creditosaibamais.com Open in urlscan Pro
2606:4700:3032::ac43:d552 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://receitasninja.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZjcmVkaXRvc2FpYmFtYWlzLmNvbSUyRmUtYm9sc2EtZmFtaW...
Effective URL:
https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Submission: On July 08 via manual (July 8th 2023, 10:37:05 am UTC) from BR — Scanned from DE

Summary HTTP 271 Redirects Behaviour Indicators

Summary

This website contacted 53 IPs in 9 countries across 44 domains to perform 271 HTTP transactions. The main IP is 2606:4700:3032::ac43:d552, located in United States and belongs to CLOUDFLARENET, US. The main domain is creditosaibamais.com.
TLS certificate: Issued by E1 on June 11th 2023. Valid for: 3 months.

This is the only time creditosaibamais.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.225.185.243 3.225.185.243	14618 (AMAZON-AES) (AMAZON-AES)
43	2606:4700:303... 2606:4700:3032::ac43:d552	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:925b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:225... 2600:9000:2250:e00:a:e047:753:be1	() ()
4	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:915b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
30	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:440... 2606:4700:4400::6812:2a69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
22	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1 3	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5 22	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:6e4d:34d1:c2b7:b436	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
3 5	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	37.252.171.22 37.252.171.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
4 4	3.123.134.248 3.123.134.248	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	216.52.2.39 216.52.2.39	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 2	54.76.252.247 54.76.252.247	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.154 185.86.138.154	201081 (SMARTADSE...) (SMARTADSERVER)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
1 2	34.248.166.228 34.248.166.228	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:25e... 2600:9000:25e8:2400:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2600:9000:238... 2600:9000:238d:ae00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2600:1f18:1ac... 2600:1f18:1aca:4282:9ade:a558:9541:9e8	14618 (AMAZON-AES) (AMAZON-AES)
1	13.42.188.208 13.42.188.208	16509 (AMAZON-02) (AMAZON-02)
271	53

1 3.225.185.243 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-185-243.compute-1.amazonaws.com

receitasninja.lt.acemlna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2606:4700:3032::ac43:d552 (United States)

ASN13335 (CLOUDFLARENET, US)

creditosaibamais.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

script.joinads.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:925b (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:e00:a:e047:753:be1 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:915b (United States)

ASN13335 (CLOUDFLARENET, US)

prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2a69 (United States)

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.185.194 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:6e4d:34d1:c2b7:b436 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.89.9.254 (London, United Kingdom) 3 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.22 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.123.134.248 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-134-248.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.252.247 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-252-247.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.166.228 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-166-228.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25e8:2400:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:238d:ae00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f18:1aca:4282:9ade:a558:9541:9e8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.42.188.208 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-188-208.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	creditosaibamais.com creditosaibamais.com	942 KB
42	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	372 KB
40	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 130 cm.g.doubleclick.net — Cisco Umbrella Rank: 254 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 346	304 KB
30	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	966 B
18	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 325	346 KB
12	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 951 static.adsafeprotected.com — Cisco Umbrella Rank: 624 dt.adsafeprotected.com — Cisco Umbrella Rank: 542	100 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	400 KB
11	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	1 MB
10	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 30069 ad4m.at — Cisco Umbrella Rank: 9754 assets.ad4m.at — Cisco Umbrella Rank: 41291	143 KB
8	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	2 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 391	110 KB
5	onetag-sys.com 3 redirects onetag-sys.com — Cisco Umbrella Rank: 857	1 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	5 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	2 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 257 secure.adnxs.com — Cisco Umbrella Rank: 469	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635	3 KB
4	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1385 google-bidout-d.openx.net — Cisco Umbrella Rank: 1388 rtb.openx.net — Cisco Umbrella Rank: 982	994 B
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1623 www.google-analytics.com — Cisco Umbrella Rank: 63	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	277 KB
3	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 893 s.tribalfusion.com — Cisco Umbrella Rank: 1946	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	169 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 405 mug.criteo.com — Cisco Umbrella Rank: 2102	7 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 422	952 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2409	814 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 782	1 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 862	828 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 633	1 KB
2	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481 ups.analytics.yahoo.com — Cisco Umbrella Rank: 338	841 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 981	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 4752	563 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 808 id5-sync.com — Cisco Umbrella Rank: 423	25 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 169 partner.googleadservices.com — Cisco Umbrella Rank: 1129	3 KB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 8567 prism.app-us1.com — Cisco Umbrella Rank: 8653	8 KB
2	joinads.me script.joinads.me — Cisco Umbrella Rank: 549203	2 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 39920
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 822	441 B
1	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 148578	103 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 922	75 B
1	trackcmp.net trackcmp.net — Cisco Umbrella Rank: 8875	315 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1516	2 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 568	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1568	8 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	878 B
1	acemlna.com 1 redirects receitasninja.lt.acemlna.com	272 B
271	44

	Domain	Requested by
43	creditosaibamais.com	creditosaibamais.com
30	www.facebook.com	creditosaibamais.com
22	cm.g.doubleclick.net	5 redirects 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com creditosaibamais.com googleads.g.doubleclick.net
21	pagead2.googlesyndication.com	creditosaibamais.com pagead2.googlesyndication.com 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net
18	s0.2mdn.net	creditosaibamais.com s0.2mdn.net
17	tpc.googlesyndication.com	creditosaibamais.com 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
11	connect.facebook.net	creditosaibamais.com connect.facebook.net
9	securepubads.g.doubleclick.net	creditosaibamais.com securepubads.g.doubleclick.net 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
8	dt.adsafeprotected.com	6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com creditosaibamais.com
8	www.gstatic.com	creditosaibamais.com 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com script.joinads.me
7	www.google.com	1 redirects creditosaibamais.com 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.googletagmanager.com 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	onetag-sys.com	3 redirects creditosaibamais.com 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
5	fonts.googleapis.com	creditosaibamais.com 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4	x.bidswitch.net	4 redirects
4	ad4m.at	as.ad4m.at ad4m.at
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	as.ad4m.at	6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com as.ad4m.at ad4m.at
4	6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagmanager.com	creditosaibamais.com www.googletagmanager.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	creditosaibamais.com 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
2	assets.ad4m.at	as.ad4m.at
2	static.adsafeprotected.com	6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	creditosaibamais.com
2	eb2.3lift.com	2 redirects
2	fw.adsafeprotected.com	1 redirects creditosaibamais.com
2	match.360yield.com	2 redirects
2	ap.lijit.com	2 redirects
2	cms.quantserve.com	1 redirects 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
2	c1.adform.net	2 redirects
2	um.simpli.fi	2 redirects
2	a.tribalfusion.com	1 redirects 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects creditosaibamais.com
2	www.google.de	creditosaibamais.com
2	region1.google-analytics.com	www.googletagmanager.com
2	script.joinads.me	creditosaibamais.com script.joinads.me
1	track.webgains.com	as.ad4m.at
1	secure.adnxs.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	prod-rtb.ad4mat.net	6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
1	ssbsync.smartadserver.com	6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
1	rtb.openx.net	6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
1	ups.analytics.yahoo.com	6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	s.tribalfusion.com	creditosaibamais.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	trackcmp.net	diffuser-cdn.app-us1.com
1	mug.criteo.com	creditosaibamais.com
1	id5-sync.com	cdn.id5-sync.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	www.googleadservices.com	www.googletagmanager.com
1	diffuser-cdn.app-us1.com	creditosaibamais.com
1	receitasninja.lt.acemlna.com	1 redirects
271	66

This site contains no links.

Subject Issuer	Validity	Valid
creditosaibamais.com E1	`2023-06-11` - `2023-09-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
joinads.me E1	`2023-06-17` - `2023-09-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
diffuser-cdn.app-us1.com E1	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-16` - `2023-07-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
prism.app-us1.com E1	`2023-05-29` - `2023-08-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-06-04` - `2023-09-02`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Frame ID: 7E2BF4416B181462AAEA153B544C7C49
Requests: 136 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230705/r20190131/zrt_lookup.html
Frame ID: 0BC6B7DB4888617941D02CF92DFDDD5B
Requests: 1 HTTP requests in this frame

Frame: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7999323BE778682B51AC2211B5732621
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3685392670532966&output=html&adk=1812271804&adf=3025194257&lmt=1688735075&plat=1%3A64%2C2%3A64%2C8%3A64%2C9%3A32776%2C11%3A64%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688812617830&bpp=4&bdt=1188&idt=254&shv=r20230705&mjsv=m202307050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7312488710459&frm=20&pv=2&ga_vid=311711695.1688812618&ga_sid=1688812618&ga_hid=1455176921&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075823%2C31075873%2C44772268%2C44788441&oid=2&pvsid=2755011246747470&tmod=1626526380&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=276
Frame ID: 65104CD9659EA706B99050EE38A1532E
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=creditosaibamais.com
Frame ID: 8DD670FEFD0A92A72778701E15C0995A
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 1EAE0C181B21E1DD40CF21A8062C85DA
Requests: 1 HTTP requests in this frame

Frame: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5061B684715A7EA67930864C86B057D9
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 7904FF41A6A62666038435796C26FBD1
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3087EC87C0EE3CC72D39C54435E14A67
Requests: 9 HTTP requests in this frame

Frame: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EB7E3E6994CD5C69B7B95D0D78C59996
Requests: 30 HTTP requests in this frame

Frame: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A1B7D1D96F2ACACE44C82F629A0B5962
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIYzbyI6QEwAQ&v=APEucNXjikwgjYB1ABiiThFViP6f9oUsGcxu6T-aWGbphrvjfhEJjNJhMwLN4aWsyUH24gi6-wrAjj3-QcnNZaR5tePz-KuBqBq7OxUQ9LOMF-3vCOFiGyvZa97ROI-w9zjQqihnU5p46f0rbp1bgkbOmPymM9RF-k_l9aLiqFr203Xe2S7_Yq4
Frame ID: 6FFE35FADA82096899FC5ECFEB14F424
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kp8318hb48crzc7e5wb66r1d5bgnbc8svgtaw2k9k8g2c397b3byyn2mgs3v9b86pmwhw9fy0zw8ndp8ys7rh6m8txm1wgkp7sdg3fe3vtj1209a0x66fk6jd19nez0mg7awfbp67a6960wp22y55daa9krznvzgvcmschd1r4k2c7vggy9xyjmptf8wp0xrx8qys46rjapd5k79pxhkmmb8gh4b2h4dpezk0b17y9y51vebazz01yn8dtffb6tp55bhpaj44x2j714ktt7xdndhrdhmwym9tcjxw1xk2737vbnptt5h5rdz10w9m4j94em0jm7r04wyfjgsjbvp793k1r2w84b11vmf9ccnygvdpkh83qsth3wdf08784tjetaaxkbgna4p07rpjp21bqcn6562ttp9tfj58w1j7gfqywpmr7k3bxcjs2whkpxsvnjedrsn8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuKgJSjypZOizKIywx_AP3NmM4AKQ4YGEXLaoworwAsCNtwEQASAAYJXStYLEB4IBF2NhLXB1Yi04OTI3NDM1MzQ2NjU0NjY3yAEJqQK2a89MbWayPuACAKgDAcgDAqoE1wJP0E7fRmTU9UCk_hxnN5pDRz58EaTzwuFxRNbSWriTyJT9oSBLf-cMuBNdW0PjaeTfn_KJYJ8WaCbjmFLFy318qzqSQGk0Os36lKBUw_qSISpQjYW8OPEXx8JrQBqV9NnCkf6bb8FHEnEdms5q3bNOFs3osVKZjnNwRThx7PFmcBocVsE0Bgp2BvJ0TcADy3v6l_gJQNtn9hgteZESCJ2yATdeaTAASpKSnQIaRWr52cPDF6HeRj7V7rEbBHuBD2vxYhFMP1nrIsH2bse3kGla-VXJZEQGTP-a6MjNh3XYYpGdeAdRPxS727L91iYv6qQppnSTS7UNLBTz-vqWWJPiUZL_F5GN1SwhlByBuowu2GlBH6JguC7kd5swNLHS6m-bKgNd8335nQkFa8FMzvWlksRhb0TdH1Fvmi98UFLIsn0vRLtvRMWNj3ewZdYlrnJMplYN3fnZ4AQBgAaxwonZoOnVy5ABoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0guVXfrokAHVnEYaU8CJXQ5bsPdA%26client%3Dca-pub-8927435346654667%26adurl%3D
Frame ID: 7BDAAACA5045FF81EA40ED60C6DD5D53
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 40D2E0594BFF2F01011B6CD4E1EC1638
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Frame ID: E65C68920588482133F9407775CB2103
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 6F839DAC557659C6C68B6917EBFF008D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 59E74A1B1A76F28215C02A0447DD4D6B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1F86705B677BBFBD7BD008FF30505A15
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs
Frame ID: 7F95CE442E0CA3B6CACE55987F53E8CF
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/index.html?ev=01_250
Frame ID: 25931AF377DD08B21C9BAAC9851095B5
Requests: 17 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: AD32CCC6A1F38B03EE634D620D25F8DD
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=320&d=50&e=&g=df1e53697bb333bdf7a0da348a79bf71%2F10321389312676332452&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688812619319&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxaf5zdpa9pa771703v5h23y9xft949cdtgjvcmk8w68hmg88hjpk6ynf1cvtk4kw4jtj9sx03yp0shnha7bn99abbw5hw7cn21ca19mgdz3v6qwcgbvxc5nr2kd67q8kswj53aq0dyedfphckkhwmpgg43wpcz9sx096yjyr1ycqpkg02v7yff6x56gac8r8xe2ykbgfc6tas5ree28ywczphcn7d5a725ancdq5cxd6a7242ehf4b8pga9z07k5dmt72153f3pjgbq3md4ehy2c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuKgJSjypZOizKIywx_AP3NmM4AKQ4YGEXLaoworwAsCNtwEQASAAYJXStYLEB4IBF2NhLXB1Yi04OTI3NDM1MzQ2NjU0NjY3yAEJqQK2a89MbWayPuACAKgDAcgDAqoE1wJP0E7fRmTU9UCk_hxnN5pDRz58EaTzwuFxRNbSWriTyJT9oSBLf-cMuBNdW0PjaeTfn_KJYJ8WaCbjmFLFy318qzqSQGk0Os36lKBUw_qSISpQjYW8OPEXx8JrQBqV9NnCkf6bb8FHEnEdms5q3bNOFs3osVKZjnNwRThx7PFmcBocVsE0Bgp2BvJ0TcADy3v6l_gJQNtn9hgteZESCJ2yATdeaTAASpKSnQIaRWr52cPDF6HeRj7V7rEbBHuBD2vxYhFMP1nrIsH2bse3kGla-VXJZEQGTP-a6MjNh3XYYpGdeAdRPxS727L91iYv6qQppnSTS7UNLBTz-vqWWJPiUZL_F5GN1SwhlByBuowu2GlBH6JguC7kd5swNLHS6m-bKgNd8335nQkFa8FMzvWlksRhb0TdH1Fvmi98UFLIsn0vRLtvRMWNj3ewZdYlrnJMplYN3fnZ4AQBgAaxwonZoOnVy5ABoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0guVXfrokAHVnEYaU8CJXQ5bsPdA%2526client%253Dca-pub-8927435346654667%2526adurl%253D&y=1&s=&z=0
Frame ID: A8BB8378DBD05FCFE9F0CBDC2FEF669A
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D5802B00397547EFFB9AD46D7F61254E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B9544F0AC2D7A403B445A13946641CCC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

e-bolsa-familia-150 – Saiba Mais

Page URL History Show full URLs

https://receitasninja.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZjcmVkaXRvc2FpYmFtYWlzLmNvbS... HTTP 302
https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_activ... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href=(?:"|')[^"']*elementor/assets
<link [^>]*href=(?:"|')[^"']*uploads/elementor/css

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

271
Requests

91 %
HTTPS

62 %
IPv6

44
Domains

66
Subdomains

53
IPs

9
Countries

4389 kB
Transfer

12076 kB
Size

36
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://receitasninja.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZjcmVkaXRvc2FpYmFtYWlzLmNvbSUyRmUtYm9sc2EtZmFtaWxpYS0xNTAlMkYlM0Z1dG1fc291cmNlJTNEYWN0aXZlJTI2dXRtX21lZGl1bSUzRGVtYWlsJTI2dXRtX2NhbXBhaWduJTNEM19hY3RpdmVfZW1haWxfOTY5&sig=HASpRpHqFKPetFRzd4JkmCdNb7nQwB6ByCwU7d47hoRf&iat=1688487418&a=%7C%7C254169999%7C%7C&account=receitasninja.activehosted.com&email=e7%2B5hlpSBRGR2PLy6bSsrkqtynpPzU7mFAg5IdeQJYmqArHA8CG60Q%3D%3D%3Ai9CAmv7pzcGu1y6UR9cDXEpwYP%2BB9O57&s=9c5abcf148f2c227467e0666b5583868&i=1926A1924A1A6572 HTTP 302
https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10883628328/?random=1153229807&cv=11&fst=1688812617880&bg=ffffff&guid=ON&async=1&gtm=45be3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&label=sgBQCMy6kYMYEKj628Uo&hn=www.googleadservices.com&frm=0&tiba=e-bolsa-familia-150%20%E2%80%93%20Saiba%20Mais&gtm_ee=1&auid=546788245.1688812618&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=STypZOLvONmh7_UPp-eB6AI&sscte=1&crd=&pscrd=Ek5DaEVJOEpLa3BRWVFsZjc1aUpDZnY3T3FBUklsQUZxQVhsa1R2MFdsTDYyTDlWMmM0ZUlRSk5zMGJYN2ZqUXQ0dm9MbnljOFpJd2xmMncaV0NoQUk4SktrcFFZUV9jcmd2dDNpdjZCWEVpMEFxZHZDN2NOWEhwcng5aV9TemJSMXVDazBuS3dNLW80empsYjhaRUVrQVF1ay1ETzR6VF9LOGNOWkVwZyITCKK4vKH1_v8CFdnQuwgdp3MALQ HTTP 302
https://www.google.com/pagead/1p-conversion/10883628328/?random=1153229807&cv=11&fst=1688812617880&bg=ffffff&guid=ON&async=1&gtm=45be3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&label=sgBQCMy6kYMYEKj628Uo&hn=www.googleadservices.com&frm=0&tiba=e-bolsa-familia-150%20%E2%80%93%20Saiba%20Mais&gtm_ee=1&auid=546788245.1688812618&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEpLa3BRWVFsZjc1aUpDZnY3T3FBUklsQUZxQVhsa1R2MFdsTDYyTDlWMmM0ZUlRSk5zMGJYN2ZqUXQ0dm9MbnljOFpJd2xmMncaV0NoQUk4SktrcFFZUV9jcmd2dDNpdjZCWEVpMEFxZHZDN2NOWEhwcng5aV9TemJSMXVDazBuS3dNLW80empsYjhaRUVrQVF1ay1ETzR6VF9LOGNOWkVwZyITCKK4vKH1_v8CFdnQuwgdp3MALQ&is_vtc=1&ocp_id=STypZOLvONmh7_UPp-eB6AI&cid=CAQSKQBygQiDF5UF2AhWorco2cuU7f0gGOM1_ifEyKILNbtWQAJH3wSqThgn&random=925791646 HTTP 302
https://www.google.de/pagead/1p-conversion/10883628328/?random=1153229807&cv=11&fst=1688812617880&bg=ffffff&guid=ON&async=1&gtm=45be3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&label=sgBQCMy6kYMYEKj628Uo&hn=www.googleadservices.com&frm=0&tiba=e-bolsa-familia-150%20%E2%80%93%20Saiba%20Mais&gtm_ee=1&auid=546788245.1688812618&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEpLa3BRWVFsZjc1aUpDZnY3T3FBUklsQUZxQVhsa1R2MFdsTDYyTDlWMmM0ZUlRSk5zMGJYN2ZqUXQ0dm9MbnljOFpJd2xmMncaV0NoQUk4SktrcFFZUV9jcmd2dDNpdjZCWEVpMEFxZHZDN2NOWEhwcng5aV9TemJSMXVDazBuS3dNLW80empsYjhaRUVrQVF1ay1ETzR6VF9LOGNOWkVwZyITCKK4vKH1_v8CFdnQuwgdp3MALQ&is_vtc=1&ocp_id=STypZOLvONmh7_UPp-eB6AI&cid=CAQSKQBygQiDF5UF2AhWorco2cuU7f0gGOM1_ifEyKILNbtWQAJH3wSqThgn&random=925791646&ipr=y

Request Chain 84

https://oajs.openx.net/esp?url=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rid=esp&cc=1

Request Chain 89

https://gum.criteo.com/sid/json?origin=publishertagids&domain=creditosaibamais.com&sn=ChromeSyncframe&so=0&topUrl=creditosaibamais.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=yO-J-3xjcVlUSFVnNWx2eUExL1hjVjM1R0dGLzJXOTZyUWtsM2VpOHU0UUtIaE45eTAxVS95N3RwUFA5QmlvRkFsQ1dMK2pscFg3Z1htUjMwbXZqYlowbTBWQld4VFZ4cXFibWR4bmV0bytOMWM3dlpEZG5jTFpRbEVaU1VZdmZtTjBRbWRJU1d1U3M4ZnlXWmhRNVloSi9oOSs4MFJkb05xclNPZXBpVjJlR0gxaDhBQ3pwZTNOODd0ZWttNUFnTDNkVmtiTUNEM2VTT0p6dXltVDE5dWhmVjN6ZnFsSE8vTFJIUW1wSi82eURIcTZZbVA2Y0NzcHRPNFU2N0hDOXRpZWFZVU0weGUrU0tFY3pNTkZ3UEdJOTlwandLRXZzQ3RZNmllekdxakwvTC9sST18&cppv=2

Request Chain 111

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKJmWYejcfQSlMn6t4oBDug&google_cver=1&google_push=AaAOQGE1bQMIRkT2Jgai0l5-HIoe27ZmgIFemJkdyJ10Kq56gZDNHMRd4h4en-sfOssWP3se3KeCYrhdSlYNgj1DqnvKG4YNUPpU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE1bQMIRkT2Jgai0l5-HIoe27ZmgIFemJkdyJ10Kq56gZDNHMRd4h4en-sfOssWP3se3KeCYrhdSlYNgj1DqnvKG4YNUPpU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKJmWYejcfQSlMn6t4oBDug&google_cver=1&google_push=AaAOQGE1bQMIRkT2Jgai0l5-HIoe27ZmgIFemJkdyJ10Kq56gZDNHMRd4h4en-sfOssWP3se3KeCYrhdSlYNgj1DqnvKG4YNUPpU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE1bQMIRkT2Jgai0l5-HIoe27ZmgIFemJkdyJ10Kq56gZDNHMRd4h4en-sfOssWP3se3KeCYrhdSlYNgj1DqnvKG4YNUPpU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 112

https://um.simpli.fi/gp_match?google_gid=CAESENJ9USIytaR-kw81DCCyYtA&google_cver=1&google_push=AaAOQGFgeRwU4nHDZIvEbnfUUzepdeAyqJ-rvgdtApWi9f48Bud6RJBZTgduNErk2P-GKlDMIDBU_aKGfTrYVb909dcRqQzR1fmj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=59562F31D6AE485F88BC48C0AC0B71A0&google_push=AaAOQGFgeRwU4nHDZIvEbnfUUzepdeAyqJ-rvgdtApWi9f48Bud6RJBZTgduNErk2P-GKlDMIDBU_aKGfTrYVb909dcRqQzR1fmj

