e1283e76e3d1ed9d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://leiloesfinancas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 17:37:09 GMT
expires: Thu, 30 Nov 2023 17:37:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 525ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 17:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 17:37:09 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/ Frame E57E 9 KB
4 KB 15ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://leiloesfinancas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 00:30:42 GMT
etag: 12051592065903069241
expires: Thu, 14 Dec 2023 00:30:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame E57E 4 KB
1 KB 39ms
19ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Nov 2023 17:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 16:29:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Nov 2023 17:37:09 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E57E 205 B
296 B 30ms
9ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:28:44 GMT
x-content-type-options: nosniff
age: 86905
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 28 Nov 2024 17:28:44 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E57E 604 B
1 KB 28ms
7ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 18:39:41 GMT
x-content-type-options: nosniff
age: 82648
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 28 Nov 2024 18:39:41 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/ Frame E57E 16 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6758
x-xss-protection: 0
server: cafe
etag: 13232977368472197749
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 21:55:43 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/ Frame E57E 22 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c62cf063fdcf1a931187196cbbc50783ff4c9a5fbcf55ba058c77aaf28ca28b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9188
x-xss-protection: 0
server: cafe
etag: 17726137969773036382
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 21:55:43 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B9B0 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://leiloesfinancas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14721
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 13:31:48 GMT
expires: Fri, 29 Nov 2024 13:31:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B16D 829 B
1 KB 48ms
23ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

13a49ce9a4039220071f76fa220adc75ce8cc84064a952876401bff64c23a5a7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aEubT6qd9Nd5xa56-bFFZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://leiloesfinancas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-aEubT6qd9Nd5xa56-bFFZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 17:37:09 GMT
expires: Thu, 30 Nov 2023 17:37:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js Show response
pagead2.googlesyndication.com/bg/ Frame B9B0 39 KB
15 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 13:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15254
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 13:31:49 GMT

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame B440 9 KB
4 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 14:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 531160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 14:04:29 GMT

GET
H2 200 7d372031074aa956156fdf66de49b945.js Show response
www.gstatic.com/mysidia/ Frame B440 144 KB
53 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7d372031074aa956156fdf66de49b945.js?tag=video_mra/web_interstitial_raspberry_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122b116a6724299f61531803a1c77758b73d96c4b975e6bad3cf57a611693fa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 00:14:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54135
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 00:14:34 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B440 21 KB
1 KB 19ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Nov 2023 17:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 16:33:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Nov 2023 17:37:09 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame B440 2 KB
822 B 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71030
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 21:53:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/ Frame B440 24 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:53:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71048
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 21:53:01 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame B440 3 KB
1 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 13:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15992
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 13:10:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame B440 20 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:51:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 21:51:59 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B440 202 KB
64 KB 89ms
57ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 17:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 17:37:09 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame B440 37 KB
15 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 10:09:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B16D 0
0 46ms
39ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231128&jk=932257012118522&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B9B0 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?P927Yw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 17:37:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js Show response
pagead2.googlesyndication.com/bg/ Frame CC57 39 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4eb4e63b89c3a63555afd424180e8f44f0d362dc5e8c5edacbab9c035706b363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:19:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 227875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15224
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 02:19:14 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3CAE 4 KB
655 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Nov 2023 17:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 16:30:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Nov 2023 17:37:09 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 3CAE 2 KB
822 B 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71030
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 21:53:19 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/13745123224176964170/ Frame 3CAE 174 KB
174 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13745123224176964170/14763004658117789537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b006442e7c69aed587f4cb3a26f8831c0941dd7e291392f1e51cb36a8a61333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 14:16:55 GMT
x-content-type-options: nosniff
age: 184814
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177884
x-xss-protection: 0
last-modified: Sun, 29 Oct 2023 08:17:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 27 Nov 2024 14:16:55 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/10345164013127454634/ Frame 3CAE 1 KB
1 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10345164013127454634/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfdaac1471892b9227870749fb27101ec5a63f74d5ceb7c0d404a7fec1e7ccb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 14:14:31 GMT
x-content-type-options: nosniff
age: 98558
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1218
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 10:50:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 28 Nov 2024 14:14:31 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/ Frame 3CAE 24 KB
9 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:53:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71048
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 21:53:01 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 3CAE 3 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 13:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15992
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 13:10:37 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 178E 1 KB
643 B 8ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4739
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 16:18:10 GMT
etag: 48472445140208031
expires: Fri, 01 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 3CAE 20 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:51:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 21:51:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3CAE 0
0 17ms
14ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdbIK7crjbPuFQSZgPCJIRhUCHHchjzuYaZMQHhFtUoy9bGHNe3Z8mLCTGQggl_M2Er71nvDm0ONjt6Q_GJJ_sNnwmfQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3CAE 202 KB
64 KB 74ms
70ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 17:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 17:37:09 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 3CAE 37 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 10:09:15 GMT

