URL: http://leiloesfinancas.com/
Submission: On November 30 via api from US — Scanned from DE

Summary

This website contacted 19 IPs in 7 countries across 20 domains to perform 107 HTTP transactions. The main IP is 195.201.124.227, located in Germany and belongs to HETZNER-AS, DE. The main domain is leiloesfinancas.com.
This is the only time leiloesfinancas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 195.201.124.227 24940 (HETZNER-AS)
14 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 10 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 4 2001:678:cb4:... 56396 (AMOBEE)
2 9 142.250.184.226 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.204.158.49 396982 (GOOGLE-CL...)
1 3.33.220.150 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
2 2 37.157.6.254 198622 (ADFORM)
4 172.217.16.194 15169 (GOOGLE)
1 1 35.186.193.173 15169 (GOOGLE)
1 3.66.82.152 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 178.250.1.9 44788 (ASN-CRITE...)
1 1 51.89.9.251 16276 (OVH)
107 19
Apex Domain
Subdomains
Transfer
35 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
606 KB
20 leiloesfinancas.com
leiloesfinancas.com
836 KB
19 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
153 KB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
215 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
5 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
r.turn.com — Cisco Umbrella Rank: 3570
2 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
191 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
1 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
388 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 550
363 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
717 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
147 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 4999
611 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1618
174 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
150 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
717 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
465 B
107 20
Domain Requested by
21 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
20 leiloesfinancas.com leiloesfinancas.com
14 pagead2.googlesyndication.com leiloesfinancas.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
10 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
9 cm.g.doubleclick.net 2 redirects googleads.g.doubleclick.net
7 www.gstatic.com googleads.g.doubleclick.net
5 fonts.gstatic.com fonts.googleapis.com
5 fonts.googleapis.com leiloesfinancas.com
googleads.g.doubleclick.net
4 www.googleadservices.com
3 www.googletagservices.com googleads.g.doubleclick.net
3 www.google.com tpc.googlesyndication.com
googleads.g.doubleclick.net
2 c1.adform.net 2 redirects
2 s.tribalfusion.com
2 a.tribalfusion.com 2 redirects
2 r.turn.com googleads.g.doubleclick.net
2 ad.turn.com 2 redirects
1 onetag-sys.com 1 redirects
1 dis.criteo.com googleads.g.doubleclick.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 x.bidswitch.net googleads.g.doubleclick.net
1 ipac.ctnsnet.com 1 redirects
1 tr.blismedia.com googleads.g.doubleclick.net
1 match.adsrvr.org googleads.g.doubleclick.net
1 um.simpli.fi 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
107 25

This site contains links to these domains. Also see Links.

Domain
vendas.portaldasfinancas.gov.pt
www.facebook.com
www.templatewire.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
quantserve.com
R3
2023-10-28 -
2024-01-26
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
tr.blismedia.com
GTS CA 1D4
2023-10-04 -
2024-01-02
3 months crt.sh
*.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2023-12-23
3 months crt.sh

This page contains 17 frames:

Primary Page: http://leiloesfinancas.com/
Frame ID: 4C1226E71B9AC0CE010238394F024936
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/zrt_lookup_fy2021.html
Frame ID: 7D7243990CC8A6492C0668FEE7C31CF1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&adk=2020088507&adf=637443794&lmt=1522856452&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1701365827473&bpp=2&bdt=87&idt=194&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4203965407633&frm=20&pv=2&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=210
Frame ID: 426A3CDCF56F3CE15B65B601E66E6562
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Frame ID: 3CAE622F07E1987D8FB28DE11ADDB75C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Frame ID: 64085E424BC7CD70B83BFB9F3EA2D405
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=203374720&adf=3978676269&pi=t.aa~a.2674988853~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1140x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=2652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=7
Frame ID: F2B2659715BE8DFAF2BE269D1D82EE32
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=2896271574&pi=t.aa~a.1338058185~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=0&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1140x280&nras=5&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=9
Frame ID: BC79E6E7D7B03AB5203EC23D9181F0F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=3526253708&pi=t.aa~a.816752825~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1140x280%2C1200x280&nras=6&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=11
Frame ID: 704487936CF2343F3B2CDC828DB4D089
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: E57EF5FB5A1981A5DA784AEF13268853
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B9B02B845B5C9A3DA64E2EB6C2BFAAD2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B16DEFABDD7739503D5ED10515BBD68C
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Frame ID: B440D042AC86FD32EEF065C8388F3BA3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js
Frame ID: CC579EEAD4BDC2B70B52DF9C49104D24
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 178EC4E84B0AFEF2E10A610828D9F1BD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js
Frame ID: 950818AB2068CF1B560A8E6BE1F14A58
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4758D672010DBD1317EEB342882E64E5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js
Frame ID: AEAA8A7A9052E9B82ABCC1B8A18931C4
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Venda de Bens Penhorados das Finanças

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • (?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)
  • jquery\.prettyPhoto\.js