Request Chain 113

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENO9_A6c-4vW3q3cjhcp7hI&google_cver=1&google_push=AaAOQGG3j98T6vXJUfNP9ckXqCuux6rWTUVTpNdiAMkRd2SUYO-ivLJ4OYebMBSZoFF_mbkbI8Bqs7zQGNRCD2apb7ZWV3JRDE0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGG3j98T6vXJUfNP9ckXqCuux6rWTUVTpNdiAMkRd2SUYO-ivLJ4OYebMBSZoFF_mbkbI8Bqs7zQGNRCD2apb7ZWV3JRDE0&google_hm=eS1ZUmxXM0wxRTJwR2VhVmtXdFZxRTJrQUNEZVBFSzdJRH5B

Request Chain 114

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAP-eB8oyLe8yrMVh4uAZ-I&google_cver=1&google_push=AaAOQGG0_LOC4rwRodUuf6EqtCZ1g9_oYg53nzWEqbMU4ViJF3FOpddAIAInPu3Roj-f3Z-OA3KH-SEQSbUrph-cizQteUTIoXw HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAP-eB8oyLe8yrMVh4uAZ-I&google_cver=1&google_push=AaAOQGG0_LOC4rwRodUuf6EqtCZ1g9_oYg53nzWEqbMU4ViJF3FOpddAIAInPu3Roj-f3Z-OA3KH-SEQSbUrph-cizQteUTIoXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTEzNDYyNDg0Mjg2NTU1MjE2Ng&google_push=AaAOQGG0_LOC4rwRodUuf6EqtCZ1g9_oYg53nzWEqbMU4ViJF3FOpddAIAInPu3Roj-f3Z-OA3KH-SEQSbUrph-cizQteUTIoXw

Request Chain 115

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKpeMhFU6QLnYQbN-OfRwt4&google_cver=1&google_push=AaAOQGEu6cck7gRxUAm5hF0yF1F-45Tk5oNVS017LY5bp9GFtg9h_ss_omamO7bBHSB9OjLqsDNdY__-BITzPh_yCdOP2ShGd98 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEu6cck7gRxUAm5hF0yF1F-45Tk5oNVS017LY5bp9GFtg9h_ss_omamO7bBHSB9OjLqsDNdY__-BITzPh_yCdOP2ShGd98

Request Chain 117

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKpeMhFU6QLnYQbN-OfRwt4&google_cver=1&google_push=AaAOQGHUfbYrv_tPiy9_UVCyCCp5zghVPXsSrd6-0vZLNld_DRMxsMFC_LgsqPs86ZrWGZ0JQAnskDK78yMa0_xHXR7pVeA2N0czfw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHUfbYrv_tPiy9_UVCyCCp5zghVPXsSrd6-0vZLNld_DRMxsMFC_LgsqPs86ZrWGZ0JQAnskDK78yMa0_xHXR7pVeA2N0czfw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJN77SOIThBKSdFA02Hldsg&google_cver=1

Request Chain 136

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKk8SsACxoED4bg.EufmyQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJN77SOIThBKSdFA02Hldsg&google_cver=1&google_hm=2

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJtEuEvyQ5v20LpBEILmeEc&google_cver=1

Request Chain 138

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyMjUwODU1NzYxODkyODQ3OQ%3D%3D

Request Chain 146

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDebJxwvjvJlPXEmQu1cNCM&google_cver=1&google_push=AaAOQGGPADRbTA0MATpW7kGRXJaZHWgpnFnEjgopednIW8rWWniQznLBHRcSCLJFPkczhdRMlGK2IFUue3kVpiUvu-AP-biGwx19 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDebJxwvjvJlPXEmQu1cNCM&google_cver=1&google_push=AaAOQGGPADRbTA0MATpW7kGRXJaZHWgpnFnEjgopednIW8rWWniQznLBHRcSCLJFPkczhdRMlGK2IFUue3kVpiUvu-AP-biGwx19 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGPADRbTA0MATpW7kGRXJaZHWgpnFnEjgopednIW8rWWniQznLBHRcSCLJFPkczhdRMlGK2IFUue3kVpiUvu-AP-biGwx19&google_hm=SInYsIrCQpqndhgN6NWG3w==

Request Chain 148

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAPjuCZKKfGQl2MQmxucAoc&google_cver=1&google_push=AaAOQGEerRWkV57RI0lVjFwmSBna7VPS7BhA91p9pNjt21Bb4Fyce143tkM91Ou56Bks7E4Z8_QbliZfHF1EHjlAm29RPyhvGV3A HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAPjuCZKKfGQl2MQmxucAoc&google_cver=1&google_push=AaAOQGEerRWkV57RI0lVjFwmSBna7VPS7BhA91p9pNjt21Bb4Fyce143tkM91Ou56Bks7E4Z8_QbliZfHF1EHjlAm29RPyhvGV3A&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGEerRWkV57RI0lVjFwmSBna7VPS7BhA91p9pNjt21Bb4Fyce143tkM91Ou56Bks7E4Z8_QbliZfHF1EHjlAm29RPyhvGV3A&google_hm=G8h8vGZHEW6OMcotQJ2a5key

Request Chain 149

https://match.360yield.com/match/ebda?google_gid=CAESEEGJaXUwVUR8WY2mSrkLb4g&google_cver=1&google_push=AaAOQGEvm_VxKUrW9VbcSdYSBsG3dfBbGb6q6grOsYz9_4jKQVb5tTXGPupgiwjz-0KOTohor4NqImuajXvz1_Q0G_5LbMdbwNvAUQ HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEGJaXUwVUR8WY2mSrkLb4g&google_cver=1&google_push=AaAOQGEvm_VxKUrW9VbcSdYSBsG3dfBbGb6q6grOsYz9_4jKQVb5tTXGPupgiwjz-0KOTohor4NqImuajXvz1_Q0G_5LbMdbwNvAUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=_ZFUkazOQKmMVidb5GTsgA&google_push=AaAOQGEvm_VxKUrW9VbcSdYSBsG3dfBbGb6q6grOsYz9_4jKQVb5tTXGPupgiwjz-0KOTohor4NqImuajXvz1_Q0G_5LbMdbwNvAUQ

Request Chain 151

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOLj5lNxprmT9TqsZVipSsk&google_cver=1&google_push=AaAOQGHCz53wyawPeStcU4a-4U5G0FxITfLTR3lGXk0L0h21k2Hy20VNLxloFUMgyiyrrXj-59b1eax5-Vez0JBFLQUwjtwMaEXXFw HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOLj5lNxprmT9TqsZVipSsk&google_cver=1&google_push=AaAOQGHCz53wyawPeStcU4a-4U5G0FxITfLTR3lGXk0L0h21k2Hy20VNLxloFUMgyiyrrXj-59b1eax5-Vez0JBFLQUwjtwMaEXXFw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4889d8b0-8ac2-429a-a776-180de8d586df&%%GOOGLE_PUSH_PAIR%%

Request Chain 164

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKxndtno8_YiP0nSOxu9Cq8&google_cver=1&google_push=AaAOQGGUIM2VqNv_GqGyU4LI947F9gEKJgvRs6wD4ZbJLGkUP6EQk9BYoczxXXvjUnneuVD-WUguxNLr_qCEZuRXOyVjYu3LhtAo HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGGUIM2VqNv_GqGyU4LI947F9gEKJgvRs6wD4ZbJLGkUP6EQk9BYoczxXXvjUnneuVD-WUguxNLr_qCEZuRXOyVjYu3LhtAo&google_hm=IvpHx9WEF8Q2fXKYkTOMSw

Request Chain 166

https://um.simpli.fi/gp_match?google_gid=CAESENoAAqahJHsM9ZydPrBscK4&google_cver=1&google_push=AaAOQGFZcIRnPL3HkslMH3gfMyiiqstX2DKLy8e9oGFI0oQc6MwOpLzoeEksKl1WEzd4FSgcJIo5TO-pxGD0Hi7r6OPAKujOhgHB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=59562F31D6AE485F88BC48C0AC0B71A0&google_push=AaAOQGFZcIRnPL3HkslMH3gfMyiiqstX2DKLy8e9oGFI0oQc6MwOpLzoeEksKl1WEzd4FSgcJIo5TO-pxGD0Hi7r6OPAKujOhgHB

Request Chain 167

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBdovT1IRkNUirZyKfaKT7g&google_cver=1&google_push=AaAOQGHA5FpL0lQCFTtfZBou46lQzKlza_3XSRnUMQeINl1rr6lqgLdrEmCEwSqCrQxXO-J7YhP6e2Ts9Dn3QREJkJr-EFXcGp03 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGHA5FpL0lQCFTtfZBou46lQzKlza_3XSRnUMQeINl1rr6lqgLdrEmCEwSqCrQxXO-J7YhP6e2Ts9Dn3QREJkJr-EFXcGp03

Request Chain 168

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIUvkVIe1F6lYYO9bXfjxpA&google_cver=1&google_push=AaAOQGE62gr1biHvbP0DdEa1WnUkSV_0Em17IL2Tno14VbOyrB2Vux0xX_XP7dwPisxIW8VfMWbj8cIsMV7jTK8pB3s2AbF_128l HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGE62gr1biHvbP0DdEa1WnUkSV_0Em17IL2Tno14VbOyrB2Vux0xX_XP7dwPisxIW8VfMWbj8cIsMV7jTK8pB3s2AbF_128l&google_gid=CAESEIUvkVIe1F6lYYO9bXfjxpA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg1MjAyMjE5ODA4MTY1MzY2OTM5MA%3D%3D&google_push=AaAOQGE62gr1biHvbP0DdEa1WnUkSV_0Em17IL2Tno14VbOyrB2Vux0xX_XP7dwPisxIW8VfMWbj8cIsMV7jTK8pB3s2AbF_128l

Request Chain 169

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOXo29bIiA6542l3lrc7M0I&google_cver=1&google_push=AaAOQGGlV4WwwWCqUEq_4vRfmIrHaP1crk8PZibs7l2AW6Ijo0f6tFgMwjGNNiiEX60OCEy2PiQOX8Ai78lp2n_fJ45ZRtFIYDwzEw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGlV4WwwWCqUEq_4vRfmIrHaP1crk8PZibs7l2AW6Ijo0f6tFgMwjGNNiiEX60OCEy2PiQOX8Ai78lp2n_fJ45ZRtFIYDwzEw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 170

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBEDPh-4TM8-yUO0VepuiV8&google_cver=1&google_push=AaAOQGEnJQ8YDckQBiGMvk3w8GkzSnoLmLzqaceUrmexnoIr3p75kPqWt-tXizrvzdPG4d4HExhFV2QaOkC8OOfr0CGxwaMCaZePAQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjAyMjUwODU1NzYxODkyODQ3OQ%3D%3D&google_gid=CAESEBEDPh-4TM8-yUO0VepuiV8&google_cver=1&google_push=AaAOQGEnJQ8YDckQBiGMvk3w8GkzSnoLmLzqaceUrmexnoIr3p75kPqWt-tXizrvzdPG4d4HExhFV2QaOkC8OOfr0CGxwaMCaZePAQ

Request Chain 191

https://fw.adsafeprotected.com/rfw/st/1450266/71191499/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012305835&ias_pubId=pub-4894209870857905&ias_chanId=1&ias_placementId=20240023183&bidurl=https://creditosaibamais.com/e-bolsa-familia-150/&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0g8QRIhkGZmGRp4Atz93h7d&adContainerId=brand_safety_SzypZPZny7rH8A-IvKDoBw&cbFunctionName=goog_wrapCb_SzypZPZny7rH8A-IvKDoBw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fcreditosaibamais.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fcreditosaibamais.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:a250891c-19c3-4e49-f9ee-a48adc587b06,c:hLRaWk,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6b6dfd5f7-hz8gv,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:3,mot:0,app:0,maw:0,fm:tJpHDVs+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C17*.1450266-71191499%7C171%7C172%7C1731%7C174%7C1811%7C182%7C19,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:18,oid:5e1fa95b-1d7b-11ee-a2cc-5af24bc0d4de,v:19.8.425,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_SzypZPZny7rH8A-IvKDoBw&cbFunctionName=goog_wrapCb_SzypZPZny7rH8A-IvKDoBw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js

271 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
creditosaibamais.com/e-bolsa-familia-150/
Redirect Chain

https://receitasninja.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZjcmVkaXRvc2FpYmFtYWlzLmNvbSUyRmUtYm9sc2EtZmFtaWxpYS0xNTAlMkYlM0Z1dG1fc291cmNlJTNEYWN0aXZlJTI2dXRtX21lZGl1bSUzRG...
https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

55 KB
13 KB

819ms
775ms

Document
text/html

2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fef724d37a188f24ad7c5992d8a1360f011fb2a460567f290079c6c4949c78ae

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e37b0612d122ba2-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 08 Jul 2023 10:36:56 GMT
last-modified: Fri, 07 Jul 2023 13:04:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kiUNpMNYiB%2B7tfCQQ0CD8CeNh8sM5ju8DjFCJc9P8bNTOsU0vqAs8G7kiJbXJGDdjc5v6GjtHLPMsrRAgj42gw887KxzQHIPmPar5jhTdU5DyujCLIWioAnB8pHlvG2R3g1nu%2BKs8oJ%2FxTqtFdxWmA7UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

content-length: 0
content-type: application/json
date: Sat, 08 Jul 2023 10:36:55 GMT
location: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
x-amz-apigw-id: HvZbPG_qoAMFxkg=
x-amzn-requestid: 007416f9-908b-46bc-bf73-5d70095d9f58
x-amzn-trace-id: Root=1-64a93c47-13fefb8a71b14ce602db7b4f;Sampled=0;lineage=12ce62b2:0

GET
H2 200 style.min.css
creditosaibamais.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 29ms
22ms Stylesheet
text/css 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 10 Mar 2023 00:22:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 191353
etag: W/"640a784d-17ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iiWb04cqz4g0%2FEo%2FJmhoA%2Baofsjh4LLLFUpz%2FHY2u8wSAV2y5VPEc0ASMH%2FMxHVIvu50Hxfh%2Bm2fRm9Tc8sgeYItzubtbO3u3l0rquVg8sSsv1nAMc7gyMha3urkobndqZjMpjocD0Y5oj2tVxi%2Bu7%2Fruw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e37b0661bc02ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 05:27:43 GMT

GET
H2 200 classic-themes.min.css
creditosaibamais.com/wp-includes/css/ 291 B
543 B 30ms
22ms Stylesheet
text/css 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 Feb 2023 20:50:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 191353
etag: W/"63eaa28b-123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJ3IAdNo3PMjEKadQ2oNcGj4ueW%2B1H%2BbkNrANCjJ9s6u3JV1YAVGkBtd1qpzM9URQ46PSY70mrJejSpF1NoqoS2oxg9fQoy6QL2m4%2B6ZypPeZYih9w0S%2B%2Fwxn02bITS1Adq3Jz7ajWlZ%2BrPItlPEFWxZTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e37b0661bd42ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 05:27:43 GMT

GET
H2 200 styles.css
creditosaibamais.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 631ms
623ms Stylesheet
text/css 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.7
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:57 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 16:16:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"649716dd-b2b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xZPGijWmbrR%2FtmMAgMalXY77XNwaHKCjQmPhYIe50pMp6AE5CpdIArRyOLlHWTIGGVIuU6kRxP%2FCechlAb4zeI1s4%2FRB%2FcwMQNew40eOMfLy2wecAkLkC%2F0te4LA655mGcePyFSKjMUxpkM%2BmZctKBbCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e37b0661bd72ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Jul 2024 10:36:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 23 KB
1 KB 65ms
24ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700&ver=0.1.3

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51c358915e20690e52764d3ff8c3e41215e302fb12768326ab21df4a7de04488

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Jul 2023 10:36:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Jul 2023 10:36:56 GMT

GET
H2 200 font-awesome.min.css
creditosaibamais.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 30 KB
7 KB 794ms
786ms Stylesheet
text/css 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:57 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 16:16:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"649716d4-7917"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IN72Gl7M4uiJt000JiUh1jB97Ej%2BJEPxr%2B2ZnU%2BZ%2FdcNSP5sL%2B3FszSqILbypmUgnZnygYtqC8s121low5hbZKHvLu%2FGKLesQlvXJeMtyOtv7AAMW3zEUdBfx%2B8MPnVkKZIvYEMsMf0j9Xu8uj88cYpSrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e37b0661bd82ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Jul 2024 10:36:57 GMT

GET
H2 200 style.css
creditosaibamais.com/wp-content/themes/tema2/ 59 KB
10 KB 1018ms
1010ms Stylesheet
text/css 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/themes/tema2/style.css?ver=0.1.3
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3199c60c8b2fce672c86cc24ba032d20cd2d43763ee33e5c4c281c99dbda31ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:57 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 16:16:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"649716e5-edb7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9f86%2FgTynk71TyNRiBQFpxbJ6OAEtKGIVw2Uwl3M3sESlinli%2FSXqPWjsKNk3WKA27aaMBtiREsvI8n3IU1qdqdK2WXiQdzVG2k%2Fplj8nRyTMVIAkUICvzzv7R2wwvCAe55n%2BR84x8aBA0yxWTuFXBm4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e37b0661bdb2ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Jul 2024 10:36:57 GMT

GET
H2 200 elementor-icons.min.css
creditosaibamais.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
4 KB 30ms
22ms Stylesheet
text/css 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.20.0
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0c3e823a07498a845daa25db9e85afdb4a985866f00b4cf1518f363336cd030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 16:16:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 191353
etag: W/"649716d4-4bf3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=moLLR6lLDutoGZgWX2lOZ64ajZnlkLu9EvjdvBeU7E0%2FOySSuxER7ksleVBkHQF9oObYv%2BgRJJ%2BqdI0pzftXUi8a4wIigefmjPzCQxc37l3ezL%2BewqUdVlm%2BEq2ifcHr9SPOh5IQIxG%2FP1alJk%2Fd3EJRbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e37b0661bde2ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 05:27:43 GMT

GET
H2 200 frontend-legacy.min.css
creditosaibamais.com/wp-content/plugins/elementor/assets/css/ 10 KB
1021 B 633ms
625ms Stylesheet
text/css 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.13.4
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e494faa2368bc0fadfedc1197aca7b4f6d3755ce61d812b789bd5ffb333a2b23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:57 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 16:16:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"649716d4-26c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvsXficUGHiqdHtbv%2Fh6cKWdxU83f1NonOexCScOLRN2i%2F4LqGmsJKDyGiQ44GdOa6EF%2F8LHjfj%2Fb3W4ItrYeZcjH4WmlxEYqRsCQr0AGHXEynxOMFn2EQaedJf78o6GsNc8sMrNgjZ0EeLN3HRuqR05Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e37b0661be12ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Jul 2024 10:36:57 GMT

GET
H2 200 frontend.min.css
creditosaibamais.com/wp-content/plugins/elementor/assets/css/ 132 KB
17 KB 37ms
29ms Stylesheet
text/css 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.13.4
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30b375f98eb05c2d1eff2490f6dcad5886bc1a383d592549cfd0359d41f7a6d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 16:16:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 191353
etag: W/"649716d4-20f9c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRJaknq5qN5wl8jGxzUkM3XkJD%2FAXrJY4XyIppvJ1uFi7yorzBwlWtrt7LTIEkHt3H9PA%2Bl4lbcs01jXpMFMwDGGwbZprSuoOTYAUO5MLbN3y9Fu2mB6HOzYSGXoG1cETszMTBib1VbXldBGememYaRC0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e37b0661be42ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 05:27:43 GMT

GET
H2 200 swiper.min.css
creditosaibamais.com/wp-content/plugins/elementor/assets/lib/swiper/css/ 13 KB
3 KB 29ms
21ms Stylesheet
text/css 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 16:16:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 191353
etag: W/"649716d3-324c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uBRYmTwMzTn9mO2fVebEyC1OjkZhNDADPJEHvmsZ2B0tCTLSx0guJxMyhoTotS9e5QCtQTVtQYU%2BXbb%2B4WD%2BSj3bI3B%2B%2BneoSQiTyNisHQszymLzRPII79BprpBVHpAtv0N3087qMDYSO6HtEYKPMv2eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e37b0661be62ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 05:27:43 GMT

GET
H2 200 post-4.css
creditosaibamais.com/wp-content/uploads/elementor/css/ 1 KB
829 B 43ms
36ms Stylesheet
text/css 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/uploads/elementor/css/post-4.css?ver=1687623427
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1509a76ee52712d4cfd3621e11e65c1d10e7b7e59e336d90e8f63b6d5e52d363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 16:17:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 191353
etag: W/"64971703-50c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bj%2F%2FgZ2LQ1OJXVM%2FUj4SF0wLdOZ%2F7NP9ECZWm6T12P%2B7u8h2XIHRQMcjDtwFgS6BDX4kzXc1maRXv6UR98vepuSYd4xuFoUu1pAg3N4QIxETmT80rlGK8bpfS7mGzQ9IgO6IpQwka%2BxaOOrsgnkiWQQog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e37b0661be92ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 05:27:43 GMT

GET
H2 200 frontend.min.css
creditosaibamais.com/wp-content/plugins/elementor-pro/assets/css/ 432 KB
40 KB 48ms
41ms Stylesheet
text/css 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.13.2
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 040d7ede7bb6e88d81c1a97598b88795be77ce061fa9bbc3829bc1c4f50aadea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 16:16:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 191353
etag: W/"649716da-6be3b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwSbtD%2Fs%2BZFoPZ77exeuEUi9hkQpujn8PPs%2BCNY7aJebjJcYBYpF3l8WFKqaOWG4zU61BhPNgELgJx9U1y%2FrfVHT4fG8irdrJvS1QZEEU3fyNDEXe1hv6OTeCcsjV2eRN4%2BnyJ%2FvvhW3r42PGmlKs1iCFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e37b0662bfe2ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 05:27:43 GMT

GET
H2 200 global.css
creditosaibamais.com/wp-content/uploads/elementor/css/ 39 KB
3 KB 802ms
794ms Stylesheet
text/css 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/uploads/elementor/css/global.css?ver=1687623427
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9603078d83691c1cc2badd9655952460d4fcd62d78966655a00ad9eecb3eb016

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:57 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 16:17:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64971703-9d0f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypHqJkc5nD5oMBFqGb7XmRtxVaD2Hq6672Z%2FP1XK9xJRMQBAqMgJJ2ixN5Vo6f8cO4KZxUL43OcWZl8uqx7KuNo%2B94vevB9FZs%2BTTIv2vwNGpb3juLjBGHM1ZvOWHWwzoLBMLEiOvXgLn76s2sMTAR3onw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e37b0662c002ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Jul 2024 10:36:57 GMT

GET
H2 200 post-7002.css
creditosaibamais.com/wp-content/uploads/elementor/css/ 3 KB
754 B 645ms
638ms Stylesheet
text/css 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/uploads/elementor/css/post-7002.css?ver=1687641099
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2a414dafb5f5d16ce04fe5618c86bf9485acadc4a215885716169fe972e3bfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:57 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 21:11:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64975c0b-d58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uObirgk66pV6nQf4sJRJsDJjJXOp6bjE0MArAUUExcbIfeB6uOekPZOA%2FQ%2FcuADHyo1JIo8a%2BKjTcndszIG%2B2YoDXksk%2Br8oEawXwrDOHnHDW7t%2FYvWhr1vnEErtgSSLexq4oDaw2sG7no41G8lW24tCXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e37b0662c022ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Jul 2024 10:36:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 44 KB
2 KB 63ms
23ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.2.2