GET
DATA 200
OK truncated
/ Frame 3CAE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42d336001666b35f678b69b1e129c3a708cc3574870b3750284724418fe2475f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 178E
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESECxM1UXB-1it2huTYwxKJEE&google_cver=1&google_push=AXcoOmT0SZddOuXtpTCNlKoNik7w7cro1FipH6a9ALWEp7kXYpti6SS3Bzur0KT8urrAkq6EM7Vdqw2WyGNd8mB_QxTZ5wHqS5GuLRrd
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUzMTkwMjEwODE5ODkzMTI4Nw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECxM1UXB-1it2huTYwxKJEE&google_cver=1

43 B
398 B

27ms
27ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECxM1UXB-1it2huTYwxKJEE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 30 Nov 2023 17:37:09 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 30 Nov 2023 17:37:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECxM1UXB-1it2huTYwxKJEE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 178E 35 B
465 B 47ms
12ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELmcsidfpvy5fU7i3nsQLJQ&google_cver=1&google_push=AXcoOmSp-ttVHxjjS7X7QUNLct0r42yrqbHiZT6EN1yz_6fmyMkoHF7dgRaiyp9XndYvIlrTwAYJLRezF-PpfecfTjYxjwI56LAxHKHe

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 17:37:09 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 178E
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBxnZlCH-4ElEXEOPTZVipQ&google_cver=1&google_push=AXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6vSs...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBxnZlCH-4ElEXEOPTZVipQ&google_cver=1&google_push=AXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6v...

43 B
434 B

177ms
177ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBxnZlCH-4ElEXEOPTZVipQ&google_cver=1&google_push=AXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6vSsvLu&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6vSsvLu%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 17:37:10 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82e4db55194a39be-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Nov 2023 17:37:09 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 186
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBxnZlCH-4ElEXEOPTZVipQ&google_cver=1&google_push=AXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6vSsvLu&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6vSsvLu%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82e4db53ffe239be-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 178E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJFgu52s1X__Mps3u9qU8Hg&google_cver=1&google_push=AXcoOmRQ8wG9JTXHWZCPjrvysTDPRpgy4Qd7505YlnqYXhwsx4m1MX-ueb01JmINqwMWZR1gb0cz23yEtUuEcjh9eVUbwXMZSFdEEWar
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6A291D552F234AB78CE9E202F7E7A02C&google_push=AXcoOmRQ8wG9JTXHWZCPjrvysTDPRpgy4Qd7505YlnqYXhwsx4m1MX-ueb01JmINqwMWZR1gb0cz23yEtUuEcjh...

170 B
330 B

19ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6A291D552F234AB78CE9E202F7E7A02C&google_push=AXcoOmRQ8wG9JTXHWZCPjrvysTDPRpgy4Qd7505YlnqYXhwsx4m1MX-ueb01JmINqwMWZR1gb0cz23yEtUuEcjh9eVUbwXMZSFdEEWar