Page Statistics

107
Requests

67 %
HTTPS

52 %
IPv6

20
Domains

25
Subdomains

19
IPs

7
Countries

2057 kB
Transfer

3703 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESECxM1UXB-1it2huTYwxKJEE&google_cver=1&google_push=AXcoOmT0SZddOuXtpTCNlKoNik7w7cro1FipH6a9ALWEp7kXYpti6SS3Bzur0KT8urrAkq6EM7Vdqw2WyGNd8mB_QxTZ5wHqS5GuLRrd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUzMTkwMjEwODE5ODkzMTI4Nw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECxM1UXB-1it2huTYwxKJEE&google_cver=1
Request Chain 71
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBxnZlCH-4ElEXEOPTZVipQ&google_cver=1&google_push=AXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6vSsvLu&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6vSsvLu%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBxnZlCH-4ElEXEOPTZVipQ&google_cver=1&google_push=AXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6vSsvLu&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTb2CgpFtDGdkLBogDxhbCYmLokcpSGx4WYTLvbrUEBGVJk_r56H8kJRYF_CHQyqQ0OCVO8gUhaU67zPp7l8c0haUZh-6vSsvLu%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 72
  • https://um.simpli.fi/gp_match?google_gid=CAESEJFgu52s1X__Mps3u9qU8Hg&google_cver=1&google_push=AXcoOmRQ8wG9JTXHWZCPjrvysTDPRpgy4Qd7505YlnqYXhwsx4m1MX-ueb01JmINqwMWZR1gb0cz23yEtUuEcjh9eVUbwXMZSFdEEWar HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6A291D552F234AB78CE9E202F7E7A02C&google_push=AXcoOmRQ8wG9JTXHWZCPjrvysTDPRpgy4Qd7505YlnqYXhwsx4m1MX-ueb01JmINqwMWZR1gb0cz23yEtUuEcjh9eVUbwXMZSFdEEWar
Request Chain 75
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPsEIIaHGSS6pxvLg41gnr0&google_cver=1&google_push=AXcoOmQWVRcDoM2hlvTYWH3N-m15TGSGjC9wKOPRzf1PUuB56u3WoloDYFWQlqvNAPsmbqaFmhewq_F87sYT9FyPiHk3ruq1kv_AWhE HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPsEIIaHGSS6pxvLg41gnr0&google_cver=1&google_push=AXcoOmQWVRcDoM2hlvTYWH3N-m15TGSGjC9wKOPRzf1PUuB56u3WoloDYFWQlqvNAPsmbqaFmhewq_F87sYT9FyPiHk3ruq1kv_AWhE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA3MzI2MjExNTQ1OTc4MTA2Mw&google_push=AXcoOmQWVRcDoM2hlvTYWH3N-m15TGSGjC9wKOPRzf1PUuB56u3WoloDYFWQlqvNAPsmbqaFmhewq_F87sYT9FyPiHk3ruq1kv_AWhE
Request Chain 79
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C3AhxRchoZar6AemZ7OsPxrye4AqaxcPFdNvgw6yBEur5hqCxGhABINPBzGNgleKQgqAHoAHElc2bKsgBCagDAcgDywSqBM8BT9D411Ys3tk2veXTCV7ew9h2UVK9TiHbO8K1BZTum57ovHG-QdyI4M1NlY8JCxuyMRH4NnzKkF-Y0Z9fF75w4MU8ZU6tUd5uPNjKP2XH-DDky0RenfASW2Ti3_Z--oxADI08yqS_rD9wfEY8L2kOjv-5g7tL84A-P8TFRgWJc7OMs6CNG8JFhd00OOra-1YkLnTDr8Ag1B2d2TpX9foQxQ6jFee19Be2ykE6k8TfAxblYnly2CaN_bxDLX7YwRrAy6G09DdNwf4wjOPSGBXRwASksu_D4QSIBbXa1JZNkgUECAQYAZIFBAgFGASgBi6AB8TNnfsEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQiugD0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljE7PTOoeyCA5oJrgFodHRwczovL3d3dy5oZWxwd2lyZS5jb20vYXJ0aWNsZXM_Y29udD1oZzEmcT1MYXcrZmlybStiaWxsaW5nK3NvZnR3YXJlJnNyYz1tZyZnY2g9VDAwMDEyMTQmdmlzaXRvcl9pZD0lN0JnY2xpZCU3RF9fX18lN0JwbGFjZW1lbnQlN0QmbGlua19rZXk9NTI1ZTM3YTlkYzAwODRmODFmMDMwZTU3MzA5YzQxNzSACgHICwGiDBQqEgoQ5LSxAu61sQK1uLECu7uxArgT5APYEwyIFAPQFQGAFwGyFxwKGggAEhRwdWItNzQ0MTkzNDExNjE3NjI3MRgA&sigh=5hwNcyOwI8Y&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNi1bX5lZz9bnKFQD-RT1XN_gky-f1BLFJtxS1GpmqrLop7qOtgc4BEjyhNlLKrcwXJcMnBIBy5xgB&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224954648161754984983%22,%22debug_reporting%22:true,%22destination%22:%22https://helpwire.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211332176580%22],%224%22:[%2211-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210588982033124491553%22}&andc=true