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af56f9a97ba9853d88e0dc672d67e32e3ff2f829df312625ef64a878f8632cf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Jul 2023 09:10:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Jul 2023 10:36:56 GMT

GET
H2 200 jquery.min.js Show response
creditosaibamais.com/wp-includes/js/jquery/ 88 KB
31 KB 35ms
28ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 08 Mar 2023 18:37:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 191353
etag: W/"6408d5ed-15ed7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QH%2F7U6N5%2FdR8HGw9dKr%2F8ix1k1Zg%2FPdS%2BvHNhsbKSXjvDrQhudBHUTNiHUDeSHweKqJhH80%2B%2F3avX6EL7xjDmUlY7xzRAWeqmuPIue6ebRrntJRLz2zQlHA%2B6wETcszyzCNkeva3zlU9jD8lXufzEp7LSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c072ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 05:27:43 GMT

GET
H2 200 jquery-migrate.min.js Show response
creditosaibamais.com/wp-includes/js/jquery/ 13 KB
5 KB 30ms
23ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 06 Feb 2023 20:59:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 191353
etag: W/"63e16a23-3470"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1MfDAyTmNlUavL65klWWI84tXucBximmiyOBSRCChrXS5HmRtrlk7DKZPVq1ubTbOQfg9Mezh6NoQ3vhelZSVQpuTSB6hqwLHQxLfAwKMau1mG0pgbt1ONeHB67XCHql5MOv99l5fzIM2MYznuVaNmWEpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c092ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 05:27:43 GMT

GET
H2 200 classie.js Show response
creditosaibamais.com/wp-content/themes/tema2/assets/js/ 2 KB
1 KB 41ms
35ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/themes/tema2/assets/js/classie.js?ver=1
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b47c4996ccab3caa2140b473cbdaa5b98b9ea58c1936d51e6b565b0f57730ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 16:16:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 191353
etag: W/"649716e5-8a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQVSrHjLiwKTNti1xt8XzakxlqyEl0%2BuaTZY6FhJ0vY7126g18X1%2B6OJR3Q9jmnz0%2B9V2TCjGlu6Y4033hk40ASjav8TOtIBpSXQcfmX4KbbAGH1uJCpmr8%2FigNhFOboZNmSRIi4mK020PJCHfpFuAn1jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c0b2ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 05:27:43 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
26 KB 134ms
94ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

117fea0ee3b56808ae9733aa6388ce7b52cb360203fd7c9356a4588d55b52857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26085
x-xss-protection: 0
server: cafe
etag: 859 / 19546 / m202306290101 / config-hash: 12381638052069933206
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 10:36:57 GMT

GET
H2 200 push-notification.js Show response
script.joinads.me/ 1 KB
829 B 50ms
13ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.joinads.me/push-notification.js
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39d0fd9943a1069718bb60c51587b8a2b7711d562766565fafd8ac6050e44cdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76811
cf-polished: origSize=1350
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Apr 2021 12:59:38 GMT
server: cloudflare
etag: W/"6065c3ba-546"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9eEknTFUaBYW345K8FF%2B%2F6uW%2BQDvRrEvsW%2FLZqUBqpUJXUiTw746OWY832zHi4PPTlFxg%2FjIvQuej1EPPYLNB%2B4SYsk3Z37v8PKof1ZDKJ4TG7ORpWF%2BNcU%2FTepP6twRgsa8KwTXDaDT%2FLwb8Fpsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0664e1d9bce-FRA
expires: Mon, 01 Jul 2024 13:16:45 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 98ms
64ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3685392670532966

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45560b2075c130b29313a3690169de8ad3d8fc12d60387af995c955377173ad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://creditosaibamais.com/
Origin: https://creditosaibamais.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50394
x-xss-protection: 0
server: cafe
etag: 7252871359228665618
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 10:36:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
70 KB 69ms
34ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10883628328

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb5b0948893ab59c70aa1a32e7528de652ad93c43859015a990ef2c334d8d6cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71104
x-xss-protection: 0
last-modified: Sat, 08 Jul 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 08 Jul 2023 10:36:57 GMT

GET
H2 200 animations.min.css
creditosaibamais.com/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 30ms
23ms Stylesheet
text/css 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.13.4
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 16:16:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 191353
etag: W/"649716d3-4824"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnIEit3ZP7wrbRRFfORfbqaYUsMChzB5vjgl%2F%2Fhj%2BbUfAcJMYblXJOnBrNoGC9cBgCgPn41nY%2F7Wd9DS9HoLcfJHAGuTFkkIJl%2B2%2Fs7256iDul4Qpo4JuQup%2FAGlfEbpoqu%2FhqYnPDF%2BhVvHydFwgRUJmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e37b0662c042ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 05:27:43 GMT

GET
H2 200 index.js Show response
creditosaibamais.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 31ms
25ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.7
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 16:16:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 191353
etag: W/"649716dd-2801"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gC5QFOIPrKnzYQdFK7pcqpsJ0zZKpf5Nzu%2B15l7auSi5%2F1GjsEqZYLqzf8QoJAGYahniHBEu1lQYMJOLnhXUJpVGaoipIf3ZiOuB%2BSbYMaNtRHahN3amjXb1fAHIN24oeKsSzUZ4hmZHnWSt5zXCV%2Fp8Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c0d2ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 05:27:43 GMT

GET
H2 200 index.js Show response
creditosaibamais.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 646ms
640ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.7
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:57 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 16:16:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"649716dd-328f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVWZOiWoVP5gipFeUQy18izwoFKV346YugLD5W24ilXWBg3B4blqqTKSDTjRr7bx%2BF1Z3OumUhdI6cGQHjvAV0q7I1hHCKr1MoNkewikoTxGjkKnqV0GSp5DWowzUMFM8x9cPNxH49eysvhvc5XRucq0aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c112ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Jul 2024 10:36:57 GMT

GET
H2 200 slick.js Show response
creditosaibamais.com/wp-content/themes/tema2/assets/js/ 87 KB
15 KB 42ms
36ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/themes/tema2/assets/js/slick.js?ver=0.1.3
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1188460bd909dd436072c59c51e4599eda9e98d99eae9b554f49b38f37e9d7ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 16:16:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 201262
etag: W/"649716e5-15d39"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rv%2Bbj%2BqxO%2B0staEyHgXf9eZAkO8Pn%2FTK%2BuZZdBYYYJQlauyi4XJ2WFQZf6aECfKd846N4z1eh2CoTWPjexRzbNqFCSmHq4pFFqdi26YaOMkCuanmZ1XUwBlPJUYUvO3fWPPmsMfN4zOGKOEf15lhJO9R%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c132ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 02:42:34 GMT

GET
H2 200 sidebar-menu.js Show response
creditosaibamais.com/wp-content/themes/tema2/assets/js/ 4 KB
2 KB 35ms
29ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/themes/tema2/assets/js/sidebar-menu.js?ver=0.1.3
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 939d7a7d1e3d9ba01e872498508970299f9fb72c6f997b5cb108cf143801fab9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 16:16:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 201262
etag: W/"649716e5-10e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRgoHlkvm%2FZMHK7I%2BgCzOal5dPsDF4Bid%2B2L4DNy4twY0iDk%2BbFb2NjeGnOLBJpCo0Cs1ACzFrz6q0cPHWXxWp%2B5z8vBDPdf57PGao5x2YPYzjuXMVXNVNYgz9%2FzRNbhR6gXY39zi9y8gurjzDE2hfvFNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c152ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 02:42:34 GMT

GET
H2 200 inview.js Show response
creditosaibamais.com/wp-content/themes/tema2/assets/js/ 6 KB
2 KB 702ms
696ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/themes/tema2/assets/js/inview.js?ver=0.1.3
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a9cf10205d9af79b873f6199a2a50c7ff8375b8d4613b8570d27f206163dacf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:57 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 16:16:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"649716e5-1609"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Om7PULSOEdWRrlypODjRbEs8Dt6WH%2FQhWdZUx5sBEQCT8NIffqmEWjYTfsDqxNx2SQU1SB4PH0ukzH1XFPJod0zPj9ZML8JvXFkrnzodSFrx5loAVBrEJVCedzkFq7%2BQTPFsHLQlw%2BN%2F6kiOUtVpaVXnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c172ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Jul 2024 10:36:57 GMT

GET
H2 200 themes.js Show response
creditosaibamais.com/wp-content/themes/tema2/assets/js/ 3 KB
1 KB 28ms
23ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/themes/tema2/assets/js/themes.js?ver=0.1.3
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67279c322cc6b5c37ab83ad7b7a201507f5be3df340fec03f97f80feb793a4c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 16:16:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 201262
etag: W/"649716e5-af8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YskTDgK5Ka%2B7S33YHWeQQAIagtOkl%2FKVSWfH4VV7IVIFeG5rOvuWcA3UiyQYWQOWtcqXOc8yNN3%2FMh3%2BJ95j7dgBwtPI8kaduUAjSjfIYi113ixW7MPxUAm7wzGPlr%2FEGCIII6RvU3UJuNTUv2kSFdGnmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c182ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 02:42:34 GMT

GET
H2 200 webpack-pro.runtime.min.js Show response
creditosaibamais.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
3 KB 47ms
41ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.13.2
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afc24dfed8f3f2749e5cbe4a86053b55e5c063c23ea09ddf40544a0bfe03ae0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 16:16:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 191353
etag: W/"649716da-156d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQMzWy9pvFBx882JBL9FAKJFMLFxE1kAQKnMdMkTceqxjtbDWde2fiIl0HsAtwHlBsgIwW3AAML%2BZn500%2FSP1u47q14U3ApqS8JMNWjyB97BqBCG9BZdXVQiowQojQV5cA7gmh8H9hdzFjXeWDUq7sddrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c1b2ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 05:27:43 GMT

GET
H2 200 webpack.runtime.min.js Show response
creditosaibamais.com/wp-content/plugins/elementor/assets/js/ 5 KB
3 KB 29ms
24ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.13.4
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5565d96a4b66a49049a7fca5dfc8d26ebe0336778006052124283abb0347be8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 16:16:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 191353
etag: W/"649716d4-135e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LuQVSnsCrZ1qEaFjNUvTXHdDa5linT2UE8AimrypEVOucBwwjT%2BgVYZBuNJ4NVHonmvYgmoAROUROrNDBsobKaZl2br1iuShkAXurmOaPdHswMBAQpxH%2Fub1BtINdNn3FgUi5MzF3T2aawH4dQ3xVqPZUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c1d2ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 05:27:43 GMT

GET
H2 200 frontend-modules.min.js Show response
creditosaibamais.com/wp-content/plugins/elementor/assets/js/ 45 KB
14 KB 31ms
25ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.13.4
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c478a21227c8c63ed9b7ecb07c06e3a99cb6e4a253aeed7687fe43d5b0aa13d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 16:16:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 191353
etag: W/"649716d4-b263"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmVAXduw6DE4Zw1tGUQJNYj6dFrirF521yYcLOOLi%2Fni8wAckpxAr7cED%2FyFSTIGEcgu6KkKYz5wtpTM8lUUpe0QZM048qlW9LFCoWcuhu%2F5ITaiW9rcFOW7LXIvfwuLu8rPFnYCoo1uQqTy%2B%2F978kSPkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c1f2ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 05:27:43 GMT

GET
H2 200 wp-polyfill-inert.min.js Show response
creditosaibamais.com/wp-includes/js/dist/vendor/ 8 KB
3 KB 635ms
630ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:57 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 18 Jan 2023 11:16:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63c7d511-1feb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ryn7jZk199HXOXBFF%2FvchF%2FGyliTcR5VjWHfGFrOLnNSwAQAhhxX%2F0ASY7FdEqoWzwdBWcTKcr1m0HqDIX2rlEVGp%2Fja65l418Qt%2BS4pXrey9H%2B1wrtKtJwpc03EFbR%2FzKs08J79Mt%2FI2auTpplkYxzyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c212ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Jul 2024 10:36:57 GMT

GET
H2 200 regenerator-runtime.min.js Show response
creditosaibamais.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 35ms
29ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Feb 2023 15:56:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 191353
etag: W/"63e274b5-19cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VyGbQMVTbLPdsFnwkOdHPtTqaUGqpXZfh5M1ppi697gfW8hGmBqdzDDtNZS5l30JGnxbOhbiDWdt4xWhw5KwhKr%2FWFg67b4VNgZQv2rw3i7mAJAcxBvNUL3qP1qNYz9ZPKO3vXG%2B2HJQXPL3uvWeSWBbAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c222ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 05:27:43 GMT

GET
H2 200 wp-polyfill.min.js Show response
creditosaibamais.com/wp-includes/js/dist/vendor/ 17 KB
7 KB 34ms
29ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 191353
etag: W/"6329dfa1-459f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Il34v4nkcpVIL%2Figi9Kh93WvpqA8RArwZOY6j1yzBnFzAKIVOo30FIJp%2FBUV10FKdZQiR%2BKhlDDsupaH3sUf1sLBcecWASRfI726BvxLRM0TosiQ14mg%2Br29g%2BRxG38ULoOEmfyipCCQ9p7D7ObOWEMpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c242ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 05:27:43 GMT

GET
H2 200 hooks.min.js Show response
creditosaibamais.com/wp-includes/js/dist/ 5 KB
2 KB 40ms
35ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 191353
etag: W/"6254194e-132e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7bZ20C8fiJAVeHcXxsc2sk1II5EY7YaZHpxCdBs7i3KipYrl4wlUi5U9mTGmXwcJpAISNW%2BpFvufQBsd6L4yB3JJh%2Fcus9MbG5y6nIG%2BpV91S0b6cbux2B5zcbp87L%2Ba0O59IvbM9KO537OzXdLDMjCRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c262ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 05:27:43 GMT

GET
H2 200 i18n.min.js Show response
creditosaibamais.com/wp-includes/js/dist/ 10 KB
4 KB 40ms
35ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 191353
etag: W/"632e0f32-27f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0kM0h1Pcm6R%2F0qapXkWZbIG3hdrCN%2BwI9LGweheoHztC0bC6ffhT9nntvOVacKo0sgicJAyBom33MWYbPQP1%2Bhyh5x0uRMBZDiWnY8XD6P%2Ftd3y0BYe8agVFV9CXpLfz6nO%2B%2FvatGby5zCkV5qny9ydPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c282ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 05:27:43 GMT

GET
H2 200 frontend.min.js Show response
creditosaibamais.com/wp-content/plugins/elementor-pro/assets/js/ 24 KB
7 KB 805ms
800ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.13.2
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51f36864e3fb5b3479d50de93d44403cee100c743cb5c97a1da0b924ca671a86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:57 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 16:16:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"649716da-5f3c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5OZ4VDZJ3lR6hZByvyZ058CsdyBPGksxftwYxml0ia%2FeUG6L%2Fwunr9uw1RATf4ccgKPwUi4BFOtQOTg1b%2BHL0x87LQU1yFDGolDZRRrPEhPzoZZvzQe%2FxevbeX0xb0U9bhb3F5rGf9fA%2FnUtB1KxyCv%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c2b2ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Jul 2024 10:36:57 GMT

GET
H2 200 waypoints.min.js Show response
creditosaibamais.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 698ms
694ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:57 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 16:16:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"649716d3-2fa6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=caXH79EAmSclbagBk6QvYKTOoO3V47Mdrb%2BQ6%2FPhsBMNIZDX2TSjzvzVSeWS04RLGFOV3MM7jqVUfwrCIm%2B2IDBhUNa1ZcJjn5R4V9fLyfIHzua%2BbEnCAyoPXvMZ3R5ns9hiTv3n3D%2BSY9AhVMQKJ2qNEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c2d2ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Jul 2024 10:36:57 GMT

GET
H2 200 core.min.js Show response
creditosaibamais.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 35ms
30ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 16:36:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 191353
etag: W/"63dbe690-53be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSRtgt%2FCIf2vTZvERByuPrcV%2Bv0C4aZkvEZb77Y5db8v5CFqkt8aythQHccgM0bkzsT6U%2FPBZ1Bb0Az1QfaXYdHDAxQOZH%2FooZtE3SRAcn5pMYggf3Ryc0mJa%2BHxp2%2FJgbWks5uFbC4QCJtyxw2kPKxfMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c302ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 05:27:43 GMT

GET
H2 200 swiper.min.js Show response
creditosaibamais.com/wp-content/plugins/elementor/assets/lib/swiper/ 136 KB
35 KB 44ms
40ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 16:16:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 191353
etag: W/"649716d3-21f91"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TWE7kGZNjS6L8H%2F7U0WML8tRIXFhydOaRvjJRzaZylWu814HpF4JlULZKeOhRcGfokF0KmuaqynMtQ5r1Xn7VY5cvujfIgeAcwEQrLR8NKQD7WMFZctMvcvHw0T1cP%2BKGF%2Ba6wOyMzdDkI48ayaAzMAkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c312ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 05:27:43 GMT

GET
H2 200 share-link.min.js Show response
creditosaibamais.com/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 43ms
39ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.13.4
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 16:16:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 247456
etag: W/"649716d3-a3c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0Vk1sYI04bVvyj6RrbixyeGW%2BC7HTYtlOAMBN4N8s4fmy%2BqC0VYO8axdAUa%2FS8huJpadr0pdu4zTyPhuDciHmz6lQ8fgTcoFe3dt4zJ4PuiYWgwWmo6bQVcfboU8MXb0As6uDlr1n3EYdGU3KnncccwDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c342ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 29 Jun 2024 13:52:40 GMT

GET
H2 200 dialog.min.js Show response
creditosaibamais.com/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
4 KB 39ms
35ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9ba3d0c5d5408e00becd36ad394fa9ad9c0616741ebdd6dddc8e837db3605ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 16:16:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 247456
etag: W/"649716d3-29fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUCeeWScixHUz5PoNqXGaM6IuvpnGsCDdJ2EMtrQBhSVx%2B0W4ZzTfAERdm3i72xg4rbspPkPmUsvmpWgMeU5L2RgYUL4%2B6xYvzI0ARTlHonmIATFEPJEhGXYYHSlt3kmnBYK8xF9a32fNfmCDON6hvvuJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c362ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 29 Jun 2024 13:52:40 GMT

GET
H2 200 frontend.min.js Show response
creditosaibamais.com/wp-content/plugins/elementor/assets/js/ 40 KB
12 KB 34ms
30ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.13.4
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f5eb651e087476c3214a5fbb8b77346f7f0dff068c3d961c6070424746fb9db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 16:16:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 247456
etag: W/"649716d4-9eb1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kK%2BP%2BHg4ajoobScaF%2B9nmuVfo7Km%2BzaCGJu%2FVwPFooK1vgqjmcOOqmaU2pZwKUEXvF9%2FFUJqTTUd0EB8LUSRIkGyOy2xxe%2FludHwS5jVYrF3nvSAIwLlHGJ4yoEAyfzbcW%2FJiwy%2FgUyOE%2BSK18IPFQFxhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c382ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 29 Jun 2024 13:52:40 GMT

GET
H2 200 preloaded-elements-handlers.min.js Show response
creditosaibamais.com/wp-content/plugins/elementor-pro/assets/js/ 161 KB
38 KB 46ms
42ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.13.2
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c6306a06ed45ba39a8aea03d2cfb48cd34e56ba39ef02e5ac038cec237081e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 16:16:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 247456
etag: W/"649716da-2832c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nIw9smCqnbAGKK5NSn7%2FtIVZ1YZ99dQCnZKSA11Z9YH2YBxEEhY0ASiiJLwew9eKRGKVdiAPYvKKSfLlaSaO5nTRyYMTFl0%2FwAfXm7w53oRVeEDYDW7NLpU8b0R8r0WF2n9aJUD8Pdfzwa9bmBEtYujqbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c3a2ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 29 Jun 2024 13:52:40 GMT

GET
H2 200 preloaded-modules.min.js Show response
creditosaibamais.com/wp-content/plugins/elementor/assets/js/ 41 KB
13 KB 40ms
36ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.13.4
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb37cf0f1083294c34e3abfff9d50228f7706755e756cfe29972d5acbf085bb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 16:16:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 247456
etag: W/"649716d4-a41b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LoIqhWfUWYdqbX9uX1wy38zJV2KuCU3vEtMpm5Vt799KjxI1UQTqKHyRoUS9Czde2TucJ232G1t%2FoVsZYseVF%2BOnxKGZeM1yhf%2B%2BwPA%2BHipNE7vjhtrDo059JfWFeIl%2BVmiJSid9BWs1%2FSRV7FZTwl3HBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c3b2ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 29 Jun 2024 13:52:40 GMT

GET
H2 200 jquery.sticky.min.js Show response
creditosaibamais.com/wp-content/plugins/elementor-pro/assets/lib/sticky/ 4 KB
2 KB 38ms
34ms Script
application/javascript 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creditosaibamais.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.13.2
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 16:16:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 247456
etag: W/"649716da-e89"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jI7Dn4Ym01L9si6vryJXhisRdVSxy84RGvtj6WOMOZolSaaNDU8qVW97FdHXy9UTJkBJ%2BA%2BNXLlFJ6Di6ZqI8n9ZYjfqn9Ugwpft03zuKcKXZyrT7upGOF6JGELTOKuPPB8noy0bO4QiqHjPGW5U5e3lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b0662c3d2ba2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 29 Jun 2024 13:52:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
80 KB 65ms
59ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3J8W9ZHFES

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0716cb152b52548160be492580053b821b1d1a07b488cfcb667763642a892c48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82085
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 08 Jul 2023 10:36:57 GMT

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 31 KB
7 KB 45ms
14ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:57 GMT
content-encoding: gzip
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P2
age: 82
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 04 Apr 2023 18:58:37 GMT
server: cloudflare
etag: W/"613257bb316d347d9417023321c6d62f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 7e37b06ccfae9b64-FRA
x-amz-cf-id: vCN0QAerVkLqK7LsO-33OAmuBobBdfpIHvTKpJ5_qqp0_-QNlAudRw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 08 Jul 2023 10:36:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: 8tUyzc0ypJGtQpaLmDrL1IJrWIVbWlVZNbDOP09XdiUoJNY9K0I+ZASl69T6zez3g9mCrcRLqHCWMMNgEU3dzg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 49ms
13ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700&ver=0.1.3#038;subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://creditosaibamais.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 05:19:29 GMT
x-content-type-options: nosniff
age: 537448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Jul 2024 05:19:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 52ms
16ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://creditosaibamais.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 18:58:23 GMT
x-content-type-options: nosniff
age: 574714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 18:58:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 76ms
40ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://creditosaibamais.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 22:16:07 GMT
x-content-type-options: nosniff
age: 130850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jul 2024 22:16:07 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 55ms
29ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://creditosaibamais.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 05:45:28 GMT
x-content-type-options: nosniff
age: 17489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 05:45:28 GMT

GET
H3 200 Design-sem-nome-2023-02-01T173009.025-768x512.png
creditosaibamais.com/wp-content/uploads/2023/02/ 600 KB
601 KB 925ms
925ms Image
image/png 2606:4700:3032::ac43:d552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creditosaibamais.com/wp-content/uploads/2023/02/Design-sem-nome-2023-02-01T173009.025-768x512.png
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e084993b5a8ae1d192666212bd712b26a868e2c3801c0693d4538071b9cd8b05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:58 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 16:16:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "649716c5-9608d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j00Ur7TP1iYJZL0nd0LomHJENF12zHG7%2B5FNKt6ZJr0yqsVTKqrpfFW50myj4ShaQACDY9YhHEqsY6OEkDP5fEwJUefJa%2F%2BBh7uGOFzsPuOhmR8ziGK6ky06SOMT4ChN61%2BxMWySvr1KsXmELBxA5ai4Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7e37b06ccfc43659-FRA
alt-svc: h3=":443"; ma=86400
content-length: 614541
expires: Tue, 02 Jul 2024 10:36:58 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/ 391 KB
125 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8187dcb05ebcfc94502aeec0524c23c7d22afbafe17aff1d39acc1d59a3a52db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 12:10:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80796
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127464
x-xss-protection: 0
server: cafe
etag: 4704578582152062329
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 06 Jul 2024 12:10:21 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307050101/ 354 KB
122 KB 106ms
77ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3685392670532966&plah=creditosaibamais.com&bust=31075873