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 17:37:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 30 Nov 2023 17:37:09 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6A291D552F234AB78CE9E202F7E7A02C&google_push=AXcoOmRQ8wG9JTXHWZCPjrvysTDPRpgy4Qd7505YlnqYXhwsx4m1MX-ueb01JmINqwMWZR1gb0cz23yEtUuEcjh9eVUbwXMZSFdEEWar
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 29 Nov 2023 17:37:09 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 178E 70 B
150 B 112ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEA8uUTa_fbspfK8-xfofIjw&google_cver=1&google_push=AXcoOmRnYrWbn3nvX8QUvac5ACw7EqGd8oHCFUOg-atK3dBfX2JM2jZ40zeaU5tZq9p8NNg9kDS9EASsqycajWNNOZ2zO80G-A3_WAw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 17:37:09 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 178E 0
174 B 38ms
16ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIUaFgU7gP6Nw2WtTvyNoPM&google_cver=1&google_push=AXcoOmQ_zMVAq7Dfsw5QF1SFZTB3uhtj3_8H4VEIir1m5fvzAS2gh8qviwSFvWNsrBqFSvHSd_MS7EEkwALznYgABG5ZJiqjRCwXizRp
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 17:37:09 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 178E
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPsEIIaHGSS6pxvLg41gnr0&google_cver=1&google_push=AXcoOmQWVRcDoM2hlvTYWH3N-m15TGSGjC9wKOPRzf1PUuB56u3WoloDYFWQlqvNAPsmbqaFmhewq_F8...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPsEIIaHGSS6pxvLg41gnr0&google_cver=1&google_push=AXcoOmQWVRcDoM2hlvTYWH3N-m15TGSGjC9wKOPRzf1PUuB56u3WoloDYFWQlqvNAPsmbqaFmhe...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA3MzI2MjExNTQ1OTc4MTA2Mw&google_push=AXcoOmQWVRcDoM2hlvTYWH3N-m15TGSGjC9wKOPRzf1PUuB56u3WoloDYFWQlqvNAPsmbqaFmhewq_...

170 B
188 B

18ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA3MzI2MjExNTQ1OTc4MTA2Mw&google_push=AXcoOmQWVRcDoM2hlvTYWH3N-m15TGSGjC9wKOPRzf1PUuB56u3WoloDYFWQlqvNAPsmbqaFmhewq_F87sYT9FyPiHk3ruq1kv_AWhE

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 17:37:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Nov 2023 17:37:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA3MzI2MjExNTQ1OTc4MTA2Mw&google_push=AXcoOmQWVRcDoM2hlvTYWH3N-m15TGSGjC9wKOPRzf1PUuB56u3WoloDYFWQlqvNAPsmbqaFmhewq_F87sYT9FyPiHk3ruq1kv_AWhE
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 178E 0
140 B 48ms
14ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LFdPkQMBYJfLdZ4Dur3M8IC6ARntcFYoDz6qev6sUNytmTE47BbxOaPgvm5N_IPTMX4hfX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 17:37:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3CAE 16 KB
16 KB 28ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 08:19:38 GMT
x-content-type-options: nosniff
age: 465451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 08:19:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3CAE 15 KB
15 KB 29ms
10ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 446400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 13:37:09 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 3CAE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C3AhxRchoZar6AemZ7OsPxrye4AqaxcPFdNvgw6yBEur5hqCxGhABINPBzGNgleKQgqAHoAHElc2bKsgBCagDAcgDywSqBM8BT9D411Ys3tk2veXTCV7ew9h2UVK9TiHbO8K1BZTum57ovHG...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224954648161754984983%22,%22debug_reporting%22:true,%22destination%22:%22https://helpwire.com%22,%22event_report_window%22:%...

0
0

165ms
41ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224954648161754984983%22,%22debug_reporting%22:true,%22destination%22:%22https://helpwire.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211332176580%22],%224%22:[%2211-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210588982033124491553%22}&andc=true