Request Chain 93
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBH4gm7lKML_sGPple9J-Vs&google_cver=1&google_push=AXcoOmR9RJczOoH83ChXDSdNFmOSQeDMJ4XBFyW-hc94VtQMUIM98jl8sAXWJ69JJm8UQxxD9YirKnCAW_mTDE1Ra80P1RcRFbHE4g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUzMTkwMjEwODE5ODkzMTI4Nw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBH4gm7lKML_sGPple9J-Vs&google_cver=1
Request Chain 94
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEF2r0GkRXfiG9Ehcj_MhEyM&google_cver=1&google_push=AXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BUxYdU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BUxYdU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF2r0GkRXfiG9Ehcj_MhEyM&google_cver=1&google_push=AXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BUxYdU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ06Icea7HBfiKNecT-IHAoT4gPpgUJd4MvR9jkYa7TPA_hBF0Gwdr1GmD4Oso_teaP_7NzYetOl8DLlSTEjH9dS8339BUxYdU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 95
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEAbdn1JfkEU9-RTu6tuwcW0&google_cver=1&google_push=AXcoOmTD9WPH4ogYu9SVqYJ816uN_uovUl0rXGwfpclRvVkaqh77D4pbOie6tJ62Cz9tjGk1I--GhokhPjt0_sqj5eCWNwRsY3nb1A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTD9WPH4ogYu9SVqYJ816uN_uovUl0rXGwfpclRvVkaqh77D4pbOie6tJ62Cz9tjGk1I--GhokhPjt0_sqj5eCWNwRsY3nb1A&google_hm=gYqb9hLsRa-LotXlT4-NGkk
Request Chain 97
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEPlGRohLAzl5vex-rUyS5k&google_cver=1&google_push=AXcoOmQIxnmcjYb4mfOKi__dDwTHwt1jhUuEINhD4YUiJA4tAuLVrNIZXX7umm7GE8PmFn8wWndnPoYRpgUKM69yOa-0WEhGFpnwIw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQIxnmcjYb4mfOKi__dDwTHwt1jhUuEINhD4YUiJA4tAuLVrNIZXX7umm7GE8PmFn8wWndnPoYRpgUKM69yOa-0WEhGFpnwIw&google_hm=eS1ZeXBvTGlGRTJwRVhHa3dXdzhQLmhZRjZlS01XLjRZMn5B
Request Chain 99
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGz2bkL6-p1YMqwnmewTaVU&google_cver=1&google_push=AXcoOmSy_pKWsgjGe0dzIm0NN9qfM0XM6nRHP6ngqcr2FMtESYJV9k2qxfnQq5W2AusapFHItPgyfnNphrZoJ_QE8hXAW7OkpONM-O8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSy_pKWsgjGe0dzIm0NN9qfM0XM6nRHP6ngqcr2FMtESYJV9k2qxfnQq5W2AusapFHItPgyfnNphrZoJ_QE8hXAW7OkpONM-O8
Request Chain 104
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CHRSERchoZbu-AYG8gAPPxZmYDse74fxy9-qjnvkKro-4vdQ2EAEg08HMY2CV4pCCoAegAbSqyO8DyAEJqQI-vRN07VSyPqgDAcgDywSqBNgBT9AA8aHYCNvXgN2HzVF5FchB1jcaboG-AUDW4vJvEHjD51U4fgzE_ekJla1MHRZbml_IH_RbG6NJPisWpQ9nRisXkQNFRdVw0kWzpFN47zwI2hGmfZKEJQ8V-iM9u2lFeqlJRMVEY86suR71gwBI5ziH4ID41BY3Gs5dkeMb_Ql43yrpI-MFA1cyxmh1V2onnv4I2riVxJOX5TzdL9XR0WGCGyFctkz0n1rBzG6H7WytRT_Y-LyUO0cREwQyx9x5qQ-HEi_vfVboGluYrmLRLeL83giAZs_8wAS5ssq55AKIBcisi-EikgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7TVtxCoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCF1gTSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIu39M6h7IIDmgkYaHR0cHM6Ly93d3cubGVuc2F0aW9uLmRlgAoByAsBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxArgT5APYEwyIFALQFQGYFgGAFwGyFxwKGggAEhRwdWItNzQ0MTkzNDExNjE3NjI3MRgA&sigh=B5f5QpIQgno&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNG0fK0i4_PmyQ-0Mbx9TGGDlJcK4fPI5XzoES8EHeSuzePg3kfI-rIpzb80rxQ1Ay4vIPboJ6GAE&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213451901054381312762%22,%22debug_reporting%22:true,%22destination%22:%22https://lensation.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221039275316%22],%224%22:[%2211-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214946261242886804097%22}&andc=true