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3685392670532966

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2154bfe53419238a4ef30dba073050b0470213c39efc8b401e47b48a922efd1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124485
x-xss-protection: 0
server: cafe
etag: 3041827538122823943
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 10:36:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230705/r20190131/ Frame 0BC6 10 KB
5 KB 50ms
14ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230705/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3685392670532966

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://creditosaibamais.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74863
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 13:49:14 GMT
etag: 12368291122986407432
expires: Fri, 21 Jul 2023 13:49:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10883628328/ 3 KB
2 KB 57ms
54ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10883628328/?random=1688812617863&cv=11&fst=1688812617863&bg=ffffff&guid=ON&async=1&gtm=45be3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&hn=www.googleadservices.com&frm=0&tiba=e-bolsa-familia-150%20%E2%80%93%20Saiba%20Mais&auid=546788245.1688812618&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10883628328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e20290b3ecfb4d7a3aa73f0e694e2e33353ac8107db65aeeee33366c140f7e91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1383
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/10883628328/ 3 KB
2 KB 63ms
26ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/10883628328/?random=1688812617880&cv=11&fst=1688812617880&bg=ffffff&guid=ON&async=1&gtm=45be3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&label=sgBQCMy6kYMYEKj628Uo&hn=www.googleadservices.com&frm=0&tiba=e-bolsa-familia-150%20%E2%80%93%20Saiba%20Mais&gtm_ee=1&auid=546788245.1688812618&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10883628328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

3f1b1c4a26937289f49e2b3e7e2999156a900758dbe78f41d6c72f45d859ed2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1631
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
79 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3J8W9ZHFES&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10883628328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b6563597d0488e5598a8c453d90ef95fec609b58042032afe13520103bc0397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81261
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 08 Jul 2023 10:36:57 GMT

GET
H2 200 1283798162486649 Show response
connect.facebook.net/signals/config/ 382 KB
109 KB 173ms
169ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1283798162486649?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f756280b2feedc9c65e4c40f98ca7f289be6b5efaf9d392584d977e08752269f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 08 Jul 2023 10:36:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: +nCJv8FuiBCtZWg/JAmlxlBwe+iluwwoU3p3q8vpuL660VNsglHjWRR6GGLVMJDeQJm/HNl4HjMxMTQrXdzJFQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 64ms
27ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=creditosaibamais.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
878 B 36ms
9ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 08 Jul 2023 10:36:57 GMT
x-content-type-options: nosniff
content-encoding: br
age: 40625
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230052-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 67ms
16ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 16:21:58 GMT
content-encoding: gzip
age: 1620900
x-guploader-uploadid: ADPycdu0ofEeAAYzdW5Z96wZyLXgm23ax7D6-P-kRrnYYyzN40_lI7nGf6iRwNhdTCtUf4jMUk4Ic8OfTq9SQAz3Ia2XKw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Tue, 18 Jun 2024 16:21:58 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 48ms
20ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: 9W81Q02XE6CPVE5S
age: 999
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7e37b06e6c922c55-FRA
x-amz-id-2: PfYjtCQGKcL7FBf6V0ICeqTN3sFWhaSU8fTjEESkbw8Wp0Gg8VSzDV6d5LqCJXS0pYhFtpiP92E=

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 71ms
22ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20e74dbf3ee183f6fe1447dd7efef616905f78e10733e618dfd67f54c8a25ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 29 Jun 2023 05:28:55 GMT
server: nginx
etag: W/"649d1697-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Jul 2023 10:36:58 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 55ms
10ms Script
text/javascript 2600:9000:2250:e00:a:e047:753:be1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:e00:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
Date: Sat, 08 Jul 2023 07:03:45 GMT
Via: 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 12794
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: mMnFWzcK2I5I0wAlzEpjjaVe_0BPFPb-zfbSodkQ02IOEcOP_PJJyg==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 166 KB
48 KB 714ms
713ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2755011246747470&correlator=2708814192066271&eid=31074650&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=22893970961%3A22894546274%2Ccreditosaibamais.com%2CCreditosaibamais_Interstitial_20230707&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=1786435543&sfv=1-0-40&ists=1&fas=8&cust_params=id_post_wp%3D7002%26utm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&sc=1&cookie_enabled=1&abxe=1&dt=1688812617962&lmt=1688735075&dlt=1688812616642&idt=1275&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=311711695.1688812618&ga_sid=1688812618&ga_hid=1455176921&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

522c43bbc287d20af13db368987d801fea4e19573f2e9fd78edd993931ea2dad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:58 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49120
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://creditosaibamais.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
13 KB 1235ms
1233ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2755011246747470&correlator=2708814192066271&eid=31074650&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=22893970961%3A22894546274%2Ccreditosaibamais.com%2CCreditosaibamais_Anchor_20230707&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&adks=3064633072&sfv=1-0-40&ists=1&fas=2&cust_params=id_post_wp%3D7002%26utm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&sc=1&cookie_enabled=1&abxe=1&dt=1688812617969&lmt=1688735075&dlt=1688812616642&idt=1275&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=311711695.1688812618&ga_sid=1688812618&ga_hid=1455176921&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b21977d78f485efce7f453413e6e8f1d6a1360f766cfdaf58d332cff255363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:59 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13578
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://creditosaibamais.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
519 B 892ms
891ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2755011246747470&correlator=2708814192066271&eid=31074650&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=22526454507%2Ccreditosaibamais.com%2CCreditosaibamais_Rewards_20230706&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&adks=637568879&sfv=1-0-40&ists=1&fas=11&rbvs=1&cust_params=id_post_wp%3D7002%26utm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&sc=1&cookie_enabled=1&abxe=1&dt=1688812617972&lmt=1688735075&dlt=1688812616642&idt=1275&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=311711695.1688812618&ga_sid=1688812618&ga_hid=1455176921&ga_fc=false&a3p=EhsKDGlkNS1zeW5jLmNvbRjkgc6okzFIAFICCGQSGQoKcHViY2lkLm9yZxjjgc6okzFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y5IHOqJMxSABSAghkEhQKBW9wZW54GOSBzqiTMUgAUgIIZBIZCgp1aWRhcGkuY29tGOSBzqiTMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf04e01d59215c6d69975c3d43a39f64c838fb9e4ca29ad80b5fd647da48970e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:58 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 487
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://creditosaibamais.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 779ms
778ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2755011246747470&correlator=2708814192066271&eid=31074650&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=22526454507%2Ccreditosaibamais.com%2CCreditosaibamais_Content1_20230624&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=250x250%7C300x250%7C336x280&ifi=5&adks=3380625579&sfv=1-0-40&cust_params=id_post_wp%3D7002%26utm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&sc=1&cookie_enabled=1&abxe=1&dt=1688812617975&lmt=1688735075&dlt=1688812616642&idt=1275&adxs=675&adys=113&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&frm=20&vis=1&psz=1120x0&msz=1120x0&fws=0&ohw=0&ga_vid=311711695.1688812618&ga_sid=1688812618&ga_hid=1455176921&ga_fc=false&a3p=EhsKDGlkNS1zeW5jLmNvbRjkgc6okzFIAFICCGQSGQoKcHViY2lkLm9yZxjjgc6okzFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y5IHOqJMxSABSAghkEhQKBW9wZW54GOSBzqiTMUgAUgIIZBIZCgp1aWRhcGkuY29tGOSBzqiTMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0210f03466483eef832f6ff05d426e43285384acd7e2ae417f53000483f02e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:58 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11628
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://creditosaibamais.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
15 KB 817ms
816ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2755011246747470&correlator=2708814192066271&eid=31074650&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=22893970961%3A22894546274%2Ccreditosaibamais.com%2CCreditosaibamais_Fixed_Mobile_20230707&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C320x100&ifi=6&adks=2584617679&sfv=1-0-40&cust_params=id_post_wp%3D7002%26utm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&sc=1&cookie_enabled=1&abxe=1&dt=1688812617981&lmt=1688735075&dlt=1688812616642&idt=1275&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&frm=20&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=311711695.1688812618&ga_sid=1688812618&ga_hid=1455176921&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

816780f95a5d7b269715932751e66a55ae636369cf239dc448f6a4756df06c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:58 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://creditosaibamais.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7999 6 KB
3 KB 94ms
22ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://creditosaibamais.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 10:36:58 GMT
expires: Sun, 07 Jul 2024 10:36:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/ 37 KB
13 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cc0b563084ab3f3f982828651c83e32b01aacaeecca60f0edffbf4e29905218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 12:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77977
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13139
x-xss-protection: 0
server: cafe
etag: 4037606220920726119
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 06 Jul 2024 12:57:20 GMT

GET
H2 200 / Show response
prism.app-us1.com/ 248 B
491 B 218ms
171ms Script
application/javascript 2606:4700::6811:915b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prism.app-us1.com/?a=800525001&u=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.18

Resource Hash

9ffbb95ffe440cba7a6b1aa64cca77df7cb0d28ad5fcbff506ca92bb72ab1076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.18
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 64
cf-ray: 7e37b06ebf183814-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 122 KB
47 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-201994943-4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3J8W9ZHFES

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7907969db6f10b2ab2b6332acab2a947664619ae9cdcd526ffd817c329eced68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48262
x-xss-protection: 0
last-modified: Sat, 08 Jul 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 08 Jul 2023 10:36:58 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 54ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3J8W9ZHFES&gtm=45je3750&_p=1455176921&cid=311711695.1688812618&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1688812618&sct=1&seg=0&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&dt=e-bolsa-familia-150%20%E2%80%93%20Saiba%20Mais&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3J8W9ZHFES
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://creditosaibamais.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10883628328/ 42 B
455 B 68ms
26ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10883628328/?random=1688812617863&cv=11&fst=1688810400000&bg=ffffff&guid=ON&async=1&gtm=45be3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&frm=0&tiba=e-bolsa-familia-150%20%E2%80%93%20Saiba%20Mais&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2016818231&rmt_tld=0&ipr=y

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10883628328/ 42 B
455 B 69ms
28ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10883628328/?random=1688812617863&cv=11&fst=1688810400000&bg=ffffff&guid=ON&async=1&gtm=45be3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&frm=0&tiba=e-bolsa-familia-150%20%E2%80%93%20Saiba%20Mais&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2016818231&rmt_tld=1&ipr=y

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/10883628328/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10883628328/?random=1153229807&cv=11&fst=1688812617880&bg=ffffff&guid=ON&async=1&gtm=45be3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fcr...
https://www.google.com/pagead/1p-conversion/10883628328/?random=1153229807&cv=11&fst=1688812617880&bg=ffffff&guid=ON&async=1&gtm=45be3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fcreditosaibamais.com%2F...
https://www.google.de/pagead/1p-conversion/10883628328/?random=1153229807&cv=11&fst=1688812617880&bg=ffffff&guid=ON&async=1&gtm=45be3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fcreditosaibamais.com%2Fe...

42 B
108 B

29ms
28ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/10883628328/?random=1153229807&cv=11&fst=1688812617880&bg=ffffff&guid=ON&async=1&gtm=45be3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&label=sgBQCMy6kYMYEKj628Uo&hn=www.googleadservices.com&frm=0&tiba=e-bolsa-familia-150%20%E2%80%93%20Saiba%20Mais&gtm_ee=1&auid=546788245.1688812618&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEpLa3BRWVFsZjc1aUpDZnY3T3FBUklsQUZxQVhsa1R2MFdsTDYyTDlWMmM0ZUlRSk5zMGJYN2ZqUXQ0dm9MbnljOFpJd2xmMncaV0NoQUk4SktrcFFZUV9jcmd2dDNpdjZCWEVpMEFxZHZDN2NOWEhwcng5aV9TemJSMXVDazBuS3dNLW80empsYjhaRUVrQVF1ay1ETzR6VF9LOGNOWkVwZyITCKK4vKH1_v8CFdnQuwgdp3MALQ&is_vtc=1&ocp_id=STypZOLvONmh7_UPp-eB6AI&cid=CAQSKQBygQiDF5UF2AhWorco2cuU7f0gGOM1_ifEyKILNbtWQAJH3wSqThgn&random=925791646&ipr=y

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/10883628328/?random=1153229807&cv=11&fst=1688812617880&bg=ffffff&guid=ON&async=1&gtm=45be3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&label=sgBQCMy6kYMYEKj628Uo&hn=www.googleadservices.com&frm=0&tiba=e-bolsa-familia-150%20%E2%80%93%20Saiba%20Mais&gtm_ee=1&auid=546788245.1688812618&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEpLa3BRWVFsZjc1aUpDZnY3T3FBUklsQUZxQVhsa1R2MFdsTDYyTDlWMmM0ZUlRSk5zMGJYN2ZqUXQ0dm9MbnljOFpJd2xmMncaV0NoQUk4SktrcFFZUV9jcmd2dDNpdjZCWEVpMEFxZHZDN2NOWEhwcng5aV9TemJSMXVDazBuS3dNLW80empsYjhaRUVrQVF1ay1ETzR6VF9LOGNOWkVwZyITCKK4vKH1_v8CFdnQuwgdp3MALQ&is_vtc=1&ocp_id=STypZOLvONmh7_UPp-eB6AI&cid=CAQSKQBygQiDF5UF2AhWorco2cuU7f0gGOM1_ifEyKILNbtWQAJH3wSqThgn&random=925791646&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 407 B
610 B 100ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=creditosaibamais.com&callback=_gfp_s_&client=ca-pub-3685392670532966

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3685392670532966&plah=creditosaibamais.com&bust=31075873

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a999236984a85c2102bf13a15fee046cdde60128fefbd6ad4773c80c93167420

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6510 0
20 B 227ms
226ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3685392670532966&output=html&adk=1812271804&adf=3025194257&lmt=1688735075&plat=1%3A64%2C2%3A64%2C8%3A64%2C9%3A32776%2C11%3A64%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688812617830&bpp=4&bdt=1188&idt=254&shv=r20230705&mjsv=m202307050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7312488710459&frm=20&pv=2&ga_vid=311711695.1688812618&ga_sid=1688812618&ga_hid=1455176921&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075823%2C31075873%2C44772268%2C44788441&oid=2&pvsid=2755011246747470&tmod=1626526380&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=276

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://creditosaibamais.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 10:36:58 GMT
expires: Sat, 08 Jul 2023 10:36:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
329 B 54ms
15ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://creditosaibamais.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://creditosaibamais.com
date: Sat, 08 Jul 2023 10:36:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rid=esp&cc=1

85 B
203 B

114ms
114ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rid=esp&cc=1
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: e306bc9c7c10b7268044485b23831b9c5d254e4be577394c9917e8cb575896d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:58 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-7Ygp2Yd/kFTUjZ0n8LxP3H8zoQU"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://creditosaibamais.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sat, 08 Jul 2023 10:36:58 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://creditosaibamais.com
location: /esp?url=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8DD6 15 KB
6 KB 43ms
14ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=creditosaibamais.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://creditosaibamais.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 10:36:57 GMT
server: Kestrel
server-processing-duration-in-ticks: 322998
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 48ms
13ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-201994943-4&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Jul 2023 10:35:19 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 99
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 08 Jul 2023 12:35:19 GMT

GET
H3 200 1537353300119728 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 143ms
142ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1537353300119728?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9d96de6ba659a2d25e1f09582373ba81250a2fbe672ec5e583568a031a08e98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 08 Jul 2023 10:36:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ndm1sZ8NC8ETKopgI/YoF7HovkM70YyITbIiTP8U5HI6IUy5AdTtjwvPJOOCUq0kj3N/qPqYK9G1ISTYJYVX3A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 27ms
10ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1283798162486649&ev=PageView&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812618163&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688812618161.1291072041&cs_est=true&it=1688812617900&coo=false&rqm=GET

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:36:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8DD6
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=creditosaibamais.com&sn=ChromeSyncframe&so=0&topUrl=creditosaibamais.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=yO-J-3xjcVlUSFVnNWx2eUExL1hjVjM1R0dGLzJXOTZyUWtsM2VpOHU0UUtIaE45eTAxVS95N3RwUFA5QmlvRkFsQ1dMK2pscFg3Z1htUjMwbXZqYlowbTBWQld4VFZ4cXFibWR4bmV0bytOMWM3dlpEZG5jTFpRbEVaU1...

449 B
666 B

98ms
18ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=yO-J-3xjcVlUSFVnNWx2eUExL1hjVjM1R0dGLzJXOTZyUWtsM2VpOHU0UUtIaE45eTAxVS95N3RwUFA5QmlvRkFsQ1dMK2pscFg3Z1htUjMwbXZqYlowbTBWQld4VFZ4cXFibWR4bmV0bytOMWM3dlpEZG5jTFpRbEVaU1VZdmZtTjBRbWRJU1d1U3M4ZnlXWmhRNVloSi9oOSs4MFJkb05xclNPZXBpVjJlR0gxaDhBQ3pwZTNOODd0ZWttNUFnTDNkVmtiTUNEM2VTT0p6dXltVDE5dWhmVjN6ZnFsSE8vTFJIUW1wSi82eURIcTZZbVA2Y0NzcHRPNFU2N0hDOXRpZWFZVU0weGUrU0tFY3pNTkZ3UEdJOTlwandLRXZzQ3RZNmllekdxakwvTC9sST18&cppv=2

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dbcfe1a30f2e7674e4be6375ba53ca870f68ddddcb19eeec1332b4ab813cb9c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:57 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1246705
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=yO-J-3xjcVlUSFVnNWx2eUExL1hjVjM1R0dGLzJXOTZyUWtsM2VpOHU0UUtIaE45eTAxVS95N3RwUFA5QmlvRkFsQ1dMK2pscFg3Z1htUjMwbXZqYlowbTBWQld4VFZ4cXFibWR4bmV0bytOMWM3dlpEZG5jTFpRbEVaU1VZdmZtTjBRbWRJU1d1U3M4ZnlXWmhRNVloSi9oOSs4MFJkb05xclNPZXBpVjJlR0gxaDhBQ3pwZTNOODd0ZWttNUFnTDNkVmtiTUNEM2VTT0p6dXltVDE5dWhmVjN6ZnFsSE8vTFJIUW1wSi82eURIcTZZbVA2Y0NzcHRPNFU2N0hDOXRpZWFZVU0weGUrU0tFY3pNTkZ3UEdJOTlwandLRXZzQ3RZNmllekdxakwvTC9sST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 255088
content-length: 0
expires: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 21ms
20ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1455176921&t=pageview&_s=1&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&ul=en-us&de=UTF-8&dt=e-bolsa-familia-150%20%E2%80%93%20Saiba%20Mais&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1398839241&gjid=2025193120&cid=311711695.1688812618&tid=UA-201994943-4&_gid=2141954788.1688812618&_r=1&gtm=457e3750&jsscut=1&z=784757183

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://creditosaibamais.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://creditosaibamais.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
315 B 149ms
122ms Script
text/javascript 2606:4700:4400::6812:2a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=800525001&prismid=8b603802-e467-471c-b38a-0f8252f1fd8c&url=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.19
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.19
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-envoy-upstream-service-time: 21
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 7e37b07008a91bc3-FRA
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
348 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-201994943-4&cid=311711695.1688812618&jid=1398839241&gjid=2025193120&_gid=2141954788.1688812618&_u=YADAAUAAAAAAACAAI~&z=694209469

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://creditosaibamais.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 08 Jul 2023 10:36:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://creditosaibamais.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 1EAE 0
176 B 79ms
26ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://creditosaibamais.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sat, 08 Jul 2023 10:36:58 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 1897808950573752 Show response
connect.facebook.net/signals/config/ 381 KB
109 KB 156ms
156ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1897808950573752?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

022c3888c39a6cef1ce046f314786b799f35f8104f7d277f8e5f5752f1cad3e9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 08 Jul 2023 10:36:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: /Zo6C9R0uMw3EawJdVKTNoD9vMhWnuUmNdyHtt5ONQyNfDQIa7ocT2cF/SWTnpr/ne0/ietwqfilQfy8vXkjtw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 container.html Show response
6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5061 6 KB
3 KB 16ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://creditosaibamais.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 10:36:58 GMT
expires: Sun, 07 Jul 2024 10:36:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 5061 4 KB
767 B 28ms
26ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Jul 2023 10:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Jul 2023 10:07:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Jul 2023 10:36:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7904 6 KB
779 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Jul 2023 10:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Jul 2023 08:46:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Jul 2023 10:36:58 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 7904 2 KB
973 B 66ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:19:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:19:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame 7904 23 KB
9 KB 65ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite_fy2021.js

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:18:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:18:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 7904 3 KB
1 KB 76ms
34ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 09:57:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 09:57:30 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3087 1 KB
643 B 19ms
19ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63862
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 16:52:36 GMT
etag: 48472445140208031
expires: Sat, 08 Jul 2023 16:52:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 7904 20 KB
9 KB 63ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:19:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7904 0
0 25ms
24ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQrCFJLUJzcq8pRqSPvhpdRBqZqAzM66o6Whn4mBfK6XitvKuG3HrXNpQfprtB09Vy2Jb5vsxuj940AUPOxS2lPAum-pA
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7904 179 KB
57 KB 89ms
37ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jul 2023 10:36:58 GMT

GET
H2 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame 7904 33 KB
14 KB 80ms
30ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 22:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 22:47:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 22:59:35 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/ Frame 5061 20 KB
9 KB 71ms
35ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:31:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61539
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8599
x-xss-protection: 0
server: cafe
etag: 12796843930313450165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:31:19 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5061 205 B
650 B 70ms
26ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 09:04:22 GMT
x-content-type-options: nosniff
age: 91956
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 06 Jul 2024 09:04:22 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5061 604 B
695 B 70ms
27ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:15:34 GMT
x-content-type-options: nosniff
age: 73284
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 06 Jul 2024 14:15:34 GMT

GET
H3 200 container.html Show response
6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EB7E 6 KB
3 KB 16ms
13ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://creditosaibamais.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 10:36:58 GMT
expires: Sun, 07 Jul 2024 10:36:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A1B7 6 KB
3 KB 35ms
31ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://creditosaibamais.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 10:36:58 GMT
expires: Sun, 07 Jul 2024 10:36:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 3087
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKJmWYejcfQSlMn6t4oBDug&google_cver=1&google_push=AaAOQGE1bQMIRkT2Jgai0l5-HIoe27ZmgIFemJkdyJ10Kq56gZDNHMRd4h4en-sfOssWP3se3KeCYrhdSlYNgj1DqnvKG4YNUPpU&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKJmWYejcfQSlMn6t4oBDug&google_cver=1&google_push=AaAOQGE1bQMIRkT2Jgai0l5-HIoe27ZmgIFemJkdyJ10Kq56gZDNHMRd4h4en-sfOssWP3se3KeCYrhdSlYNgj1DqnvKG4YNUPp...