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 17:37:10 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"4954648161754984983","debug_reporting":true,"destination":"https://helpwire.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11332176580"],"4":["11-30"],"6":["true"]},"priority":"500","source_event_id":"10588982033124491553"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 30 Nov 2023 17:37:10 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 30 Nov 2023 17:37:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4954648161754984983","debug_reporting":true,"destination":"https://helpwire.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11332176580"],"4":["11-30"],"6":["true"]},"priority":"500","source_event_id":"10588982033124491553"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js Show response
pagead2.googlesyndication.com/bg/ Frame 9508 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4eb4e63b89c3a63555afd424180e8f44f0d362dc5e8c5edacbab9c035706b363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:19:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 227875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15224
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 02:19:14 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6408 4 KB
655 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Nov 2023 17:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 16:28:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Nov 2023 17:37:09 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 6408 2 KB
822 B 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71030
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 21:53:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/ Frame 6408 24 KB
9 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:53:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71048
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 21:53:01 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 6408 3 KB
1 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 13:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15992
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 13:10:37 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4758 1 KB
643 B 11ms
10ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4739
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 16:18:10 GMT
etag: 48472445140208031
expires: Fri, 01 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 6408 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:51:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 21:51:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6408 0
0 15ms
15ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRblP-YptiCBjzb74pdadNlVA1IYsUCBcFh_pdRKP8TDyNqujz0kotLak7-K66_S2dF6R1hEX6kosP5Q-tmRM2nCWMJNA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6408 202 KB
64 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 17:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 17:37:09 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 6408 37 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 10:09:15 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17725521996851891527/ Frame 6408 24 KB
24 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17725521996851891527/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9ea472727054d04fac60a4545bceaf2918cda50c57d2e0da6923e4a6ca6dfce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 12:05:35 GMT
x-content-type-options: nosniff
age: 19894
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24315
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 01:10:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 12:05:35 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6501730898157348517/ Frame 6408 3 KB
3 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6501730898157348517/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f61455a4f3be1147f7c84264c10e68d780245e4cc3e9d77147623e39fa2a82a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:26:49 GMT
x-content-type-options: nosniff
age: 87020
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3423
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 06:42:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 28 Nov 2024 17:26:49 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 69ms
41ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 30 Nov 2023 17:37:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4758
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBH4gm7lKML_sGPple9J-Vs&google_cver=1&google_push=AXcoOmR9RJczOoH83ChXDSdNFmOSQeDMJ4XBFyW-hc94VtQMUIM98jl8sAXWJ69JJm8UQxxD9YirKnCAW_mTDE1Ra80P1RcRFbHE4g
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUzMTkwMjEwODE5ODkzMTI4Nw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBH4gm7lKML_sGPple9J-Vs&google_cver=1

43 B
398 B

25ms
25ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBH4gm7lKML_sGPple9J-Vs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 30 Nov 2023 17:37:09 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 30 Nov 2023 17:37:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBH4gm7lKML_sGPple9J-Vs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 4758
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEF2r0GkRXfiG9Ehcj_MhEyM&google_cver=1&google_push=AXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BUxY...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF2r0GkRXfiG9Ehcj_MhEyM&google_cver=1&google_push=AXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BU...

43 B
397 B

167ms
167ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF2r0GkRXfiG9Ehcj_MhEyM&google_cver=1&google_push=AXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BUxYdU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BUxYdU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 17:37:10 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82e4db560ab839be-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Nov 2023 17:37:10 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 185
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF2r0GkRXfiG9Ehcj_MhEyM&google_cver=1&google_push=AXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BUxYdU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BUxYdU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82e4db54f91439be-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4758
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEAbdn1JfkEU9-RTu6tuwcW0&google_cver=1&google_push=AXcoOmTD9WPH4ogYu9SVqYJ816uN_uovUl0rXGwfpclRvVkaqh77D4pbOie6tJ62Cz9tjGk1I--Ghok...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTD9WPH4ogYu9SVqYJ816uN_uovUl0rXGwfpclRvVkaqh77D4pbOie6tJ62Cz9tjGk1I--GhokhPjt0_sqj5eCWNwRsY3nb1A&google_hm=gYqb9hLsRa-LotX...