107 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
leiloesfinancas.com/
11 KB
11 KB
Document
General
Full URL
http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
939c781c4dc90a51b8de213be6f4217b0fed3def8412881ee7f82241a86953cb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
close
Content-Length
10789
Content-Type
text/html
Date
Thu, 30 Nov 2023 17:37:07 GMT
ETag
"5ac4f204-2a25"
Last-Modified
Wed, 04 Apr 2018 15:40:52 GMT
Server
nginx/1.12.2
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
151 KB
55 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
caabf67518fb946b780b8c2992984609f2d037576fa7b8744cf5c7de2ce063d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
55970
X-XSS-Protection
0
Server
cafe
ETag
12499261533008328120
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600
Timing-Allow-Origin
*
Expires
Thu, 30 Nov 2023 17:37:07 GMT
bootstrap.css
leiloesfinancas.com/css/
138 KB
139 KB
Stylesheet
General
Full URL
http://leiloesfinancas.com/css/bootstrap.css
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
c942686010e285633d77a24341c43850ccd6162fcc7e8281ae8a70c2921a9af5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-22936"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
141622
font-awesome.css
leiloesfinancas.com/fonts/font-awesome/css/
28 KB
28 KB
Stylesheet
General
Full URL
http://leiloesfinancas.com/fonts/font-awesome/css/font-awesome.css
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:56 GMT
Server
nginx/1.12.2
ETag
"5abb796c-704b"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
28747
style.css
leiloesfinancas.com/css/
11 KB
11 KB
Stylesheet
General
Full URL
http://leiloesfinancas.com/css/style.css
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
179ee19005026bab9f69ce52fed225c15f846d5cb2ddd1b8ad04f1499e574d77