43 B
430 B

184ms
174ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKJmWYejcfQSlMn6t4oBDug&google_cver=1&google_push=AaAOQGE1bQMIRkT2Jgai0l5-HIoe27ZmgIFemJkdyJ10Kq56gZDNHMRd4h4en-sfOssWP3se3KeCYrhdSlYNgj1DqnvKG4YNUPpU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE1bQMIRkT2Jgai0l5-HIoe27ZmgIFemJkdyJ10Kq56gZDNHMRd4h4en-sfOssWP3se3KeCYrhdSlYNgj1DqnvKG4YNUPpU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e37b075aabc085b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 17
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKJmWYejcfQSlMn6t4oBDug&google_cver=1&google_push=AaAOQGE1bQMIRkT2Jgai0l5-HIoe27ZmgIFemJkdyJ10Kq56gZDNHMRd4h4en-sfOssWP3se3KeCYrhdSlYNgj1DqnvKG4YNUPpU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE1bQMIRkT2Jgai0l5-HIoe27ZmgIFemJkdyJ10Kq56gZDNHMRd4h4en-sfOssWP3se3KeCYrhdSlYNgj1DqnvKG4YNUPpU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e37b0740870085b-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3087
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESENJ9USIytaR-kw81DCCyYtA&google_cver=1&google_push=AaAOQGFgeRwU4nHDZIvEbnfUUzepdeAyqJ-rvgdtApWi9f48Bud6RJBZTgduNErk2P-GKlDMIDBU_aKGfTrYVb909dcRqQzR1fmj
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=59562F31D6AE485F88BC48C0AC0B71A0&google_push=AaAOQGFgeRwU4nHDZIvEbnfUUzepdeAyqJ-rvgdtApWi9f48Bud6RJBZTgduNErk2P-GKlDMIDBU_aKGfTrYVb9...

170 B
232 B

25ms
24ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=59562F31D6AE485F88BC48C0AC0B71A0&google_push=AaAOQGFgeRwU4nHDZIvEbnfUUzepdeAyqJ-rvgdtApWi9f48Bud6RJBZTgduNErk2P-GKlDMIDBU_aKGfTrYVb909dcRqQzR1fmj

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 08 Jul 2023 10:36:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=59562F31D6AE485F88BC48C0AC0B71A0&google_push=AaAOQGFgeRwU4nHDZIvEbnfUUzepdeAyqJ-rvgdtApWi9f48Bud6RJBZTgduNErk2P-GKlDMIDBU_aKGfTrYVb909dcRqQzR1fmj
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 07 Jul 2023 10:36:58 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3087
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENO9_A6c-4vW3q3cjhcp7hI&google_cver=1&google_push=AaAOQGG3j98T6vXJUfNP9ckXqCuux6rWTUVTpNdiAMkRd2SUYO-ivLJ4OYebMBSZoFF_mbkbI8Bqs7zQGNRCD2apb7ZWV3J...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGG3j98T6vXJUfNP9ckXqCuux6rWTUVTpNdiAMkRd2SUYO-ivLJ4OYebMBSZoFF_mbkbI8Bqs7zQGNRCD2apb7ZWV3JRDE0&google_hm=eS1ZUmxXM0wxRTJwR2VhVmt...

170 B
188 B

26ms
25ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGG3j98T6vXJUfNP9ckXqCuux6rWTUVTpNdiAMkRd2SUYO-ivLJ4OYebMBSZoFF_mbkbI8Bqs7zQGNRCD2apb7ZWV3JRDE0&google_hm=eS1ZUmxXM0wxRTJwR2VhVmtXdFZxRTJrQUNEZVBFSzdJRH5B

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 08 Jul 2023 10:36:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGG3j98T6vXJUfNP9ckXqCuux6rWTUVTpNdiAMkRd2SUYO-ivLJ4OYebMBSZoFF_mbkbI8Bqs7zQGNRCD2apb7ZWV3JRDE0&google_hm=eS1ZUmxXM0wxRTJwR2VhVmtXdFZxRTJrQUNEZVBFSzdJRH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3087
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAP-eB8oyLe8yrMVh4uAZ-I&google_cver=1&google_push=AaAOQGG0_LOC4rwRodUuf6EqtCZ1g9_oYg53nzWEqbMU4ViJF3FOpddAIAInPu3Roj-f3Z-OA3KH-SEQ...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAP-eB8oyLe8yrMVh4uAZ-I&google_cver=1&google_push=AaAOQGG0_LOC4rwRodUuf6EqtCZ1g9_oYg53nzWEqbMU4ViJF3FOpddAIAInPu3Roj-f3Z-OA3K...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTEzNDYyNDg0Mjg2NTU1MjE2Ng&google_push=AaAOQGG0_LOC4rwRodUuf6EqtCZ1g9_oYg53nzWEqbMU4ViJF3FOpddAIAInPu3Roj-f3Z-OA3KH-S...

170 B
188 B

31ms
28ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTEzNDYyNDg0Mjg2NTU1MjE2Ng&google_push=AaAOQGG0_LOC4rwRodUuf6EqtCZ1g9_oYg53nzWEqbMU4ViJF3FOpddAIAInPu3Roj-f3Z-OA3KH-SEQSbUrph-cizQteUTIoXw

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTEzNDYyNDg0Mjg2NTU1MjE2Ng&google_push=AaAOQGG0_LOC4rwRodUuf6EqtCZ1g9_oYg53nzWEqbMU4ViJF3FOpddAIAInPu3Roj-f3Z-OA3KH-SEQSbUrph-cizQteUTIoXw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3087
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKpeMhFU6QLnYQbN-OfRwt4&google_cver=1&google_push=AaAOQGEu6cck7gRxUAm5hF0yF1F-45Tk5oNVS017LY5bp9GFtg9h_ss_omamO7bBHSB9OjLqsDNdY__-BITz...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEu6cck7gRxUAm5hF0yF1F-45Tk5oNVS017LY5bp9GFtg9h_ss_omamO7bBHSB9OjLqsDNdY__-BITzPh_yCdOP2ShGd98

170 B
329 B

24ms
23ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEu6cck7gRxUAm5hF0yF1F-45Tk5oNVS017LY5bp9GFtg9h_ss_omamO7bBHSB9OjLqsDNdY__-BITzPh_yCdOP2ShGd98

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEu6cck7gRxUAm5hF0yF1F-45Tk5oNVS017LY5bp9GFtg9h_ss_omamO7bBHSB9OjLqsDNdY__-BITzPh_yCdOP2ShGd98
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58281/ Frame 3087 0
125 B 73ms
11ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJPR2nj83wuEeuDJxsgtMkA&google_cver=1&google_push=AaAOQGGk9qT3gP7u1xpSr1NAVtn1672DU32EZTHE-H12N_ZfXqsRDVrXeVrkWsrCX28gN1q89YmScPyV3YhvXBl5zBdMnS-9-ZEDgw

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame 3087
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKpeMhFU6QLnYQbN-OfRwt4&google_cver=1&google_push=AaAOQGHUfbYrv_tPiy9_UVCyCCp5zghVPXsSrd6-0vZLNld_DRMxsMFC_LgsqPs86ZrWGZ0JQAnskDK78yM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHUfbYrv_tPiy9_UVCyCCp5zghVPXsSrd6-0vZLNld_DRMxsMFC_LgsqPs86ZrWGZ0JQAnskDK78yMa0_xHXR7pVeA2N0czfw
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

18ms
18ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3087 0
130 B 79ms
19ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KALmxW1DIJGHJvhoRx5y68G2iw8e82ahrfVDpKtk7OmEFSBvbtDVFxG4M4FYEkVggrIHxBYq4

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6FFE 624 B
242 B 62ms
53ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIYzbyI6QEwAQ&v=APEucNXjikwgjYB1ABiiThFViP6f9oUsGcxu6T-aWGbphrvjfhEJjNJhMwLN4aWsyUH24gi6-wrAjj3-QcnNZaR5tePz-KuBqBq7OxUQ9LOMF-3vCOFiGyvZa97ROI-w9zjQqihnU5p46f0rbp1bgkbOmPymM9RF-k_l9aLiqFr203Xe2S7_Yq4

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 10:36:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame EB7E 78 KB
27 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 10:36:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EB7E 42 B
63 B 56ms
49ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D7RuvHRAVk5sGRVyHC6kx3Uuo5VAbffm5VTmxalA9hYMnrlJZDrEXzAmH0V-4fWuFg6Oa9UrvNtrRC7n1cQRKVESiVxD1gYSALe1mpFcigEfJJGdw

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EB7E 0
20 B 56ms
47ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1908657309137392439&x=1&ct=76

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame EB7E 3 KB
1 KB 26ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 09:57:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 09:57:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame EB7E 20 KB
8 KB 23ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:19:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EB7E 0
0 32ms
23ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQtwbOhC6qoTv9Crktw0ldYhzrNvc40OGT8VkFRNO_PCjShOV7mFepBPeQHdO4JDo2Mu-N6MHysTPutLsu8T320wDDsMQ
Requested by: Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB7E 179 KB
56 KB 37ms
27ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jul 2023 10:36:58 GMT

GET
H3 200 1417078182161683 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 146ms
141ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1417078182161683?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c6ea3b67b8bc4dd15db55c0ec71ea8a32ceafbdd9f48386b056c2463f9d657bb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 08 Jul 2023 10:36:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ibBIFb2ZRrBwS9QzT9mox80FhcES/YJi15f0qgKZnKE7ghUvpHjIrAI/Nt+stIlwfIS1/+VLAdsl4cIUvGuyOg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 7BDA 2 KB
3 KB 58ms
29ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kp8318hb48crzc7e5wb66r1d5bgnbc8svgtaw2k9k8g2c397b3byyn2mgs3v9b86pmwhw9fy0zw8ndp8ys7rh6m8txm1wgkp7sdg3fe3vtj1209a0x66fk6jd19nez0mg7awfbp67a6960wp22y55daa9krznvzgvcmschd1r4k2c7vggy9xyjmptf8wp0xrx8qys46rjapd5k79pxhkmmb8gh4b2h4dpezk0b17y9y51vebazz01yn8dtffb6tp55bhpaj44x2j714ktt7xdndhrdhmwym9tcjxw1xk2737vbnptt5h5rdz10w9m4j94em0jm7r04wyfjgsjbvp793k1r2w84b11vmf9ccnygvdpkh83qsth3wdf08784tjetaaxkbgna4p07rpjp21bqcn6562ttp9tfj58w1j7gfqywpmr7k3bxcjs2whkpxsvnjedrsn8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuKgJSjypZOizKIywx_AP3NmM4AKQ4YGEXLaoworwAsCNtwEQASAAYJXStYLEB4IBF2NhLXB1Yi04OTI3NDM1MzQ2NjU0NjY3yAEJqQK2a89MbWayPuACAKgDAcgDAqoE1wJP0E7fRmTU9UCk_hxnN5pDRz58EaTzwuFxRNbSWriTyJT9oSBLf-cMuBNdW0PjaeTfn_KJYJ8WaCbjmFLFy318qzqSQGk0Os36lKBUw_qSISpQjYW8OPEXx8JrQBqV9NnCkf6bb8FHEnEdms5q3bNOFs3osVKZjnNwRThx7PFmcBocVsE0Bgp2BvJ0TcADy3v6l_gJQNtn9hgteZESCJ2yATdeaTAASpKSnQIaRWr52cPDF6HeRj7V7rEbBHuBD2vxYhFMP1nrIsH2bse3kGla-VXJZEQGTP-a6MjNh3XYYpGdeAdRPxS727L91iYv6qQppnSTS7UNLBTz-vqWWJPiUZL_F5GN1SwhlByBuowu2GlBH6JguC7kd5swNLHS6m-bKgNd8335nQkFa8FMzvWlksRhb0TdH1Fvmi98UFLIsn0vRLtvRMWNj3ewZdYlrnJMplYN3fnZ4AQBgAaxwonZoOnVy5ABoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0guVXfrokAHVnEYaU8CJXQ5bsPdA%26client%3Dca-pub-8927435346654667%26adurl%3D

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e977f280003be0fc14811cb5239a7f2abb315843431cfe0716a7c1ceb1037f1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e37b0743e8e37f7-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 10:36:58 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame A1B7 3 KB
1 KB 21ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 09:57:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 09:57:30 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 40D2 1 KB
643 B 19ms
15ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63862
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 16:52:36 GMT
etag: 48472445140208031
expires: Sat, 08 Jul 2023 16:52:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame A1B7 20 KB
8 KB 17ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:19:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A1B7 0
0 23ms
22ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRzepug4LDj4uyqsXT3elJ9npoa7RriV_A7Xw4JLhJMhoJfqc8_CvdIenixiyBns3bd63FPX6J4lU5f0epeRc2AabZ0cg
Requested by: Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A1B7 24 KB
7 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 254047
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 04 Jul 2024 12:02:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A1B7 179 KB
56 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jul 2023 10:36:58 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6FFE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJN77SOIThBKSdFA02Hldsg&google_cver=1

43 B
766 B

14ms
14ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJN77SOIThBKSdFA02Hldsg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIYzbyI6QEwAQ&v=APEucNXjikwgjYB1ABiiThFViP6f9oUsGcxu6T-aWGbphrvjfhEJjNJhMwLN4aWsyUH24gi6-wrAjj3-QcnNZaR5tePz-KuBqBq7OxUQ9LOMF-3vCOFiGyvZa97ROI-w9zjQqihnU5p46f0rbp1bgkbOmPymM9RF-k_l9aLiqFr203Xe2S7_Yq4
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Jul 2023 10:36:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJN77SOIThBKSdFA02Hldsg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6FFE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKk8SsACxoED4bg.EufmyQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJN77SOIThBKSdFA02Hldsg&google_cver=1&google_hm=2

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJN77SOIThBKSdFA02Hldsg&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIYzbyI6QEwAQ&v=APEucNXjikwgjYB1ABiiThFViP6f9oUsGcxu6T-aWGbphrvjfhEJjNJhMwLN4aWsyUH24gi6-wrAjj3-QcnNZaR5tePz-KuBqBq7OxUQ9LOMF-3vCOFiGyvZa97ROI-w9zjQqihnU5p46f0rbp1bgkbOmPymM9RF-k_l9aLiqFr203Xe2S7_Yq4
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Jul 2023 10:36:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJN77SOIThBKSdFA02Hldsg&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 6FFE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJtEuEvyQ5v20LpBEILmeEc&google_cver=1

43 B
842 B

13ms
11ms

Image
image/gif

37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJtEuEvyQ5v20LpBEILmeEc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIYzbyI6QEwAQ&v=APEucNXjikwgjYB1ABiiThFViP6f9oUsGcxu6T-aWGbphrvjfhEJjNJhMwLN4aWsyUH24gi6-wrAjj3-QcnNZaR5tePz-KuBqBq7OxUQ9LOMF-3vCOFiGyvZa97ROI-w9zjQqihnU5p46f0rbp1bgkbOmPymM9RF-k_l9aLiqFr203Xe2S7_Yq4

Protocol

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
an-x-request-uuid: d13d9e06-f0fc-471c-9362-7dab9beef6de
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.138; 178.162.209.138; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJtEuEvyQ5v20LpBEILmeEc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6FFE
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyMjUwODU1NzYxODkyODQ3OQ%3D%3D