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTD9WPH4ogYu9SVqYJ816uN_uovUl0rXGwfpclRvVkaqh77D4pbOie6tJ62Cz9tjGk1I--GhokhPjt0_sqj5eCWNwRsY3nb1A&google_hm=gYqb9hLsRa-LotXlT4-NGkk

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 17:37:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Nov 2023 17:37:09 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTD9WPH4ogYu9SVqYJ816uN_uovUl0rXGwfpclRvVkaqh77D4pbOie6tJ62Cz9tjGk1I--GhokhPjt0_sqj5eCWNwRsY3nb1A&google_hm=gYqb9hLsRa-LotXlT4-NGkk
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 4758 43 B
147 B 36ms
8ms Image
image/gif 3.66.82.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEG9mc1UbcGFg9mm4bKSSSNY&google_cver=1&google_push=AXcoOmSqigCjc2EVNgUmQQub5XOgGu9zeVz1_tv8MI1xKOX1PDeyTTt7GICjCKL6E7C5zPSYrktWVsBVihWaQbny6cQubmSm1avwPAY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.82.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-82-152.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 17:37:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4758
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEPlGRohLAzl5vex-rUyS5k&google_cver=1&google_push=AXcoOmQIxnmcjYb4mfOKi__dDwTHwt1jhUuEINhD4YUiJA4tAuLVrNIZXX7umm7GE8PmFn8wWndnPoYRpgUKM69yOa-0WEh...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQIxnmcjYb4mfOKi__dDwTHwt1jhUuEINhD4YUiJA4tAuLVrNIZXX7umm7GE8PmFn8wWndnPoYRpgUKM69yOa-0WEhGFpnwIw&google_hm=eS1ZeXBvTGlGRTJwRVhH...

170 B
188 B

18ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQIxnmcjYb4mfOKi__dDwTHwt1jhUuEINhD4YUiJA4tAuLVrNIZXX7umm7GE8PmFn8wWndnPoYRpgUKM69yOa-0WEhGFpnwIw&google_hm=eS1ZeXBvTGlGRTJwRVhHa3dXdzhQLmhZRjZlS01XLjRZMn5B

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 17:37:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 30 Nov 2023 17:37:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQIxnmcjYb4mfOKi__dDwTHwt1jhUuEINhD4YUiJA4tAuLVrNIZXX7umm7GE8PmFn8wWndnPoYRpgUKM69yOa-0WEhGFpnwIw&google_hm=eS1ZeXBvTGlGRTJwRVhHa3dXdzhQLmhZRjZlS01XLjRZMn5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 4758 43 B
363 B 46ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT-_tuo1xYtH6MTZL7ZdwrktUR3kTXtjlzRYiS74FQird1PX8ANAgrSmsDJCO3agchB6qW6IT6rUx9gjtAuGyXLWii0wiThHOA&google_gid=CAESEEKMj1C3pmHprzIPY9DXtrc&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 17:37:09 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 190968
expires: Thu, 30 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4758
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGz2bkL6-p1YMqwnmewTaVU&google_cver=1&google_push=AXcoOmSy_pKWsgjGe0dzIm0NN9qfM0XM6nRHP6ngqcr2FMtESYJV9k2qxfnQq5W2AusapFHItPgyfnNphrZo...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSy_pKWsgjGe0dzIm0NN9qfM0XM6nRHP6ngqcr2FMtESYJV9k2qxfnQq5W2AusapFHItPgyfnNphrZoJ_QE8hXAW7OkpONM-O8

170 B
188 B

18ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSy_pKWsgjGe0dzIm0NN9qfM0XM6nRHP6ngqcr2FMtESYJV9k2qxfnQq5W2AusapFHItPgyfnNphrZoJ_QE8hXAW7OkpONM-O8

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 17:37:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSy_pKWsgjGe0dzIm0NN9qfM0XM6nRHP6ngqcr2FMtESYJV9k2qxfnQq5W2AusapFHItPgyfnNphrZoJ_QE8hXAW7OkpONM-O8
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4758 0
12 B 18ms
18ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KdyuakIAgVTH2wGmLqRT52MIXf9X1cAVDD0IZyoBuDBjwPbEY0U1Cd-J_oJ4nW7UFAEQiH