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-2bc8"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
11208
prettyPhoto.css
leiloesfinancas.com/css/
19 KB
20 KB
Stylesheet
General
Full URL
http://leiloesfinancas.com/css/prettyPhoto.css
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
c629de9ada89b5f68c65bcfcbcb3a229f135f36f903e73325b58a9a04c74ed07

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-4d2d"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
19757
css
fonts.googleapis.com/
13 KB
1 KB
Stylesheet
General
Full URL
http://fonts.googleapis.com/css?family=Open+Sans:400,700,800,600,300
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6cd86c6340b87c80f3f60c6475619c1353eb3be682215500d67b78b3b935cd6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Thu, 30 Nov 2023 17:37:07 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Thu, 30 Nov 2023 17:37:07 GMT
modernizr.custom.js
leiloesfinancas.com/js/
0
0
Script
General
Full URL
http://leiloesfinancas.com/js/modernizr.custom.js
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Server
nginx/1.12.2
Connection
close
Content-Length
571
Content-Type
text/html
preloader.gif
leiloesfinancas.com/img/
4 KB
5 KB
Image
General
Full URL
http://leiloesfinancas.com/img/preloader.gif
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
3bf12b59b98704dce5fdfd3ded0cfcdfcabdee539dee8f000d272dfdd4c79a98

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:55 GMT
Server
nginx/1.12.2
ETag
"5abb796b-11db"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
4571
about.jpg
leiloesfinancas.com/img/
47 KB
47 KB
Image
General
Full URL
http://leiloesfinancas.com/img/about.jpg
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
39a07fe6ddf174bdf8c183d589da8f435a802f2341db30e4711a058264ccd03e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-bca7"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
48295
jquery.1.11.1.js
leiloesfinancas.com/js/
94 KB
94 KB
Script
General
Full URL
http://leiloesfinancas.com/js/jquery.1.11.1.js
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-17629"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
95785
bootstrap.js
leiloesfinancas.com/js/
66 KB
66 KB
Script
General
Full URL
http://leiloesfinancas.com/js/bootstrap.js
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
41af969ee00e8132a0040094db2b1a79a15b4d9b7e2bb485012970fdf7b5c455

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-107da"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
67546
SmoothScroll.js
leiloesfinancas.com/js/
13 KB
14 KB
Script
General
Full URL
http://leiloesfinancas.com/js/SmoothScroll.js
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
08d26d1914e042c874ab5b6fc8a857e73e9eb4180b63901570a3cacc1cf6e622

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-35e3"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
13795
jquery.prettyPhoto.js
leiloesfinancas.com/js/
22 KB
22 KB
Script
General
Full URL
http://leiloesfinancas.com/js/jquery.prettyPhoto.js
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
7d4adb5e9401f2d3c71467d1c2ab1a153e5b65fdc1d9f90ba7504fd700d7fac6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-562c"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
22060
jquery.isotope.js
leiloesfinancas.com/js/
44 KB
44 KB
Script
General
Full URL
http://leiloesfinancas.com/js/jquery.isotope.js
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
9d50c5116670be904f9c68558b5e40a9a167b08d8565268f06c80843c9835e99