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyMjUwODU1NzYxODkyODQ3OQ%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
an-x-request-uuid: 01b03e3a-64ba-4923-ac0d-37855dde98d8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyMjUwODU1NzYxODkyODQ3OQ%3D%3D
x-proxy-origin: 178.162.209.138; 178.162.209.138; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 7BDA 114 KB
14 KB 18ms
17ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kp8318hb48crzc7e5wb66r1d5bgnbc8svgtaw2k9k8g2c397b3byyn2mgs3v9b86pmwhw9fy0zw8ndp8ys7rh6m8txm1wgkp7sdg3fe3vtj1209a0x66fk6jd19nez0mg7awfbp67a6960wp22y55daa9krznvzgvcmschd1r4k2c7vggy9xyjmptf8wp0xrx8qys46rjapd5k79pxhkmmb8gh4b2h4dpezk0b17y9y51vebazz01yn8dtffb6tp55bhpaj44x2j714ktt7xdndhrdhmwym9tcjxw1xk2737vbnptt5h5rdz10w9m4j94em0jm7r04wyfjgsjbvp793k1r2w84b11vmf9ccnygvdpkh83qsth3wdf08784tjetaaxkbgna4p07rpjp21bqcn6562ttp9tfj58w1j7gfqywpmr7k3bxcjs2whkpxsvnjedrsn8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuKgJSjypZOizKIywx_AP3NmM4AKQ4YGEXLaoworwAsCNtwEQASAAYJXStYLEB4IBF2NhLXB1Yi04OTI3NDM1MzQ2NjU0NjY3yAEJqQK2a89MbWayPuACAKgDAcgDAqoE1wJP0E7fRmTU9UCk_hxnN5pDRz58EaTzwuFxRNbSWriTyJT9oSBLf-cMuBNdW0PjaeTfn_KJYJ8WaCbjmFLFy318qzqSQGk0Os36lKBUw_qSISpQjYW8OPEXx8JrQBqV9NnCkf6bb8FHEnEdms5q3bNOFs3osVKZjnNwRThx7PFmcBocVsE0Bgp2BvJ0TcADy3v6l_gJQNtn9hgteZESCJ2yATdeaTAASpKSnQIaRWr52cPDF6HeRj7V7rEbBHuBD2vxYhFMP1nrIsH2bse3kGla-VXJZEQGTP-a6MjNh3XYYpGdeAdRPxS727L91iYv6qQppnSTS7UNLBTz-vqWWJPiUZL_F5GN1SwhlByBuowu2GlBH6JguC7kd5swNLHS6m-bKgNd8335nQkFa8FMzvWlksRhb0TdH1Fvmi98UFLIsn0vRLtvRMWNj3ewZdYlrnJMplYN3fnZ4AQBgAaxwonZoOnVy5ABoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0guVXfrokAHVnEYaU8CJXQ5bsPdA%26client%3Dca-pub-8927435346654667%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kp8318hb48crzc7e5wb66r1d5bgnbc8svgtaw2k9k8g2c397b3byyn2mgs3v9b86pmwhw9fy0zw8ndp8ys7rh6m8txm1wgkp7sdg3fe3vtj1209a0x66fk6jd19nez0mg7awfbp67a6960wp22y55daa9krznvzgvcmschd1r4k2c7vggy9xyjmptf8wp0xrx8qys46rjapd5k79pxhkmmb8gh4b2h4dpezk0b17y9y51vebazz01yn8dtffb6tp55bhpaj44x2j714ktt7xdndhrdhmwym9tcjxw1xk2737vbnptt5h5rdz10w9m4j94em0jm7r04wyfjgsjbvp793k1r2w84b11vmf9ccnygvdpkh83qsth3wdf08784tjetaaxkbgna4p07rpjp21bqcn6562ttp9tfj58w1j7gfqywpmr7k3bxcjs2whkpxsvnjedrsn8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuKgJSjypZOizKIywx_AP3NmM4AKQ4YGEXLaoworwAsCNtwEQASAAYJXStYLEB4IBF2NhLXB1Yi04OTI3NDM1MzQ2NjU0NjY3yAEJqQK2a89MbWayPuACAKgDAcgDAqoE1wJP0E7fRmTU9UCk_hxnN5pDRz58EaTzwuFxRNbSWriTyJT9oSBLf-cMuBNdW0PjaeTfn_KJYJ8WaCbjmFLFy318qzqSQGk0Os36lKBUw_qSISpQjYW8OPEXx8JrQBqV9NnCkf6bb8FHEnEdms5q3bNOFs3osVKZjnNwRThx7PFmcBocVsE0Bgp2BvJ0TcADy3v6l_gJQNtn9hgteZESCJ2yATdeaTAASpKSnQIaRWr52cPDF6HeRj7V7rEbBHuBD2vxYhFMP1nrIsH2bse3kGla-VXJZEQGTP-a6MjNh3XYYpGdeAdRPxS727L91iYv6qQppnSTS7UNLBTz-vqWWJPiUZL_F5GN1SwhlByBuowu2GlBH6JguC7kd5swNLHS6m-bKgNd8335nQkFa8FMzvWlksRhb0TdH1Fvmi98UFLIsn0vRLtvRMWNj3ewZdYlrnJMplYN3fnZ4AQBgAaxwonZoOnVy5ABoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0guVXfrokAHVnEYaU8CJXQ5bsPdA%26client%3Dca-pub-8927435346654667%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 861832
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWUjOEX%2BG9KLrxVBcEgE0rzzGqMm3diVuUhBryJ2GQkVpzLPBe%2BWdbFBAr3bCNaqPmZHiL3RDQiqHOHuVgKXG9AX7nt0DWxjtmkE0%2BR8EKiK73JeQgr8cay7MAEleu70A6%2BkA8TUx%2F4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7e37b0748eef37f7-FRA
expires: Sat, 08 Jul 2023 11:36:58 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 7BDA 25 KB
10 KB 26ms
17ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kp8318hb48crzc7e5wb66r1d5bgnbc8svgtaw2k9k8g2c397b3byyn2mgs3v9b86pmwhw9fy0zw8ndp8ys7rh6m8txm1wgkp7sdg3fe3vtj1209a0x66fk6jd19nez0mg7awfbp67a6960wp22y55daa9krznvzgvcmschd1r4k2c7vggy9xyjmptf8wp0xrx8qys46rjapd5k79pxhkmmb8gh4b2h4dpezk0b17y9y51vebazz01yn8dtffb6tp55bhpaj44x2j714ktt7xdndhrdhmwym9tcjxw1xk2737vbnptt5h5rdz10w9m4j94em0jm7r04wyfjgsjbvp793k1r2w84b11vmf9ccnygvdpkh83qsth3wdf08784tjetaaxkbgna4p07rpjp21bqcn6562ttp9tfj58w1j7gfqywpmr7k3bxcjs2whkpxsvnjedrsn8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuKgJSjypZOizKIywx_AP3NmM4AKQ4YGEXLaoworwAsCNtwEQASAAYJXStYLEB4IBF2NhLXB1Yi04OTI3NDM1MzQ2NjU0NjY3yAEJqQK2a89MbWayPuACAKgDAcgDAqoE1wJP0E7fRmTU9UCk_hxnN5pDRz58EaTzwuFxRNbSWriTyJT9oSBLf-cMuBNdW0PjaeTfn_KJYJ8WaCbjmFLFy318qzqSQGk0Os36lKBUw_qSISpQjYW8OPEXx8JrQBqV9NnCkf6bb8FHEnEdms5q3bNOFs3osVKZjnNwRThx7PFmcBocVsE0Bgp2BvJ0TcADy3v6l_gJQNtn9hgteZESCJ2yATdeaTAASpKSnQIaRWr52cPDF6HeRj7V7rEbBHuBD2vxYhFMP1nrIsH2bse3kGla-VXJZEQGTP-a6MjNh3XYYpGdeAdRPxS727L91iYv6qQppnSTS7UNLBTz-vqWWJPiUZL_F5GN1SwhlByBuowu2GlBH6JguC7kd5swNLHS6m-bKgNd8335nQkFa8FMzvWlksRhb0TdH1Fvmi98UFLIsn0vRLtvRMWNj3ewZdYlrnJMplYN3fnZ4AQBgAaxwonZoOnVy5ABoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0guVXfrokAHVnEYaU8CJXQ5bsPdA%26client%3Dca-pub-8927435346654667%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 397104
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9RuyeKEjsgRrn2K9PoZebriGxyR20I7o1hlDY%2F7VwcqgEdqdIe8bGhsHZ1o9t0%2BQ71nzx3Q%2BZq0Py6WjZex%2FwMvGO81G3B1w6Abb%2FBtky8AaIYmfCDsIxA6nqRUf7sIbHCslKs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7e37b0749efa37f7-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 27 Jun 2023 13:46:21 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EB7E 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4012292601039&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EB7E 0
20 B 47ms
46ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4012292601039&version=m202301230201&ct=76&x=1&cor=1908657309137392400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame EB7E 109 KB
40 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUCff_9Vdwat0o8YJqfXd2ICaJYK89HPu9XAt9Gpd_RLFtDwYDiFa2OfVvWVRYf6L1JPpsdhMzGoujHMbwMACsluWb0h3l7BKJbbW6JvQVNYBtlt5tuMKsaOjQ3h7_9JCFHoP2ldIYhwaewVkdgpIJeoCioZi-1NKteASzbalsFS2Ui0k&dbm_d=AKAmf-Dc3XWP0ormp-abVbM-hQS4LE_kU3mkgTv3EgfH8tLBDS3p3LCIlRnebFCzWiSIb5sCxg_23uB3FuXgh0xw6w9RrVgCngQASnFz2kMIgXjl64RgL4c3v2xlAuHkqGVK-AEKnqhlX8EUacm0o3IJ44A3CQhl7280J-oUDUFHKT5ApcHBB3bKyTQDtsQmWWXz_RmEZN_vxbAIj0q3Ss1Wt1v7Jd-in9teodGsigPGLjZIYD7jVxEi-cnmkGwKABfqzfANNELhwfYIb03MF-63lll0_QTtfdiC9jdwhzkiSBcIbcudMordxoW8UJq0UrhIE9h0zEyzZjl4JmWj-cZxQyRrDzfbTAT5qqYU2dO_lYCzQ64cCVtnqdbNBXmQsz3DZ7U2CsXYk-_8xnecRAnn4mw9Jb-rIzm4sA1lX5Xh5Y3QP6vhhC5w_uAn75E7eQYdLUHiaC3_BsiPoGy8Xg-GqAnBjHmkh4M-4TL1eywsJJISqlRbq5LrtoJg96qqY4UxAvO8qb_w-gk2xIlHKRXYOFCVqaU7hGmexeRtzxkTSMeiXaS5l_Te50JvydljSHdU4FUAiG-LaQ4bkD9iTjGoMsW4ztCGp4GdaCATmkpJBpdRDsnos_zmXCFccI2wBqTecV9KooMYLVky4qPyscN5lcYe14KzqKSJKiH7i2HSOJrxi5ksgfqnb1k3ByCjKvcNXkXcK8OIPkLqThnMiVHMc1JFIbsOXlBoLpFnk9uII5-UAJH1Y7UIZZa-c-VBghMx-ksK_ZgqoaqsiQz08p5CW9WNprk-ANYo5OGTnQbjCjkAJsEroCIiHgNfCtLJRuudQVzBOBtcCseb7Ew8fIUTHajQd02Nh59WjAZ4LfN5HbFyt50h_w9ppER7X5hvdos1XtXcyPjQ_AU2CB6cbuaRoh_INArMW9Z-v3YjVEnH9JgiAu-pS2XW6kud9w-tif1mwxU0aSyIL5Opg1p96eNA5adZzUG1c7dQHbW6dyQUGecC7hDe6vEhJAU2tIvYtx28YrxoFsEKR5ol1XozyLwtSCiBYCmE93BSxVYIGTxbyEBfUsuMx8b01PvpTDvWMQ-dZHX3Zg50r1IMUid-jNwnqj9paFZy4QDRShVIYEZrXfXhcMmmhRH2B2xsoJ765saM0HPBtAsguYCsXWSIvn6Vq2gUI4dH5qfPN9JywrnZrRFi7OZwcMLIHaC1jsXPFTbnYCVDW5Aiq-4azXmEGqxXz2IiqBgUPPv-Iehe6cLEnymg-b3mqt7s_M972SM1rbFKQAaz5JAbyYlf5NPSt4aVAny18RZ4mQL-PuEgz0JrfPANY1ct2fQ_pKg8_kYWLQpDwCjfe1W58p1tHxZD52X4xtTSLdJxRAYZ1XXJSKJVeEAmMg1EoM84pBgVv5SkwyL-PcWM-UGiB7ZfZDMm6T6FORLFDWltpjFkkNsFk_-i7J8tOStI63_Y21WPafVnpBV-YH6i9vxvLpgwx1brYZLDn_BagGlrQTKPHcEGA_4Bzo-9iXR0O8FSvlH4ZB6ESGCG-GiVyWoWxLEigX5AcD24KZTln-nIULNqe4Tnd3jNiXV_e5MX--e-BRk_sQZRpu-J-OhOxfp_Edz9CZoMJ4dUV6MAiDGm0kYSMi2k_dNevmIqRCWju8ygbscBIAh7rebhyRNNHY8X_uFP_wDCBBaL69VVVywqMDqeAL9_DMVnrsPmTZ6Fj0r89JQ5MOstqccfCT36_cGyskzoldTN8Wwyl8oJQvRbGHF-7ZS57vYSGzTHyVJ9N-2GQGKoSWCC_JWXCkRdqD1c1ENKiRSot3_0VfZxHpUqZO3i-hmKGSfyw1kztePOSb1OXIKeLQvYowwQbYtsIHXMmzPzon4e2XPTWeR0-jh6mA77V1KwPXJ5l1qGbkbg24bUQECe-buqsLqjmEDhsjQq8WFxE49S9uSP13YBaRwHPZr6jJtD12MoV_UDQScEqBxICGfuMD-kHluKYGyEqpw_CzP6lIrL40cX8OhANQMG1mLrq4JZK_Y-gWQtfmXTit86wr8G1zItevt8ffjppf-k0jP3WmU2RetL-7YHtvsi8qqMmsHSa03_3y7vxN3UmGtb5VbNaEq0zXJ2lR5eKyn4jCWQPM9blZcc2e5IsoW6HhBgayAf-bSJ9TrDPdBBwJK7rH79p1l-5LoMhVYqJurb8azu4qb6gtfR1LpYBaMG56lAiAF-1ebJYJ84DDLtVXEJwHaoC8QwUU_yq4N23NDX985scs9H0HMTdYLMYFU2I-ClwmHazdZfgvcqbEwEWHfE0frTPclJCgjVThHzkFQ-qqVLyfn0V_-at-5lO6LxI5Wk6h6K0YHFcnSNgTJggP29CAiFH_7J5oDjyjrInleZWDcfuSJinin9UqAX-HJoRmYpC7LCyNZrVH9kiiyKjA_tsKDCr5SpssTB24qKXWb0HpwO7HVscAVJ5Da3F60X7h3MiHBLkdeoGPSu_ZFP-7PNVfojm6rSm0yTx2Ms2fKydzWf0_dCpLDmLPAl_HMVcc57COodcb3JtjDMNd1CIBid0V63XH2wZA_Pu-3fP2Dd1ZdlUwsE-uysnw83alp8a6xBmy_vk4wtdqoeAvS87AzaUkqbH3sOeClgyZj3zkzaFzv0eofR_cPE_UcCvgRdbqpKWt7Y80pveIgZEqQRxbYxzFzPlqSMUNjBehXpNEVLqaSZvzhqwVk_TgfkNH9O9yJMJOXB-7FSoN28JeBp3LwHYSxHLwROKuGLmwFFwfRqsBVqBP93coOJBg1-sa0KmbnWCI6MvjpEB_O_31neDCZLFu7JBzJVUgdP6IJr57f7W20VdRtFfB9OS6rw-EoWgVfSAwL_LnKplPylkL8M45MfBRaxaEGl9TN76UDScYlKBtOVj7WSxbK_mACfGZvc68xRhacoPD5cyi9wzWmEBpaGQyAZ6iMPX6Bfv4mqeO02q5LRqFIDXbPdY2efrR7az4SQZuUg3Y9_rikN8BiOeWsgm6EE3TkopZhG2_QQ--ic_luL_qq_7oJ84f_KY0a-B6CV_M6WxxkeWHRB7Zgd4KUmtfjKFx3O0TuWF5CDy9dzTxRK_RJxa9KWqXmAAFohEwYXhdQBQiAGi3y6aDQNuRtKVRhDyO4JBSsjDCpGVYQ9dj966TyTSQuGH6OFBzENEepoKCJYQ8S5dDn7aKs4UYoeGw_9AmVDJZvGAO0jdAqVenvrGvHw1mrA_ypdATf7mx5-cOpDURtsaxVxtnso2svLpcRduLAN6MBu6Q33b89ap4D1NB-i1OOJ5Wccd_1GTHDLUWqVvfhXHVewvwEhCfjqIK0LVw31zzsA4_GgiZ3WFvSKa0jNHmS9Y-FK0bfkvzNzjYvwEnXRBkVAoJAVPZdsbgfXVDSWVonqjwqK76R55628xZ9JCeSLQxokLZ5f6Nyr6qJy6qyqfaUE1k7U8Hisrt14BDpX4OBQyZogz-i1OMgUq9uiOreKlD-m6XeF9AYPB5HJBFeNHRO-3Cu6M7qqp4y-2kyrnFb1wjtqUgFl6vNHdcIBeS0yU_c-Gv_PYUskme0yY4ELd5mTVXK2mKQfejMXTBf09cdpOH2HUvOOr-Dljkj9C3fRj8x6pKfIDzoC4Ei-rFXyKnkkdj91-WLHhr5KCwKm-i3U8d3e4qRVKUCb6fZB7KdtGCF4DbqLfGbB6wSu8PwzgDwR8Dmui8mfk909WJKuRhDZ9QIfydUGXfyJzDX_cLRbm5goW3ZfVQ&cid=CAQSPABpAlJWP8Da-T8Xcoo5-2AuzAzyWrrnm9xgewH5PgY386rQTOuQbCMfTcIfyqRPCLYfGyyybgyoLkewMhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fcreditosaibamais.com%2F&ds=l&xdt=1&iif=1&cor=1908657309137392400&adk=3047537735&idt=65&cac=0&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

314c8488d5c017bbc1ee3c27664e4df9da52854a12b815d8b775bbde6f33bd09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40996
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame E65C 37 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Jul 2024 10:33:05 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 40D2 35 B
464 B 55ms
9ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDcvtnccBlyNSKkxZHy75w8&google_cver=1&google_push=AaAOQGG07dbMCOoYaG10rf-QRqmKasSJHzBD_UgxopWquH__HRpcDQ4ETMCLZoHwtlJE1it7lKdhLQ1njWhB8Ov9RpEe6Jc8-wUH1w

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 40D2
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDebJxwvjvJlPXEmQu1cNCM&google_cver=1&google_push=AaAOQGGPADRbTA0MATpW7kGRXJaZHWgpnFnEjgopednIW8rWWniQznLBHRcSCLJFPkczhdRMlGK2IFUue3kVpiUvu-AP...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDebJxwvjvJlPXEmQu1cNCM&google_cver=1&google_push=AaAOQGGPADRbTA0MATpW7kGRXJaZHWgpnFnEjgopednIW8rWWniQznLBHRcSCLJFPkczhdRMlGK2IFUue3kVpi...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGPADRbTA0MATpW7kGRXJaZHWgpnFnEjgopednIW8rWWniQznLBHRcSCLJFPkczhdRMlGK2IFUue3kVpiUvu-AP-biGwx19&google_hm=SInYsIrCQpqndhgN6NWG3w==

170 B
188 B

26ms
25ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGPADRbTA0MATpW7kGRXJaZHWgpnFnEjgopednIW8rWWniQznLBHRcSCLJFPkczhdRMlGK2IFUue3kVpiUvu-AP-biGwx19&google_hm=SInYsIrCQpqndhgN6NWG3w==

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGPADRbTA0MATpW7kGRXJaZHWgpnFnEjgopednIW8rWWniQznLBHRcSCLJFPkczhdRMlGK2IFUue3kVpiUvu-AP-biGwx19&google_hm=SInYsIrCQpqndhgN6NWG3w==
date: Sat, 08 Jul 2023 10:36:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 40D2 43 B
245 B 73ms
19ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEICWzwZxO-xXkgluNC90U0U&google_cver=1&google_push=AaAOQGE5kjU2PBjD97DfTpjwuqFaJ83I1stPnFZY8ifDdWCwcMNodf8VUi7knf1MnDaJfrh0MKb-xHAKDMu8x0HdicrtfwTsdWQmUA
Requested by: Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 40D2
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAPjuCZKKfGQl2MQmxucAoc&google_cver=1&google_push=AaAOQGEerRWkV57RI0lVjFwmSBna7VPS7BhA91p9pNjt21Bb4Fyce143tkM91Ou56Bks7E4Z8_QbliZfHF1EHjlAm...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAPjuCZKKfGQl2MQmxucAoc&google_cver=1&google_push=AaAOQGEerRWkV57RI0lVjFwmSBna7VPS7BhA91p9pNjt21Bb4Fyce143tkM91Ou56Bks7E4Z8_QbliZfHF1EHjlAm...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGEerRWkV57RI0lVjFwmSBna7VPS7BhA91p9pNjt21Bb4Fyce143tkM91Ou56Bks7E4Z8_QbliZfHF1EHjlAm29RPyhvGV3A&google_hm=G8h8vGZHEW6OMcotQJ2a5key

170 B
188 B

24ms
24ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGEerRWkV57RI0lVjFwmSBna7VPS7BhA91p9pNjt21Bb4Fyce143tkM91Ou56Bks7E4Z8_QbliZfHF1EHjlAm29RPyhvGV3A&google_hm=G8h8vGZHEW6OMcotQJ2a5key

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 08 Jul 2023 10:36:59 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGEerRWkV57RI0lVjFwmSBna7VPS7BhA91p9pNjt21Bb4Fyce143tkM91Ou56Bks7E4Z8_QbliZfHF1EHjlAm29RPyhvGV3A&google_hm=G8h8vGZHEW6OMcotQJ2a5key
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 40D2
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEEGJaXUwVUR8WY2mSrkLb4g&google_cver=1&google_push=AaAOQGEvm_VxKUrW9VbcSdYSBsG3dfBbGb6q6grOsYz9_4jKQVb5tTXGPupgiwjz-0KOTohor4NqImuajXvz1_Q0G_5LbM...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEGJaXUwVUR8WY2mSrkLb4g&google_cver=1&google_push=AaAOQGEvm_VxKUrW9VbcSdYSBsG3dfBbGb6q6grOsYz9_4jKQVb5tTXGPupgiwjz-0KOTohor4NqImuajXvz1_Q0...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=_ZFUkazOQKmMVidb5GTsgA&google_push=AaAOQGEvm_VxKUrW9VbcSdYSBsG3dfBbGb6q6grOsYz9_4jKQVb5tTXGPupgiwjz-0KOTohor4NqImuajXvz1_Q...

170 B
188 B

23ms
23ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=_ZFUkazOQKmMVidb5GTsgA&google_push=AaAOQGEvm_VxKUrW9VbcSdYSBsG3dfBbGb6q6grOsYz9_4jKQVb5tTXGPupgiwjz-0KOTohor4NqImuajXvz1_Q0G_5LbMdbwNvAUQ

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=_ZFUkazOQKmMVidb5GTsgA&google_push=AaAOQGEvm_VxKUrW9VbcSdYSBsG3dfBbGb6q6grOsYz9_4jKQVb5tTXGPupgiwjz-0KOTohor4NqImuajXvz1_Q0G_5LbMdbwNvAUQ
access-control-allow-origin: *
date: Sat, 08 Jul 2023 10:36:59 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 40D2 0
75 B 269ms
21ms Image
text/plain 185.86.138.154
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEbEV2RiBvp_pk4IBRJ2TqY&google_cver=1&google_push=AaAOQGFjW3nhTsDWdZ1cu45QI1GIQXgsHLi7hDnEckUMWNFiLQOMsD76devg-pkdXPxHjXGqRNtSmpRoXYlqNc6gtDIdVBMXphKA3g
Requested by: Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:59 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 40D2
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOLj5lNxp...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOL...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4889d8b0-8ac2-429a-a776-180de8d586df&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

25ms
24ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4889d8b0-8ac2-429a-a776-180de8d586df&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4889d8b0-8ac2-429a-a776-180de8d586df&%%GOOGLE_PUSH_PAIR%%
date: Sat, 08 Jul 2023 10:36:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 40D2 0
12 B 27ms
26ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbdiVfoXQiD25oFFeGuuWtjn52i-W0sNFWEEhzFFbUsnNydt71NrTDOU9QsjQzSwohhSvbyA