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 17:37:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 6408 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a247c3fed9b7632b4259e3c7dec617b6557a2c2d571fc65752574a102001f55d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6408 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 08:19:38 GMT
x-content-type-options: nosniff
age: 465451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 08:19:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6408 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 446400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 13:37:09 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6408
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CHRSERchoZbu-AYG8gAPPxZmYDse74fxy9-qjnvkKro-4vdQ2EAEg08HMY2CV4pCCoAegAbSqyO8DyAEJqQI-vRN07VSyPqgDAcgDywSqBNgBT9AA8aHYCNvXgN2HzVF5FchB1jcaboG-AUD...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213451901054381312762%22,%22debug_reporting%22:true,%22destination%22:%22https://lensation.de%22,%22event_report_window%22:...

0
0

71ms
41ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213451901054381312762%22,%22debug_reporting%22:true,%22destination%22:%22https://lensation.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221039275316%22],%224%22:[%2211-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214946261242886804097%22}&andc=true

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 17:37:10 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13451901054381312762","debug_reporting":true,"destination":"https://lensation.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1039275316"],"4":["11-30"],"6":["true"]},"priority":"500","source_event_id":"14946261242886804097"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 30 Nov 2023 17:37:10 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 30 Nov 2023 17:37:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13451901054381312762","debug_reporting":true,"destination":"https://lensation.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1039275316"],"4":["11-30"],"6":["true"]},"priority":"500","source_event_id":"14946261242886804097"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js Show response
pagead2.googlesyndication.com/bg/ Frame AEAA 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4eb4e63b89c3a63555afd424180e8f44f0d362dc5e8c5edacbab9c035706b363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:19:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 227875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15224
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 02:19:14 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 41ms
40ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 30 Nov 2023 17:37:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231128&jk=932257012118522&bg=!3t2l3ZLNAAaGYW-ApmE7ADQBe5WfOJkz1pj3Alzp2ZMRGoFmxKBKCD3ueqPoDMHefutB_lY1lBmyKlgMlEJD3YC-i0uwAgAAAFpSAAAAAmgBB5kCxD1k289YADZ55nxhx99yL2RKKA9OUv67NFZB5hKsl9-pI9vq0pVilysNeyvOT7bh5xh9nHnWquBtmE_RYM1VZj85e-zT3wqyFC1joRaryHjTqwCg9G2XdnSJ5peo_NpS9QqdTUIYTH0UL52odauAFxmZLAIbvH4VNxY4aBDU2eKoIVMfZPouqqlpmDPaZ_N5V75et2_J_zRtKa3jX0MMJ6MieBB_nClAdfRyiWaQ3sRibKuvyj719SMt_pT5mcV1wIUKiE2CJJD-BNdzPxIHAYzvE9GFLsFp5OSoDd_jBnYPyZC3vBf8M43FAaGbhn9mwhvaUOLpYMjDQdbpZOai2v5bJEjUyy--4XPE3KSawE_T3AU8TcHctC2-JDURE-KgPs5sdQg3DFo2TlKbPaGyFYSP_0e1sOJWzjjXaM3t5mnMp0BgkjCjLWON1wviiQ0XyD8ZFzJPzjB1CmVAiZRJPm7cYB4rhc44wKnJjefTzkU9O9j6kGNpJRUxvQpC6TTvKhzdUl3aKrkrUADwNV_ir3kDythSrw7_edTTuhJoqu9NaGKacwf1AC9EH0ITPFDZPYbUJBcA0RcFk3dB4TdKkc2A_71szdC3HbMpqLX050z4v30KcSzMgCIOyktY8-5EeUCGnDCnVrCzxWMvggFBHtRiXVy-HjEzCQ73VpMyiKeUcskVC6ueP-PvtHDbk2CQ4q7__ZB9Fmyy3MDodatE24FeMc5yTn699QBHirf6yIb_K2jQWY_DKeoOtm2h4-GVswvvn2Q71fDo_rZyzNKeEj_R5rc4ADmpX0LlTDMgjuTMggzNc8v-vOdZxRTl8kF6qfw8byQW9d4857GsKDT_8xaQaKeOwn-I6bp_hZnrG3b1Tw4-nyAeb8RmHf7y3MbbJN1xd3OZCeuoQYLv5_Hm_MNsVCUKENMaa4dv4Dv3NPYcyCj2Jg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leiloesfinancas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.leiloesfinancas.com/	1970-01-21 01:57:41	Name: __gads Value: ID=7fd15fa361dfc858:T=1701365828:RT=1701365828:S=ALNI_MYjsYJFwKemt6hmIbVH-kCamVSsSQ
.leiloesfinancas.com/	1970-01-21 01:57:41	Name: __gpi Value: UID=00000ce1e7ae4607:T=1701365828:RT=1701365828:S=ALNI_MY0WVjevbXQ1fSZyxPIkhtDpLFCbg
.blismedia.com/	1970-01-21 01:21:45	Name: b Value: 6568C8459C7B10962060F442BLIS
.quantserve.com/	1970-01-20 18:45:41	Name: d Value: EHQBCQHGKoEA
.quantserve.com/	1970-01-21 02:06:20	Name: mc Value: 6568c845-be1de-a0239-478ae
.simpli.fi/	1970-01-21 01:23:08	Name: suid Value: 6A291D552F234AB78CE9E202F7E7A02C
.turn.com/	1970-01-20 20:55:17	Name: uid Value: 7531902108198931287
.adform.net/	1970-01-20 17:19:17	Name: C Value: 1
.doubleclick.net/	1970-01-21 01:57:41	Name: IDE Value: AHWqTUk2GWIxMWcQ-JbM_GMV6aWVqZPH5FOb2tvM12UM-_bVYjEBnDpgqj5MS0JgOlE
.adform.net/	1970-01-20 18:02:29	Name: uid Value: 6073262115459781063
.ctnsnet.com/	1970-01-21 01:21:41	Name: cid_818a9bf612ec45af8ba2d5e54f8f8d1a Value: 1
.ctnsnet.com/	1970-01-21 01:21:41	Name: gid_CAESEAbdn1JfkEU9-RTu6tuwcW0 Value: 1
.yahoo.com/	1970-01-21 01:22:03	Name: A3 Value: d=AQABBEXIaGUCEFlpP3sS7DiesUUUVX7GR3IFEgEBAQEZamVyZQAAAAAA_eMAAA&S=AQAAAnAvjsKsXeDN92S1VfDAYPY
.googleadservices.com/	1970-01-20 18:45:41	Name: ar_debug Value: 1
.tribalfusion.com/	1970-01-20 18:45:41	Name: ANON_ID Value: aintuJt3er66AxvPBQpBmoT4SrlO3wEtymVm3B1iMUwrQ8DbDwOTmqY5aZaaraxNZc93NYGLXUkjYqZbpqVeIuvEXVZc