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-ae71"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
44657
jquery.parallax.js
leiloesfinancas.com/js/
2 KB
2 KB
Script
General
Full URL
http://leiloesfinancas.com/js/jquery.parallax.js
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
800d1485b88577a6ff06c5af3e753433b52398c8e90d7f1e8d36f351e3995f59

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-723"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1827
jqBootstrapValidation.js
leiloesfinancas.com/js/
35 KB
36 KB
Script
General
Full URL
http://leiloesfinancas.com/js/jqBootstrapValidation.js
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
eb2978d7e1d56f151949778abaf673c6b0660aad3abc1e485b10e416894cb4d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-8d4b"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
36171
contact_me.js
leiloesfinancas.com/js/
3 KB
3 KB
Script
General
Full URL
http://leiloesfinancas.com/js/contact_me.js
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
a5a5a4bc8dc82bf80c23b9e98d6cee59a16a9197ef2d2ce25f9fa43a45dcc34b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-b1c"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
2844
main.js
leiloesfinancas.com/js/
3 KB
3 KB
Script
General
Full URL
http://leiloesfinancas.com/js/main.js
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
66d1e635446b81e17df574f071d835e5a46010434dac51077f16312c3e9b078e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-bdd"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
3037
intro-bg.jpg
leiloesfinancas.com/img/
156 KB
156 KB
Image
General
Full URL
http://leiloesfinancas.com/img/intro-bg.jpg
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/css/style.css
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
a13d0c4daecdb4cfaf9875bc1e146bc11b72b483a12195cb536fdc485a7fbe84

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-26e9e"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
159390
services-bg.jpg
leiloesfinancas.com/img/
80 KB
81 KB
Image
General
Full URL
http://leiloesfinancas.com/img/services-bg.jpg
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/css/style.css
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
7adfdfe31d45a8e01a56b74eb9965a4a2135b317099bdc63c2e231d68fd65ad7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:54 GMT
Server
nginx/1.12.2
ETag
"5abb796a-1414b"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
82251
fontawesome-webfont.woff2
leiloesfinancas.com/fonts/font-awesome/fonts/
55 KB
56 KB
Font
General
Full URL
http://leiloesfinancas.com/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/fonts/font-awesome/css/font-awesome.css
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer
http://leiloesfinancas.com/fonts/font-awesome/css/font-awesome.css
Origin
http://leiloesfinancas.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:07 GMT
Last-Modified
Wed, 28 Mar 2018 11:15:56 GMT
Server
nginx/1.12.2
ETag
"5abb796c-ddcc"
Content-Type
application/octet-stream
Connection
close
Accept-Ranges
bytes
Content-Length
56780
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/
47 KB
48 KB
Font
General
Full URL
http://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,700,800,600,300
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://leiloesfinancas.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 15:44:13 GMT
X-Content-Type-Options
nosniff
Age
6774
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
48432
X-XSS-Protection
0
Last-Modified
Thu, 14 Sep 2023 00:40:31 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 29 Nov 2024 15:44:13 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/
397 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b858da456434225d9e2c9e3b8b5cb3ea75fb7fd4d79f00aa4bda8756738376d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:37:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137282
x-xss-protection
0
server
cafe
etag
9728698683305809927
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 17:37:07 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/ Frame 7D72
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://leiloesfinancas.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
86001
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 17:43:46 GMT
etag
12051592065903069241
expires
Wed, 13 Dec 2023 17:43:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 426A
236 KB
59 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&adk=2020088507&adf=637443794&lmt=1522856452&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1701365827473&bpp=2&bdt=87&idt=194&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4203965407633&frm=20&pv=2&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=210
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b21c21346ca5a7c9ec1f1cf5a599ef300ec1bd4dacde285a17e59043c20c2339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://leiloesfinancas.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
59889
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 17:37:08 GMT
expires
Thu, 30 Nov 2023 17:37:08 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
122 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=preloader&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 17:37:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
57 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=preloader&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 17:37:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
leiloes
195.201.124.227/LeiloesAPI/api.php/
47 KB
47 KB
XHR
General
Full URL
http://195.201.124.227/LeiloesAPI/api.php/leiloes?transform=1&filter=data_leilao,ge,2023/11/30
Requested by
Host: leiloesfinancas.com
URL: http://leiloesfinancas.com/
Protocol
HTTP/1.1
Server
195.201.124.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.227.124.201.195.clients.your-server.de
Software
nginx/1.12.2 / PHP/5.4.16
Resource Hash
f146ff6ac66c7849db6f35786ef6517a4e2e63a1c2dc8d8e74e3a9ba48c4f316