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A1B7 0
0 56ms
56ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CoulJSjypZOizKIywx_AP3NmM4AKQ4YGEXLaoworwAsCNtwEQASAAYJXStYLEB4IBF2NhLXB1Yi04OTI3NDM1MzQ2NjU0NjY3yAEJqQK2a89MbWayPuACAKgDAcgDAqoE1AJP0E7fRmTU9UCk_hxnN5pDRz58EaTzwuFxRNbSWriTyJT9oSBLf-cMuBNdW0PjaeTfn_KJYJ8WaCbjmFLFy318qzqSQGk0Os36lKBUw_qSISpQjYW8OPEXx8JrQBqV9NnCkf6bb8FHEnEdms5q3bNOFs3osVKZjnNwRThx7PFmcBocVsE0Bgp2BvJ0TcADy3v6l_gJQNtn9hgteZESCJ2yATdeaTAASpKSnQIaRWr52cPDF6HeRj7V7rEbBHuBD2vxYhFMP1nrIsH2bse3kGla-VXJZEQGTP-a6MjNh3XYYpGdeAdRPxS727L91iYv6qQppnSTS7UNLBTz-vqWWJPiUZL_F5GN1SwhlByBuowu2GlBH6JguC7kd5swNLHS6m-bKgNd8335nQkFa8FMzrens1a2lsOd19YnDPU1wqDxpneCTpV3mUVPxuVI8cgJtqeQORbF4AQBgAaxwonZoOnVy5ABoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFx0KGxIUcHViLTg5Mjc0MzUzNDY2NTQ2NjcYj6eRAQ&sigh=U7HNQjrYg2E&uach_m=[UACH]&cid=CAQSOwBygQiDs0e2uJdQI5tF5ReAvuSvAyM-3iJJWFzwLC5um-HD-Wxzfm-hErcKyfOhHfUPX18PkU4mXmo4GAE&cbvp=2&vis=1
Requested by: Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame A1B7 0
103 B 61ms
21ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hptw3k4br09bcj6fzn6fnz6jymbbgdefette979k0wav2m4brgh3g9cg45x5dqke17a9vga3hq0pkg4ejg4vgxnwcbjnv7gsxbh827db4r4gev06ye4s8nqtksy5gvve3am6pv7feran4a0bc4z1jbkpr34crs7sph59eaj1f8dj0pd98dygn77a5ywxkq6vkwct9cw7mcr47gwvycz2k8a7qmvjxj4n2fx54x5wty0me2t73kng91t3rzsyx339s25dxqwh1j48x8s19zjdfncgbqxv8yhwb8146xm4k9rkf7avmjerwzh6k1c7ptfjd4jsp88xkpywv4z4g6qgn0vvrn1g9796ne882qsp9rsaqxn9haq35mjp1v49xcps8pmdsm83kc0qgsc&b=ZKk8SgAKGegIEdgMAAMs3GHKSlpiu5ByTqnRag&cbvp=2
Requested by: Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 08 Jul 2023 10:36:59 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 frame.html Show response
ad4m.at/ Frame 6F83 2 KB
1 KB 23ms
23ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1467067
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7e37b075aed30378-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sat, 08 Jul 2023 10:36:59 GMT
expires: Thu, 08 Jun 2023 00:41:56 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jj6WyGd944hu6MhTJhvMGDdcflaGWewzDxAVXO%2F3diOpEy5e%2Fj46Y69MbkRrWasxNdKJL5iqeb03K8p8k%2FFkVBlgmiDc49Ma1s1Oh5U5m0E%2FkhQmlL4aBv2tWVr2C6ztgxsy1%2F0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 1213417872897242 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 132ms
132ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1213417872897242?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0231a170cb5204055696f44f744eec121d834462c11476f479ff523fe59d294c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 08 Jul 2023 10:36:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: HekO/8CRH8dFDlxlBsKAYgaOl5uI+8dKIgp+gBRrgIx3NIezC0RwcgrQiH/tIc8XEtRPlkkzdAljVTABUT8wfw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1450266/71191499/ Frame EB7E 245 KB
74 KB 113ms
33ms Script
application/javascript 34.248.166.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1450266/71191499/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012305835&ias_pubId=pub-4894209870857905&ias_chanId=1&ias_placementId=20240023183&bidurl=https://creditosaibamais.com/e-bolsa-familia-150/&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0g8QRIhkGZmGRp4Atz93h7d
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.166.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-166-228.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: dbbc97570be1828460e926ceb5c92efa65afcc9928a71079551890266e3d12de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame EB7E 111 KB
39 KB 65ms
14ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
Origin: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1194
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jul 2023 10:17:05 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/ Frame EB7E 11 KB
4 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUCff_9Vdwat0o8YJqfXd2ICaJYK89HPu9XAt9Gpd_RLFtDwYDiFa2OfVvWVRYf6L1JPpsdhMzGoujHMbwMACsluWb0h3l7BKJbbW6JvQVNYBtlt5tuMKsaOjQ3h7_9JCFHoP2ldIYhwaewVkdgpIJeoCioZi-1NKteASzbalsFS2Ui0k&dbm_d=AKAmf-Dc3XWP0ormp-abVbM-hQS4LE_kU3mkgTv3EgfH8tLBDS3p3LCIlRnebFCzWiSIb5sCxg_23uB3FuXgh0xw6w9RrVgCngQASnFz2kMIgXjl64RgL4c3v2xlAuHkqGVK-AEKnqhlX8EUacm0o3IJ44A3CQhl7280J-oUDUFHKT5ApcHBB3bKyTQDtsQmWWXz_RmEZN_vxbAIj0q3Ss1Wt1v7Jd-in9teodGsigPGLjZIYD7jVxEi-cnmkGwKABfqzfANNELhwfYIb03MF-63lll0_QTtfdiC9jdwhzkiSBcIbcudMordxoW8UJq0UrhIE9h0zEyzZjl4JmWj-cZxQyRrDzfbTAT5qqYU2dO_lYCzQ64cCVtnqdbNBXmQsz3DZ7U2CsXYk-_8xnecRAnn4mw9Jb-rIzm4sA1lX5Xh5Y3QP6vhhC5w_uAn75E7eQYdLUHiaC3_BsiPoGy8Xg-GqAnBjHmkh4M-4TL1eywsJJISqlRbq5LrtoJg96qqY4UxAvO8qb_w-gk2xIlHKRXYOFCVqaU7hGmexeRtzxkTSMeiXaS5l_Te50JvydljSHdU4FUAiG-LaQ4bkD9iTjGoMsW4ztCGp4GdaCATmkpJBpdRDsnos_zmXCFccI2wBqTecV9KooMYLVky4qPyscN5lcYe14KzqKSJKiH7i2HSOJrxi5ksgfqnb1k3ByCjKvcNXkXcK8OIPkLqThnMiVHMc1JFIbsOXlBoLpFnk9uII5-UAJH1Y7UIZZa-c-VBghMx-ksK_ZgqoaqsiQz08p5CW9WNprk-ANYo5OGTnQbjCjkAJsEroCIiHgNfCtLJRuudQVzBOBtcCseb7Ew8fIUTHajQd02Nh59WjAZ4LfN5HbFyt50h_w9ppER7X5hvdos1XtXcyPjQ_AU2CB6cbuaRoh_INArMW9Z-v3YjVEnH9JgiAu-pS2XW6kud9w-tif1mwxU0aSyIL5Opg1p96eNA5adZzUG1c7dQHbW6dyQUGecC7hDe6vEhJAU2tIvYtx28YrxoFsEKR5ol1XozyLwtSCiBYCmE93BSxVYIGTxbyEBfUsuMx8b01PvpTDvWMQ-dZHX3Zg50r1IMUid-jNwnqj9paFZy4QDRShVIYEZrXfXhcMmmhRH2B2xsoJ765saM0HPBtAsguYCsXWSIvn6Vq2gUI4dH5qfPN9JywrnZrRFi7OZwcMLIHaC1jsXPFTbnYCVDW5Aiq-4azXmEGqxXz2IiqBgUPPv-Iehe6cLEnymg-b3mqt7s_M972SM1rbFKQAaz5JAbyYlf5NPSt4aVAny18RZ4mQL-PuEgz0JrfPANY1ct2fQ_pKg8_kYWLQpDwCjfe1W58p1tHxZD52X4xtTSLdJxRAYZ1XXJSKJVeEAmMg1EoM84pBgVv5SkwyL-PcWM-UGiB7ZfZDMm6T6FORLFDWltpjFkkNsFk_-i7J8tOStI63_Y21WPafVnpBV-YH6i9vxvLpgwx1brYZLDn_BagGlrQTKPHcEGA_4Bzo-9iXR0O8FSvlH4ZB6ESGCG-GiVyWoWxLEigX5AcD24KZTln-nIULNqe4Tnd3jNiXV_e5MX--e-BRk_sQZRpu-J-OhOxfp_Edz9CZoMJ4dUV6MAiDGm0kYSMi2k_dNevmIqRCWju8ygbscBIAh7rebhyRNNHY8X_uFP_wDCBBaL69VVVywqMDqeAL9_DMVnrsPmTZ6Fj0r89JQ5MOstqccfCT36_cGyskzoldTN8Wwyl8oJQvRbGHF-7ZS57vYSGzTHyVJ9N-2GQGKoSWCC_JWXCkRdqD1c1ENKiRSot3_0VfZxHpUqZO3i-hmKGSfyw1kztePOSb1OXIKeLQvYowwQbYtsIHXMmzPzon4e2XPTWeR0-jh6mA77V1KwPXJ5l1qGbkbg24bUQECe-buqsLqjmEDhsjQq8WFxE49S9uSP13YBaRwHPZr6jJtD12MoV_UDQScEqBxICGfuMD-kHluKYGyEqpw_CzP6lIrL40cX8OhANQMG1mLrq4JZK_Y-gWQtfmXTit86wr8G1zItevt8ffjppf-k0jP3WmU2RetL-7YHtvsi8qqMmsHSa03_3y7vxN3UmGtb5VbNaEq0zXJ2lR5eKyn4jCWQPM9blZcc2e5IsoW6HhBgayAf-bSJ9TrDPdBBwJK7rH79p1l-5LoMhVYqJurb8azu4qb6gtfR1LpYBaMG56lAiAF-1ebJYJ84DDLtVXEJwHaoC8QwUU_yq4N23NDX985scs9H0HMTdYLMYFU2I-ClwmHazdZfgvcqbEwEWHfE0frTPclJCgjVThHzkFQ-qqVLyfn0V_-at-5lO6LxI5Wk6h6K0YHFcnSNgTJggP29CAiFH_7J5oDjyjrInleZWDcfuSJinin9UqAX-HJoRmYpC7LCyNZrVH9kiiyKjA_tsKDCr5SpssTB24qKXWb0HpwO7HVscAVJ5Da3F60X7h3MiHBLkdeoGPSu_ZFP-7PNVfojm6rSm0yTx2Ms2fKydzWf0_dCpLDmLPAl_HMVcc57COodcb3JtjDMNd1CIBid0V63XH2wZA_Pu-3fP2Dd1ZdlUwsE-uysnw83alp8a6xBmy_vk4wtdqoeAvS87AzaUkqbH3sOeClgyZj3zkzaFzv0eofR_cPE_UcCvgRdbqpKWt7Y80pveIgZEqQRxbYxzFzPlqSMUNjBehXpNEVLqaSZvzhqwVk_TgfkNH9O9yJMJOXB-7FSoN28JeBp3LwHYSxHLwROKuGLmwFFwfRqsBVqBP93coOJBg1-sa0KmbnWCI6MvjpEB_O_31neDCZLFu7JBzJVUgdP6IJr57f7W20VdRtFfB9OS6rw-EoWgVfSAwL_LnKplPylkL8M45MfBRaxaEGl9TN76UDScYlKBtOVj7WSxbK_mACfGZvc68xRhacoPD5cyi9wzWmEBpaGQyAZ6iMPX6Bfv4mqeO02q5LRqFIDXbPdY2efrR7az4SQZuUg3Y9_rikN8BiOeWsgm6EE3TkopZhG2_QQ--ic_luL_qq_7oJ84f_KY0a-B6CV_M6WxxkeWHRB7Zgd4KUmtfjKFx3O0TuWF5CDy9dzTxRK_RJxa9KWqXmAAFohEwYXhdQBQiAGi3y6aDQNuRtKVRhDyO4JBSsjDCpGVYQ9dj966TyTSQuGH6OFBzENEepoKCJYQ8S5dDn7aKs4UYoeGw_9AmVDJZvGAO0jdAqVenvrGvHw1mrA_ypdATf7mx5-cOpDURtsaxVxtnso2svLpcRduLAN6MBu6Q33b89ap4D1NB-i1OOJ5Wccd_1GTHDLUWqVvfhXHVewvwEhCfjqIK0LVw31zzsA4_GgiZ3WFvSKa0jNHmS9Y-FK0bfkvzNzjYvwEnXRBkVAoJAVPZdsbgfXVDSWVonqjwqK76R55628xZ9JCeSLQxokLZ5f6Nyr6qJy6qyqfaUE1k7U8Hisrt14BDpX4OBQyZogz-i1OMgUq9uiOreKlD-m6XeF9AYPB5HJBFeNHRO-3Cu6M7qqp4y-2kyrnFb1wjtqUgFl6vNHdcIBeS0yU_c-Gv_PYUskme0yY4ELd5mTVXK2mKQfejMXTBf09cdpOH2HUvOOr-Dljkj9C3fRj8x6pKfIDzoC4Ei-rFXyKnkkdj91-WLHhr5KCwKm-i3U8d3e4qRVKUCb6fZB7KdtGCF4DbqLfGbB6wSu8PwzgDwR8Dmui8mfk909WJKuRhDZ9QIfydUGXfyJzDX_cLRbm5goW3ZfVQ&cid=CAQSPABpAlJWP8Da-T8Xcoo5-2AuzAzyWrrnm9xgewH5PgY386rQTOuQbCMfTcIfyqRPCLYfGyyybgyoLkewMhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fcreditosaibamais.com%2F&ds=l&xdt=1&iif=1&cor=1908657309137392400&adk=3047537735&idt=65&cac=0&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:15:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62460
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:15:59 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame EB7E 30 KB
11 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:16:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:16:06 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame EB7E 41 KB
13 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 333864
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jul 2024 13:52:35 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 59E7 1 KB
643 B 14ms
13ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63863
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 16:52:36 GMT
etag: 48472445140208031
expires: Sat, 08 Jul 2023 16:52:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EB7E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 922dbf28ecc4bd7341bb01fb1f64c367b6cbd4a96db57935b39b3dbe35cce6cf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 59E7
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKxndtno8_YiP0nSOxu9Cq8&google_cver=1&google_push=AaAOQGGUIM2VqNv_GqGyU4LI947F9gEKJgvRs6wD4ZbJLGkUP6EQk9BYoc...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGGUIM2VqNv_GqGyU4LI947F9gEKJgvRs6wD4ZbJLGkUP6EQk9BYoczxXXvjUnneuVD-WUguxNLr_qCEZuRXOyVjYu3LhtAo&google_hm=IvpHx9WEF8Q2...

170 B
188 B

27ms
27ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGGUIM2VqNv_GqGyU4LI947F9gEKJgvRs6wD4ZbJLGkUP6EQk9BYoczxXXvjUnneuVD-WUguxNLr_qCEZuRXOyVjYu3LhtAo&google_hm=IvpHx9WEF8Q2fXKYkTOMSw

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGGUIM2VqNv_GqGyU4LI947F9gEKJgvRs6wD4ZbJLGkUP6EQk9BYoczxXXvjUnneuVD-WUguxNLr_qCEZuRXOyVjYu3LhtAo&google_hm=IvpHx9WEF8Q2fXKYkTOMSw
date: Sat, 08 Jul 2023 10:36:59 GMT
cache-control: private, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0

GET
H2 200 i.match
a.tribalfusion.com/ Frame 59E7 43 B
391 B 193ms
189ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEOgNTltXzn0aKE_XS-YnvZY&google_cver=1&google_push=AaAOQGHchtJUiSAgOH5ALD926TxlvGt0czt7n-VZRJrAU22BB-4T6Cnnppoc0rMnDXAmKYSLMVaXQJ1s9fmsaAXAMyI2GpF08YrT&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGHchtJUiSAgOH5ALD926TxlvGt0czt7n-VZRJrAU22BB-4T6Cnnppoc0rMnDXAmKYSLMVaXQJ1s9fmsaAXAMyI2GpF08YrT%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e37b0762bf1085b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 59E7
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESENoAAqahJHsM9ZydPrBscK4&google_cver=1&google_push=AaAOQGFZcIRnPL3HkslMH3gfMyiiqstX2DKLy8e9oGFI0oQc6MwOpLzoeEksKl1WEzd4FSgcJIo5TO-pxGD0Hi7r6OPAKujOhgHB
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=59562F31D6AE485F88BC48C0AC0B71A0&google_push=AaAOQGFZcIRnPL3HkslMH3gfMyiiqstX2DKLy8e9oGFI0oQc6MwOpLzoeEksKl1WEzd4FSgcJIo5TO-pxGD0Hi7...

170 B
188 B

24ms
23ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=59562F31D6AE485F88BC48C0AC0B71A0&google_push=AaAOQGFZcIRnPL3HkslMH3gfMyiiqstX2DKLy8e9oGFI0oQc6MwOpLzoeEksKl1WEzd4FSgcJIo5TO-pxGD0Hi7r6OPAKujOhgHB

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 08 Jul 2023 10:36:59 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=59562F31D6AE485F88BC48C0AC0B71A0&google_push=AaAOQGFZcIRnPL3HkslMH3gfMyiiqstX2DKLy8e9oGFI0oQc6MwOpLzoeEksKl1WEzd4FSgcJIo5TO-pxGD0Hi7r6OPAKujOhgHB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 07 Jul 2023 10:36:59 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 59E7
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBdovT1IRkNUirZyKfaKT7g&google_cver=1&google_push=AaAOQGHA5FpL0lQCFTtfZBou46lQzKlza_3XSRnUMQeINl1rr6lqgLdrEmCEwSqCrQxXO-J7YhP6e2Ts9Dn3QREJ...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGHA5FpL0lQCFTtfZBou46lQzKlza_3XSRnUMQeINl1rr6lqgLdrEmCEwSqCrQxXO-J7YhP6e2Ts9Dn3QREJkJr-EFXcGp03

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGHA5FpL0lQCFTtfZBou46lQzKlza_3XSRnUMQeINl1rr6lqgLdrEmCEwSqCrQxXO-J7YhP6e2Ts9Dn3QREJkJr-EFXcGp03

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 08 Jul 2023 10:36:59 GMT
via: 1.1 8ac1a27a8fede22f241f081ad0edec42.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS1-P3
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGHA5FpL0lQCFTtfZBou46lQzKlza_3XSRnUMQeINl1rr6lqgLdrEmCEwSqCrQxXO-J7YhP6e2Ts9Dn3QREJkJr-EFXcGp03
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: PZaznLcOb8xdHaLL7XAbVY5oeVH5cHI7qo8pLS961XD0cVd3zZf_7w==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 59E7
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIUvkVIe1F6lYYO9bXfjxpA&google_cver=1&google_push=AaAOQGE62gr1biHvbP0DdEa1WnUkSV_0Em17IL2Tno14VbOyrB2Vux0xX_XP7dwPisxIW8VfMWbj8cIsMV7jTK8pB3s2AbF_128l
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGE62gr1biHvbP0DdEa1WnUkSV_0Em17IL2Tno14VbOyrB2Vux0xX_XP7dwPisxIW8VfMWbj8cIsMV7jTK8pB3s2AbF_128...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg1MjAyMjE5ODA4MTY1MzY2OTM5MA%3D%3D&google_push=AaAOQGE62gr1biHvbP0DdEa1WnUkSV_0Em17IL2Tno14VbOyrB2Vux0x...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg1MjAyMjE5ODA4MTY1MzY2OTM5MA%3D%3D&google_push=AaAOQGE62gr1biHvbP0DdEa1WnUkSV_0Em17IL2Tno14VbOyrB2Vux0xX_XP7dwPisxIW8VfMWbj8cIsMV7jTK8pB3s2AbF_128l

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg1MjAyMjE5ODA4MTY1MzY2OTM5MA%3D%3D&google_push=AaAOQGE62gr1biHvbP0DdEa1WnUkSV_0Em17IL2Tno14VbOyrB2Vux0xX_XP7dwPisxIW8VfMWbj8cIsMV7jTK8pB3s2AbF_128l
date: Sat, 08 Jul 2023 10:36:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
onetag-sys.com/match/ Frame 59E7
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOXo29bIiA6542l3lrc7M0I&google_cver=1&google_push=AaAOQGGlV4WwwWCqUEq_4vRfmIrHaP1crk8PZibs7l2AW6Ijo0f6tFgMwjGNNiiEX60OCEy2PiQOX8Ai78l...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGlV4WwwWCqUEq_4vRfmIrHaP1crk8PZibs7l2AW6Ijo0f6tFgMwjGNNiiEX60OCEy2PiQOX8Ai78lp2n_fJ45ZRtFIYDwzEw
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

14ms
14ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 59E7
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBEDPh-4TM8-yUO0VepuiV8&google_cver=1&google_push=AaAOQGEnJQ8YDckQB...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjAyMjUwODU1NzYxODkyODQ3OQ%3D%3D&google_gid=CAESEBEDPh-4TM8-yUO0VepuiV8&google_cver=1&google_push=AaAOQGEnJQ8YDckQBiGMvk3w8GkzSnoLmL...

170 B
188 B

23ms
23ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjAyMjUwODU1NzYxODkyODQ3OQ%3D%3D&google_gid=CAESEBEDPh-4TM8-yUO0VepuiV8&google_cver=1&google_push=AaAOQGEnJQ8YDckQBiGMvk3w8GkzSnoLmLzqaceUrmexnoIr3p75kPqWt-tXizrvzdPG4d4HExhFV2QaOkC8OOfr0CGxwaMCaZePAQ

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
an-x-request-uuid: 70a0f3f1-e942-41cf-b079-279fc7a79103
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjAyMjUwODU1NzYxODkyODQ3OQ%3D%3D&google_gid=CAESEBEDPh-4TM8-yUO0VepuiV8&google_cver=1&google_push=AaAOQGEnJQ8YDckQBiGMvk3w8GkzSnoLmLzqaceUrmexnoIr3p75kPqWt-tXizrvzdPG4d4HExhFV2QaOkC8OOfr0CGxwaMCaZePAQ
x-proxy-origin: 178.162.209.138; 178.162.209.138; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 59E7 0
12 B 23ms
21ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kjv9nQYLGXq5vEBG6Qitued9_t2OL_mCr6wSzj9nbcs4PvwHBUiZATl02lD9Lh_NxgC1OnEcY

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1F86 22 KB
8 KB 14ms
13ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 155049
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 15:32:50 GMT
expires: Fri, 05 Jul 2024 15:32:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012306202201000/ Frame 7F95 222 KB
61 KB 91ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 17:10:51 GMT
age: 235568
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61909
x-xss-protection: 0
server: sffe
etag: "f919e19544cf979d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 17:10:51 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 7F95 15 KB
5 KB 123ms
46ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Jul 2023 22:13:03 GMT
age: 131036
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "64cbd7fca0464c6f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 Jul 2024 22:13:03 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 7F95 94 KB
28 KB 116ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:18:55 GMT
age: 238684
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28896
x-xss-protection: 0
server: sffe
etag: "4dcd9a8c59f0d36a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:18:55 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 7F95 5 KB
2 KB 122ms
45ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:19:04 GMT
age: 238675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1898
x-xss-protection: 0
server: sffe
etag: "b82574a955fb50a0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:19:04 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 7F95 40 KB
13 KB 120ms
43ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:18:58 GMT
age: 238681
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12958
x-xss-protection: 0
server: sffe
etag: "5e14f2792a869535"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:18:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7F95 6 KB
706 B 24ms
24ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Jul 2023 10:36:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Jul 2023 08:45:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Jul 2023 10:36:59 GMT

GET
H3 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7F95 3 KB
3 KB 14ms
13ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 15:05:21 GMT
x-content-type-options: nosniff
server: cafe
age: 70298
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Sat, 08 Jul 2023 15:05:21 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7F95 344 B
368 B 14ms
13ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 19:03:49 GMT
x-content-type-options: nosniff
server: cafe
age: 55990
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 08 Jul 2023 19:03:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7F95 0
0 23ms
23ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQVMsp7XEMCMc_-0fiukQUewCaOdzFrSE_ShFTxjKIemCxkc0lyk04XD0hy_7OPjSYaEa6ordOgvw5KMbqQ6nED9qGR-g
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/ Frame 2593 6 KB
2 KB 55ms
26ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed57e4e386f0ea1868d9d4109261a8ec197f5b9ab81b8227bf3142c7f64a643a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 141740
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1835
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 19:14:39 GMT
expires: Fri, 05 Jul 2024 19:14:39 GMT
last-modified: Thu, 01 Jun 2023 09:01:38 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EB7E 0
0 115ms
59ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssAQNeEGXksZWaW_j4ROsa_IzZ0WXghIXnzzippSoikRju-zpeGt7I1-PO-prUdUZqNjmm9i7RY24BYIJXi_G82Jrn_-7aALLr5IkUMmMb55V6mrIyS81GFGaxrFHiaLaOzOdbbE5nRM_owqI8cXRlDlayq1QZ4HbfMdZ7lIu3U0vrFLv66qmU0-U4oj8iDw7AK8-7xP-YTxZ49G4wK1NYa3lnm7xpt5wznK8PK3jGjJ5g0BdhKjftG0e8q_TpFQ4Ea5NyhalvQQy9DBUxdeK94H4Qojx-LlIH8cicJd6D6Ui-LL6P47U-ouVVQhwLzjvSzzsFVWXcftLdiZdtxNFwmUX2HFQB8STabSJutcS6wXlUhO2M_eFS9CvVrMg21wHhWmcZ_9_pe74lVCHQ4bOhEw8ZyMzPjJbtDTYX4Sz5CgRevqOqajB2wyilTQBPQ0Tye57tlVJQWHkanSFWZ5RbKO8n-JseBuPDUbdFGuuG5sdzDT3HCV_uRF84IrJbd5Ac7A_yO2O1wevuKnIlvnq8EtEjdySO8yCR-65QglyaNuTIBlGue2EpflNoDULzPZg6Horeh5IqIQ84PEb_LP3q07LTi3wJ-WGQ5z003hPDG_8zIRM6gEJfleB3KB5Un61Ps0hoIE97eF5KKNHXcur3HdqQoEbgl3Pf41hTS6Gtr22ofozeHM6n2x7T9XpX2uqDYNbBbKbg085-hQEmddng4o2_KZ4Yp_x0K0NYLoypSmvgjSVYD0EI5gVN53HPJ6Mmk_yh6gMRlre2Gj8GJWKrnq2XmWoTXukyKhHvSNuI7D4qD8XSyZZG3658UmlZc_z8og7ThyYw1G3wyGifbZFoznOewn23E7xDLbjykak22Tm0r-dZfWcLf6EU5femhR5AUG1tOTPef4zV0ZHp3qCOC_xf41EdAznUybmq5ArPO5f42RCWCYqz-oyj2kGGDb1tJ__YnLNby0wz7PnZOCrRdC-twm7Atep24lOUJeAZmBSH51qTDVH00PaH5-oX75icYZNeLEMZ4jwmpOs6ZPwzeKSLdUvs2vh4HfDdaMMCHhLZgZMPEwNP_rDpCq9G3hTtM69vZqHSSaGj_V5atWSxzDyMwv_Uz_zTlvIkFp6MBVJWkC3fldOQ0mdAqzKfWRiZq1AWpAv2xJwDWHgljaaarhD1oHANilXAN_L4L90lXyGMPYY7Na13r4OVN-T-4zxk80hedeU7RLYVOSKUwwS3T48XwSi0i3ZQctzBWrhpeFgOcT9HRILNuxXFUYumEjhROeoMjUvJ27o9jAqA8XPQKbbRnKjRWkyj7UXv3QyRwa5MGhYalipUpXS1TUNIR2Yclw46axV-OcYN8QiVmQz6YUrnicnuCPuMUlyD8vpU&sai=AMfl-YRQ6ihbflqno8MbKE0A-5IihPAebK770R-sbiWQJKKHrhqUWUC0e7gePKJ042P-2ALzs3gqDElmfgIbS_lFJc-Bvff7HHjub3DvGa4ptgXEcGfbxXrMQxKGhutf2lxcViun_f-P67ZIPGn3tgbURINCLLLp4VoP2NQLz84ryG3veNWZtFexAB81uTbGK4eLaVbFcXGocxnf554FQPYD_bjdglWyWpxqhXfYQh6t8qpuuO1Il4cpaUuszaPbgVfMnXr5d352CDnU81TR6PydVmxRA148EJE&sig=Cg0ArKJSzEMe5XQm80FEEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=118&cbvp=1&cstd=116&cisv=r20230705.94322&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 08 Jul 2023 10:36:59 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 08 Jul 2023 10:36:59 GMT

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F86 37 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Jul 2024 10:33:05 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame 7BDA 1 KB
2 KB 32ms
31ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4ec339f2909bc40e2697423a7f7c387e231362bf91151ff8311a206e490b35d

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 08 Jul 2023 10:36:59 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0HIXAIu8pKjpZ7rzSb83zGQOamZTwsl6LIZgOO1IsCyTKCfibHdJKZnwLsjDLI92rKRIT5pGCUKP%2FCZJi%2BIESCckj1Mdx2r4s%2BwSQ2qZPNoJsymc%2FEMmZwTUug%2FwWXiB4qVsIc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7e37b076cff21945-FRA
x-backend-server: aa-reachservice-group-europe-west1-5z6c
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 42ms
31ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e37b0769fad1945-FRA
content-length: 24
content-type: text/plain
date: Sat, 08 Jul 2023 10:36:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZ4bACZI3T4V62GXDe4TDP%2BQRGSWIEsm8TFRjPzEGFDOOClKhLYUN8q7MtrDx0Rr6AbCinunTatT9fd9qv6SfCFA6sHCkdw92eK7GxyKEDeGMvU9Tcj3zJ3NDag8LGdDBare7KU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-5z6c

GET
H3 200 style.css
s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/ Frame 2593 3 KB
1 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517b5b29ec6d14cf27d10e562ca677177233a78b5213a7d0e304d31580004491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141757
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1154
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 09:01:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jul 2024 19:14:22 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2593 57 KB
23 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 10:36:59 GMT

GET
H3 200 imagesloaded.pkgd.min.js Show response
s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/js/libs/ Frame 2593 5 KB
2 KB 16ms
15ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/js/libs/imagesloaded.pkgd.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141757
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1810
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 09:01:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jul 2024 19:14:22 GMT

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/js/ Frame 2593 6 KB
1 KB 16ms
16ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/js/animation.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b5f517cbb796d499b49a4d5a1e93212d72a1e73e2690c365074b90b1ac9c169

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141757
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1224
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 09:01:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jul 2024 19:14:22 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame EB7E
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1450266/71191499/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012305835&ias_pubId=pub-4894209870857905&ias_chanId=1&ias_placementId=20240023183&bidurl=ht...
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_SzypZPZny7rH8A-IvKDoBw&cbFunctionName=goog_wrapCb_SzypZPZny7rH8A-IvKDoBw&true_pb=https%3A%2F%2Fstatic.adsafe...