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://leiloesfinancas.com/js/modernizr.custom.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ipac.ctnsnet.com
leiloesfinancas.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
r.turn.com
s.tribalfusion.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.184.226
172.217.16.194
178.250.1.9
195.201.124.227
2001:678:cb4:bbbb::11
2606:4700::6812:19ad
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:800::2004
2a00:1450:4001:808::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a05:d018:d29:3602:1c33:a9c0:1eba:a0fe
3.33.220.150
3.66.82.152
34.96.105.8
35.186.193.173
35.204.158.49
37.157.6.254
51.89.9.251
017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7
08d26d1914e042c874ab5b6fc8a857e73e9eb4180b63901570a3cacc1cf6e622
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
122b116a6724299f61531803a1c77758b73d96c4b975e6bad3cf57a611693fa0
13a49ce9a4039220071f76fa220adc75ce8cc84064a952876401bff64c23a5a7
179ee19005026bab9f69ce52fed225c15f846d5cb2ddd1b8ad04f1499e574d77
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1b006442e7c69aed587f4cb3a26f8831c0941dd7e291392f1e51cb36a8a61333
1eee861586ec33f0318d6604c3cbcf9879e2dd4f7705f58c1df4177af853d98f
24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
39a07fe6ddf174bdf8c183d589da8f435a802f2341db30e4711a058264ccd03e
3b858da456434225d9e2c9e3b8b5cb3ea75fb7fd4d79f00aa4bda8756738376d
3bf12b59b98704dce5fdfd3ded0cfcdfcabdee539dee8f000d272dfdd4c79a98
401bb80801cb33885602cb55a76f4ba462d06b37e10ea8ae692a9f4f09cc8052
41af969ee00e8132a0040094db2b1a79a15b4d9b7e2bb485012970fdf7b5c455
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42d336001666b35f678b69b1e129c3a708cc3574870b3750284724418fe2475f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb4e63b89c3a63555afd424180e8f44f0d362dc5e8c5edacbab9c035706b363
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60b99f13fd4a5c1826fbc83dd8209f6c92c3fccf834238078e031f689d333738
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
639c6bb2d4729d9196b06b310edf06fbe4bad998ce91c74e1283e76e3d1ed9d7
660748eda41a229748847270b9135bc58aea798a68e3cb34619715c047336c70
66d1e635446b81e17df574f071d835e5a46010434dac51077f16312c3e9b078e
6cd86c6340b87c80f3f60c6475619c1353eb3be682215500d67b78b3b935cd6d
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f
7adfdfe31d45a8e01a56b74eb9965a4a2135b317099bdc63c2e231d68fd65ad7
7d4adb5e9401f2d3c71467d1c2ab1a153e5b65fdc1d9f90ba7504fd700d7fac6
800d1485b88577a6ff06c5af3e753433b52398c8e90d7f1e8d36f351e3995f59
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
939c781c4dc90a51b8de213be6f4217b0fed3def8412881ee7f82241a86953cb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9d50c5116670be904f9c68558b5e40a9a167b08d8565268f06c80843c9835e99
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a13d0c4daecdb4cfaf9875bc1e146bc11b72b483a12195cb536fdc485a7fbe84
a247c3fed9b7632b4259e3c7dec617b6557a2c2d571fc65752574a102001f55d
a5a5a4bc8dc82bf80c23b9e98d6cee59a16a9197ef2d2ce25f9fa43a45dcc34b
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b21c21346ca5a7c9ec1f1cf5a599ef300ec1bd4dacde285a17e59043c20c2339
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e
c629de9ada89b5f68c65bcfcbcb3a229f135f36f903e73325b58a9a04c74ed07
c62cf063fdcf1a931187196cbbc50783ff4c9a5fbcf55ba058c77aaf28ca28b2
c942686010e285633d77a24341c43850ccd6162fcc7e8281ae8a70c2921a9af5
caabf67518fb946b780b8c2992984609f2d037576fa7b8744cf5c7de2ce063d0
cfdaac1471892b9227870749fb27101ec5a63f74d5ceb7c0d404a7fec1e7ccb6
db69ea4ed47f5e79aab92365cb35aa72ba4ce447100965c200795059d29bf4ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e9ea472727054d04fac60a4545bceaf2918cda50c57d2e0da6923e4a6ca6dfce
eb2978d7e1d56f151949778abaf673c6b0660aad3abc1e485b10e416894cb4d5
f146ff6ac66c7849db6f35786ef6517a4e2e63a1c2dc8d8e74e3a9ba48c4f316
f61455a4f3be1147f7c84264c10e68d780245e4cc3e9d77147623e39fa2a82a9
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f8b1198c325007cee162dc6f3eb6c5b0194f35f073fdff938fe0e0465a11ac41

leiloesfinancas.com Open in urlscan Pro 195.201.124.227 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

107 Requests

67 %HTTPS

52 %IPv6

20 Domains

25 Subdomains

19 IPs

7 Countries

2057 kBTransfer

3703 kBSize

15 Cookies

123 Outgoing links

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

leiloesfinancas.com Open in urlscan Pro
195.201.124.227 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

67 %
HTTPS

52 %
IPv6

20
Domains

25
Subdomains

19
IPs

7
Countries

2057 kB
Transfer

3703 kB
Size

15
Cookies

107 HTTP transactions
2 data transactions