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 17:37:08 GMT
Server
nginx/1.12.2
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://leiloesfinancas.com
Access-Control-Allow-Credentials
true
Connection
close
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231128&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
401bb80801cb33885602cb55a76f4ba462d06b37e10ea8ae692a9f4f09cc8052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:37:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12286
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/
160 KB
55 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1eee861586ec33f0318d6604c3cbcf9879e2dd4f7705f58c1df4177af853d98f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:37:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55848
x-xss-protection
0
server
cafe
etag
7292660813532387720
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 17:37:08 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3CAE
124 KB
42 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8b1198c325007cee162dc6f3eb6c5b0194f35f073fdff938fe0e0465a11ac41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://leiloesfinancas.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42527
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 17:37:09 GMT
expires
Thu, 30 Nov 2023 17:37:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6408
122 KB
41 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=2817713830&adf=538198256&pi=t.aa~a.904239823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
660748eda41a229748847270b9135bc58aea798a68e3cb34619715c047336c70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://leiloesfinancas.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42340
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 17:37:09 GMT
expires
Thu, 30 Nov 2023 17:37:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F2B2
733 B
385 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=203374720&adf=3978676269&pi=t.aa~a.2674988853~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1140x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=2652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
60b99f13fd4a5c1826fbc83dd8209f6c92c3fccf834238078e031f689d333738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://leiloesfinancas.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
360
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 17:37:09 GMT
expires
Thu, 30 Nov 2023 17:37:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BC79
733 B
386 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=2896271574&pi=t.aa~a.1338058185~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=0&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1140x280&nras=5&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db69ea4ed47f5e79aab92365cb35aa72ba4ce447100965c200795059d29bf4ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://leiloesfinancas.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
361
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 17:37:09 GMT
expires
Thu, 30 Nov 2023 17:37:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7044
733 B
383 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=3526253708&pi=t.aa~a.816752825~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1472&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1140x280%2C1200x280&nras=6&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
639c6bb2d4729d9196b06b310edf06fbe4bad998ce91c74e1283e76e3d1ed9d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://leiloesfinancas.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
358
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 17:37:09 GMT
expires
Thu, 30 Nov 2023 17:37:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leiloesfinancas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 17:37:09 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/ Frame E57E
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7441934116176271&plah=leiloesfinancas.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://leiloesfinancas.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
61587
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 00:30:42 GMT
etag
12051592065903069241
expires
Thu, 14 Dec 2023 00:30:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame E57E
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Nov 2023 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 16:29:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Nov 2023 17:37:09 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E57E
205 B
296 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:28:44 GMT
x-content-type-options
nosniff
age
86905
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 28 Nov 2024 17:28:44 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E57E
604 B
1 KB
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:39:41 GMT
x-content-type-options
nosniff
age
82648
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 28 Nov 2024 18:39:41 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/ Frame E57E
16 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:55:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
70886
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6758
x-xss-protection
0
server
cafe
etag
13232977368472197749
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:55:43 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/ Frame E57E
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c62cf063fdcf1a931187196cbbc50783ff4c9a5fbcf55ba058c77aaf28ca28b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:55:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
70886
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9188
x-xss-protection
0
server
cafe
etag
17726137969773036382
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:55:43 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B9B0
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://leiloesfinancas.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
14721
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 13:31:48 GMT
expires
Fri, 29 Nov 2024 13:31:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B16D
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
13a49ce9a4039220071f76fa220adc75ce8cc84064a952876401bff64c23a5a7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aEubT6qd9Nd5xa56-bFFZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://leiloesfinancas.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-aEubT6qd9Nd5xa56-bFFZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 17:37:09 GMT
expires
Thu, 30 Nov 2023 17:37:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js
pagead2.googlesyndication.com/bg/ Frame B9B0
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 13:31:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
14720
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15254
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Nov 2024 13:31:49 GMT
38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js
www.gstatic.com/mysidia/ Frame B440
9 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 14:04:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
531160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4046
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 22 Feb 2024 14:04:29 GMT
7d372031074aa956156fdf66de49b945.js
www.gstatic.com/mysidia/ Frame B440
144 KB
53 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/7d372031074aa956156fdf66de49b945.js?tag=video_mra/web_interstitial_raspberry_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
122b116a6724299f61531803a1c77758b73d96c4b975e6bad3cf57a611693fa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:14:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
580955
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54135
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 22 Feb 2024 00:14:34 GMT
css
fonts.googleapis.com/ Frame B440
21 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C600
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Nov 2023 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 16:33:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Nov 2023 17:37:09 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame B440
2 KB
822 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:53:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
71030
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:53:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/ Frame B440
24 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:53:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
71048
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:53:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame B440
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 13:10:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
15992
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 13:10:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame B440
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:51:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
71110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:51:59 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B440
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Nov 2023 17:37:09 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame B440
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 10:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
199674
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 10:09:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B16D
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231128&jk=932257012118522&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame B9B0
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?P927Yw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:37:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js
pagead2.googlesyndication.com/bg/ Frame CC57
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eb4e63b89c3a63555afd424180e8f44f0d362dc5e8c5edacbab9c035706b363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:19:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
227875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15224
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 02:19:14 GMT
css
fonts.googleapis.com/ Frame 3CAE
4 KB
655 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Nov 2023 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 16:30:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Nov 2023 17:37:09 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 3CAE
2 KB
822 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:53:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
71030
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:53:19 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/13745123224176964170/ Frame 3CAE
174 KB
174 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13745123224176964170/14763004658117789537
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b006442e7c69aed587f4cb3a26f8831c0941dd7e291392f1e51cb36a8a61333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:16:55 GMT
x-content-type-options
nosniff
age
184814
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177884
x-xss-protection
0
last-modified
Sun, 29 Oct 2023 08:17:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 27 Nov 2024 14:16:55 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/10345164013127454634/ Frame 3CAE
1 KB
1 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/10345164013127454634/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfdaac1471892b9227870749fb27101ec5a63f74d5ceb7c0d404a7fec1e7ccb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 14:14:31 GMT
x-content-type-options
nosniff
age
98558
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1218
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 10:50:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 28 Nov 2024 14:14:31 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/ Frame 3CAE
24 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:53:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
71048
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:53:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 3CAE
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7441934116176271&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.3110896001~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1522856452&rafmt=1&to=qs&pwprc=6243586951&format=1200x280&url=http%3A%2F%2Fleiloesfinancas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701365828858&bpp=1&bdt=1471&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4203965407633&frm=20&pv=1&ga_vid=396724432.1701365828&ga_sid=1701365828&ga_hid=709858064&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079721%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=932257012118522&tmod=1531631626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 13:10:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
15992
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 13:10:37 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 178E
1 KB
643 B
Document