1 KB
1 KB

14ms
13ms

Script
application/javascript

2600:9000:238d:ae00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_SzypZPZny7rH8A-IvKDoBw&cbFunctionName=goog_wrapCb_SzypZPZny7rH8A-IvKDoBw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Requested by: Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:238d:ae00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:42:05 GMT
x-amz-version-id: 9RHQ6Zwvantw3tPcQYBPlQTI5ffoge3v
content-encoding: gzip
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 226495
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 05 Jul 2023 19:42:01 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: RBJrT1qKSy04x6xZ0SHz7RDMvzwgpB8a52nZRekWusUqrSaJGDGucw==

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
server: nginx
x-server-name: app17.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_SzypZPZny7rH8A-IvKDoBw&cbFunctionName=goog_wrapCb_SzypZPZny7rH8A-IvKDoBw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame AD32 91 KB
23 KB 64ms
14ms Script
application/javascript 2600:9000:238d:ae00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:ae00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 13:56:00 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 8714460
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Y1V8cHfjH91mGjLxy98nWp0E89-pvwvVnyYldLfZxW3-SL6ChlVizw==

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame A8BB 5 KB
3 KB 32ms
32ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=320&d=50&e=&g=df1e53697bb333bdf7a0da348a79bf71%2F10321389312676332452&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688812619319&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxaf5zdpa9pa771703v5h23y9xft949cdtgjvcmk8w68hmg88hjpk6ynf1cvtk4kw4jtj9sx03yp0shnha7bn99abbw5hw7cn21ca19mgdz3v6qwcgbvxc5nr2kd67q8kswj53aq0dyedfphckkhwmpgg43wpcz9sx096yjyr1ycqpkg02v7yff6x56gac8r8xe2ykbgfc6tas5ree28ywczphcn7d5a725ancdq5cxd6a7242ehf4b8pga9z07k5dmt72153f3pjgbq3md4ehy2c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuKgJSjypZOizKIywx_AP3NmM4AKQ4YGEXLaoworwAsCNtwEQASAAYJXStYLEB4IBF2NhLXB1Yi04OTI3NDM1MzQ2NjU0NjY3yAEJqQK2a89MbWayPuACAKgDAcgDAqoE1wJP0E7fRmTU9UCk_hxnN5pDRz58EaTzwuFxRNbSWriTyJT9oSBLf-cMuBNdW0PjaeTfn_KJYJ8WaCbjmFLFy318qzqSQGk0Os36lKBUw_qSISpQjYW8OPEXx8JrQBqV9NnCkf6bb8FHEnEdms5q3bNOFs3osVKZjnNwRThx7PFmcBocVsE0Bgp2BvJ0TcADy3v6l_gJQNtn9hgteZESCJ2yATdeaTAASpKSnQIaRWr52cPDF6HeRj7V7rEbBHuBD2vxYhFMP1nrIsH2bse3kGla-VXJZEQGTP-a6MjNh3XYYpGdeAdRPxS727L91iYv6qQppnSTS7UNLBTz-vqWWJPiUZL_F5GN1SwhlByBuowu2GlBH6JguC7kd5swNLHS6m-bKgNd8335nQkFa8FMzvWlksRhb0TdH1Fvmi98UFLIsn0vRLtvRMWNj3ewZdYlrnJMplYN3fnZ4AQBgAaxwonZoOnVy5ABoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0guVXfrokAHVnEYaU8CJXQ5bsPdA%2526client%253Dca-pub-8927435346654667%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bc5bb8602d145911a5b5b784bf2338c30a3a137b8f6a2c2fb73761afcac0b15

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kp8318hb48crzc7e5wb66r1d5bgnbc8svgtaw2k9k8g2c397b3byyn2mgs3v9b86pmwhw9fy0zw8ndp8ys7rh6m8txm1wgkp7sdg3fe3vtj1209a0x66fk6jd19nez0mg7awfbp67a6960wp22y55daa9krznvzgvcmschd1r4k2c7vggy9xyjmptf8wp0xrx8qys46rjapd5k79pxhkmmb8gh4b2h4dpezk0b17y9y51vebazz01yn8dtffb6tp55bhpaj44x2j714ktt7xdndhrdhmwym9tcjxw1xk2737vbnptt5h5rdz10w9m4j94em0jm7r04wyfjgsjbvp793k1r2w84b11vmf9ccnygvdpkh83qsth3wdf08784tjetaaxkbgna4p07rpjp21bqcn6562ttp9tfj58w1j7gfqywpmr7k3bxcjs2whkpxsvnjedrsn8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuKgJSjypZOizKIywx_AP3NmM4AKQ4YGEXLaoworwAsCNtwEQASAAYJXStYLEB4IBF2NhLXB1Yi04OTI3NDM1MzQ2NjU0NjY3yAEJqQK2a89MbWayPuACAKgDAcgDAqoE1wJP0E7fRmTU9UCk_hxnN5pDRz58EaTzwuFxRNbSWriTyJT9oSBLf-cMuBNdW0PjaeTfn_KJYJ8WaCbjmFLFy318qzqSQGk0Os36lKBUw_qSISpQjYW8OPEXx8JrQBqV9NnCkf6bb8FHEnEdms5q3bNOFs3osVKZjnNwRThx7PFmcBocVsE0Bgp2BvJ0TcADy3v6l_gJQNtn9hgteZESCJ2yATdeaTAASpKSnQIaRWr52cPDF6HeRj7V7rEbBHuBD2vxYhFMP1nrIsH2bse3kGla-VXJZEQGTP-a6MjNh3XYYpGdeAdRPxS727L91iYv6qQppnSTS7UNLBTz-vqWWJPiUZL_F5GN1SwhlByBuowu2GlBH6JguC7kd5swNLHS6m-bKgNd8335nQkFa8FMzvWlksRhb0TdH1Fvmi98UFLIsn0vRLtvRMWNj3ewZdYlrnJMplYN3fnZ4AQBgAaxwonZoOnVy5ABoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0guVXfrokAHVnEYaU8CJXQ5bsPdA%26client%3Dca-pub-8927435346654667%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e37b07749470378-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 10:36:59 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EB7E 43 B
215 B 322ms
95ms Image
image/gif 2600:1f18:1aca:4282:9ade:a558:9541:9e8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=a250891c-19c3-4e49-f9ee-a48adc587b06&tv=%7Bc:hLRaWM,pingTime:-3,time:46,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:46,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJpHDVs+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C17*.1450266-71191499%7C171%7C172%7C1731%7C174%7C1811%7C182%7C19,idMap:17*,rmeas:1,rend:0,renddet:na,siq:19%7D&br=c
Requested by: Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:9ade:a558:9541:9e8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EB7E 43 B
215 B 318ms
94ms Image
image/gif 2600:1f18:1aca:4282:9ade:a558:9541:9e8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=a250891c-19c3-4e49-f9ee-a48adc587b06&tv=%7Bc:hLRaWO,pingTime:-6,time:48,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:48,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B42~0%5D,as:%5B42~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJpHDVs+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C17*.1450266-71191499%7C171%7C172%7C1731%7C174%7C1811%7C182%7C19,idMap:17*,rmeas:1,rend:0,renddet:na,siq:19%7D&tpiLookup=ao:creditosaibamais.com*&br=c
Requested by: Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:9ade:a558:9541:9e8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EB7E 43 B
216 B 291ms
93ms Image
image/gif 2600:1f18:1aca:4282:9ade:a558:9541:9e8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=a250891c-19c3-4e49-f9ee-a48adc587b06&tv=%7Bc:hLRaXh,pingTime:-2,time:77,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:559,beZ:560,mfA:562,cmA:563,inA:563,inZ:567,prA:567,prZ:572,si:577,poA:578,poZ:597,cmZ:597,mfZ:597,loA:606,loZ:609,ltA:635,ltZ:635%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:77,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B71~0%5D,as:%5B71~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJpHDVs+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C17*.1450266-71191499%7C171%7C172%7C1731%7C174%7C1811%7C182%7C19,idMap:17*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:19,sinceFw:57,readyFired:true%7D&br=c
Requested by: Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:9ade:a558:9541:9e8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 bg1.png
s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2593 149 KB
149 KB 14ms
14ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/bg1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c06f3e2d11ae8d13ec4972e9735e56c690bfd2ebd0ab3dddc7e139823aa68a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 01:01:28 GMT
x-content-type-options: nosniff
age: 293731
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 152515
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 09:01:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 04 Jul 2024 01:01:28 GMT

GET
H3 200 bg2.png
s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2593 118 KB
118 KB 19ms
18ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/bg2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76bc0515b8cbe534a349d706c29670a6905c795dc72771758572f6ba2cee3d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:14:23 GMT
x-content-type-options: nosniff
age: 141756
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120457
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 09:01:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jul 2024 19:14:23 GMT

GET
H3 200 symbol.png
s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2593 386 B
413 B 25ms
23ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/symbol.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cae92b6720ec25a723beb4aacb4f5a13eef11dca7103dd8e9579fe0b410280c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:14:23 GMT
x-content-type-options: nosniff
age: 141756
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 386
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 09:01:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jul 2024 19:14:23 GMT

GET
H3 200 symbol_last.png
s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2593 416 B
443 B 25ms
24ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/symbol_last.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb886e724b7045c177503cc02fe83cc95f1c5f611d7a49423125668d96bed22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 16:12:25 GMT
x-content-type-options: nosniff
age: 584674
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 416
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 09:01:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Jun 2024 16:12:25 GMT

GET
H3 200 txt1_L1.png
s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2593 2 KB
2 KB 18ms
17ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/txt1_L1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1ae5ff9dd11b29accfa98dc487601463702ba29e4a1fb50ac887cf3a27b7d1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 04:02:28 GMT
x-content-type-options: nosniff
age: 542071
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1965
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 09:01:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Jul 2024 04:02:28 GMT

GET
H3 200 txt1_L2.png
s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2593 1 KB
1 KB 29ms
27ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/txt1_L2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34d19139fa9065fdb1b2cc41071fa394aabb44dbd59b6e4f0b7b34ca37bf2bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 16:16:13 GMT
x-content-type-options: nosniff
age: 584446
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1479
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 09:01:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Jun 2024 16:16:13 GMT

GET
H3 200 txt2_L1.png
s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2593 2 KB
2 KB 28ms
27ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/txt2_L1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c85a8aa65067d5e66e262e065206b90b5477f00c755cb6305e620a55359dcfc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 00:06:59 GMT
x-content-type-options: nosniff
age: 297000
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1548
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 09:01:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 04 Jul 2024 00:06:59 GMT

GET
H3 200 txt2_L2.png
s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2593 1 KB
1 KB 28ms
26ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/txt2_L2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f953399a813f6fba620287c04c112ec8eaaf135a8a21e9577e324cde88085a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:14:23 GMT
x-content-type-options: nosniff
age: 141756
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1315
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 09:01:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jul 2024 19:14:23 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2593 2 KB
2 KB 26ms
25ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

288624bba893e4d8b459ed92ec649c4dff0062897be453cae754c799b513b1ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:14:23 GMT
x-content-type-options: nosniff
age: 141756
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1942
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 09:01:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jul 2024 19:14:23 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2593 981 B
1008 B 25ms
24ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/cta.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b96f7c909bf426eb41e8d63b19ee5da9288e3c3e9d4fc6197c900a524ad425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:14:23 GMT
x-content-type-options: nosniff
age: 141756
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 981
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 09:01:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jul 2024 19:14:23 GMT

GET
H3 200 circle.png
s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2593 754 B
781 B 27ms
25ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/circle.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcd65701429a1b8345f23ca44dec6bbd65db04667a710190513836051def6a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:14:23 GMT
x-content-type-options: nosniff
age: 141756
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 754
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 09:01:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jul 2024 19:14:23 GMT

GET
H3 200 arrow.png
s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2593 360 B
387 B 26ms
25ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/arrow.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd33afcbd1e6821616e4b921242b16d53e7cd2b1142023f86d4b20393b5a3716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6746573009925416408/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:33:29 GMT
x-content-type-options: nosniff
age: 210
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 09:01:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Jul 2024 10:33:29 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame A8BB 114 KB
14 KB 24ms
23ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=320&d=50&e=&g=df1e53697bb333bdf7a0da348a79bf71%2F10321389312676332452&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688812619319&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxaf5zdpa9pa771703v5h23y9xft949cdtgjvcmk8w68hmg88hjpk6ynf1cvtk4kw4jtj9sx03yp0shnha7bn99abbw5hw7cn21ca19mgdz3v6qwcgbvxc5nr2kd67q8kswj53aq0dyedfphckkhwmpgg43wpcz9sx096yjyr1ycqpkg02v7yff6x56gac8r8xe2ykbgfc6tas5ree28ywczphcn7d5a725ancdq5cxd6a7242ehf4b8pga9z07k5dmt72153f3pjgbq3md4ehy2c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuKgJSjypZOizKIywx_AP3NmM4AKQ4YGEXLaoworwAsCNtwEQASAAYJXStYLEB4IBF2NhLXB1Yi04OTI3NDM1MzQ2NjU0NjY3yAEJqQK2a89MbWayPuACAKgDAcgDAqoE1wJP0E7fRmTU9UCk_hxnN5pDRz58EaTzwuFxRNbSWriTyJT9oSBLf-cMuBNdW0PjaeTfn_KJYJ8WaCbjmFLFy318qzqSQGk0Os36lKBUw_qSISpQjYW8OPEXx8JrQBqV9NnCkf6bb8FHEnEdms5q3bNOFs3osVKZjnNwRThx7PFmcBocVsE0Bgp2BvJ0TcADy3v6l_gJQNtn9hgteZESCJ2yATdeaTAASpKSnQIaRWr52cPDF6HeRj7V7rEbBHuBD2vxYhFMP1nrIsH2bse3kGla-VXJZEQGTP-a6MjNh3XYYpGdeAdRPxS727L91iYv6qQppnSTS7UNLBTz-vqWWJPiUZL_F5GN1SwhlByBuowu2GlBH6JguC7kd5swNLHS6m-bKgNd8335nQkFa8FMzvWlksRhb0TdH1Fvmi98UFLIsn0vRLtvRMWNj3ewZdYlrnJMplYN3fnZ4AQBgAaxwonZoOnVy5ABoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0guVXfrokAHVnEYaU8CJXQ5bsPdA%2526client%253Dca-pub-8927435346654667%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=320&d=50&e=&g=df1e53697bb333bdf7a0da348a79bf71%2F10321389312676332452&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688812619319&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxaf5zdpa9pa771703v5h23y9xft949cdtgjvcmk8w68hmg88hjpk6ynf1cvtk4kw4jtj9sx03yp0shnha7bn99abbw5hw7cn21ca19mgdz3v6qwcgbvxc5nr2kd67q8kswj53aq0dyedfphckkhwmpgg43wpcz9sx096yjyr1ycqpkg02v7yff6x56gac8r8xe2ykbgfc6tas5ree28ywczphcn7d5a725ancdq5cxd6a7242ehf4b8pga9z07k5dmt72153f3pjgbq3md4ehy2c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuKgJSjypZOizKIywx_AP3NmM4AKQ4YGEXLaoworwAsCNtwEQASAAYJXStYLEB4IBF2NhLXB1Yi04OTI3NDM1MzQ2NjU0NjY3yAEJqQK2a89MbWayPuACAKgDAcgDAqoE1wJP0E7fRmTU9UCk_hxnN5pDRz58EaTzwuFxRNbSWriTyJT9oSBLf-cMuBNdW0PjaeTfn_KJYJ8WaCbjmFLFy318qzqSQGk0Os36lKBUw_qSISpQjYW8OPEXx8JrQBqV9NnCkf6bb8FHEnEdms5q3bNOFs3osVKZjnNwRThx7PFmcBocVsE0Bgp2BvJ0TcADy3v6l_gJQNtn9hgteZESCJ2yATdeaTAASpKSnQIaRWr52cPDF6HeRj7V7rEbBHuBD2vxYhFMP1nrIsH2bse3kGla-VXJZEQGTP-a6MjNh3XYYpGdeAdRPxS727L91iYv6qQppnSTS7UNLBTz-vqWWJPiUZL_F5GN1SwhlByBuowu2GlBH6JguC7kd5swNLHS6m-bKgNd8335nQkFa8FMzvWlksRhb0TdH1Fvmi98UFLIsn0vRLtvRMWNj3ewZdYlrnJMplYN3fnZ4AQBgAaxwonZoOnVy5ABoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0guVXfrokAHVnEYaU8CJXQ5bsPdA%2526client%253Dca-pub-8927435346654667%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 861833
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NxgdNWEEZeR4Z3rq2uOPn29Hw566oSZGvfPf8Rlif0k3yi%2Bzy%2FefPYacrWcXZcWIngpa%2B%2FTBR9JHRIqkT%2B%2B4iobS%2Fi%2BRm5EV%2B8bS8FgOLXRlQBjFb6u3X4H753vhRO13vCQwpWcRqU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7e37b07789a80378-FRA
expires: Sat, 08 Jul 2023 11:36:59 GMT

GET
H2 200 C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame A8BB 5 KB
5 KB 26ms
16ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=320&d=50&e=&g=df1e53697bb333bdf7a0da348a79bf71%2F10321389312676332452&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688812619319&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxaf5zdpa9pa771703v5h23y9xft949cdtgjvcmk8w68hmg88hjpk6ynf1cvtk4kw4jtj9sx03yp0shnha7bn99abbw5hw7cn21ca19mgdz3v6qwcgbvxc5nr2kd67q8kswj53aq0dyedfphckkhwmpgg43wpcz9sx096yjyr1ycqpkg02v7yff6x56gac8r8xe2ykbgfc6tas5ree28ywczphcn7d5a725ancdq5cxd6a7242ehf4b8pga9z07k5dmt72153f3pjgbq3md4ehy2c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuKgJSjypZOizKIywx_AP3NmM4AKQ4YGEXLaoworwAsCNtwEQASAAYJXStYLEB4IBF2NhLXB1Yi04OTI3NDM1MzQ2NjU0NjY3yAEJqQK2a89MbWayPuACAKgDAcgDAqoE1wJP0E7fRmTU9UCk_hxnN5pDRz58EaTzwuFxRNbSWriTyJT9oSBLf-cMuBNdW0PjaeTfn_KJYJ8WaCbjmFLFy318qzqSQGk0Os36lKBUw_qSISpQjYW8OPEXx8JrQBqV9NnCkf6bb8FHEnEdms5q3bNOFs3osVKZjnNwRThx7PFmcBocVsE0Bgp2BvJ0TcADy3v6l_gJQNtn9hgteZESCJ2yATdeaTAASpKSnQIaRWr52cPDF6HeRj7V7rEbBHuBD2vxYhFMP1nrIsH2bse3kGla-VXJZEQGTP-a6MjNh3XYYpGdeAdRPxS727L91iYv6qQppnSTS7UNLBTz-vqWWJPiUZL_F5GN1SwhlByBuowu2GlBH6JguC7kd5swNLHS6m-bKgNd8335nQkFa8FMzvWlksRhb0TdH1Fvmi98UFLIsn0vRLtvRMWNj3ewZdYlrnJMplYN3fnZ4AQBgAaxwonZoOnVy5ABoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0guVXfrokAHVnEYaU8CJXQ5bsPdA%2526client%253Dca-pub-8927435346654667%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2570589
cf-polished: origFmt=png, origSize=10283
alt-svc: h3=":443"; ma=86400
content-length: 4736
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Apr 2023 12:21:02 GMT
server: cloudflare
etag: "b90d04a587c2a1ab6749e51d8bb195d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWlHVw%2B5%2BHzPFEy%2BQc6WX5GBciDkL21SoMB0oUaPDe5HwXoUGwjSsGc5J%2FPkzyX2aE4JH8VR2gyDbCmhqeUc7FUvXtdc4NLJVewWfLKegQM9%2F4huXl0Js6XceU5KGS0XpSzsm5Q%2BtDtozDIV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e37b0779ae437f7-FRA
expires: Sun, 09 Jul 2023 10:36:59 GMT

GET
H3 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame A8BB 91 KB
91 KB 24ms
21ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=320&d=50&e=&g=df1e53697bb333bdf7a0da348a79bf71%2F10321389312676332452&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688812619319&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxaf5zdpa9pa771703v5h23y9xft949cdtgjvcmk8w68hmg88hjpk6ynf1cvtk4kw4jtj9sx03yp0shnha7bn99abbw5hw7cn21ca19mgdz3v6qwcgbvxc5nr2kd67q8kswj53aq0dyedfphckkhwmpgg43wpcz9sx096yjyr1ycqpkg02v7yff6x56gac8r8xe2ykbgfc6tas5ree28ywczphcn7d5a725ancdq5cxd6a7242ehf4b8pga9z07k5dmt72153f3pjgbq3md4ehy2c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuKgJSjypZOizKIywx_AP3NmM4AKQ4YGEXLaoworwAsCNtwEQASAAYJXStYLEB4IBF2NhLXB1Yi04OTI3NDM1MzQ2NjU0NjY3yAEJqQK2a89MbWayPuACAKgDAcgDAqoE1wJP0E7fRmTU9UCk_hxnN5pDRz58EaTzwuFxRNbSWriTyJT9oSBLf-cMuBNdW0PjaeTfn_KJYJ8WaCbjmFLFy318qzqSQGk0Os36lKBUw_qSISpQjYW8OPEXx8JrQBqV9NnCkf6bb8FHEnEdms5q3bNOFs3osVKZjnNwRThx7PFmcBocVsE0Bgp2BvJ0TcADy3v6l_gJQNtn9hgteZESCJ2yATdeaTAASpKSnQIaRWr52cPDF6HeRj7V7rEbBHuBD2vxYhFMP1nrIsH2bse3kGla-VXJZEQGTP-a6MjNh3XYYpGdeAdRPxS727L91iYv6qQppnSTS7UNLBTz-vqWWJPiUZL_F5GN1SwhlByBuowu2GlBH6JguC7kd5swNLHS6m-bKgNd8335nQkFa8FMzvWlksRhb0TdH1Fvmi98UFLIsn0vRLtvRMWNj3ewZdYlrnJMplYN3fnZ4AQBgAaxwonZoOnVy5ABoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0guVXfrokAHVnEYaU8CJXQ5bsPdA%2526client%253Dca-pub-8927435346654667%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2475158
cf-polished: origSize=105738, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 92686
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LD8If%2BcXBI%2BrM%2BjgnVJhFFPhWBPTMMaPbRktq0oMgnRcBuahejfC9Wa9c92tvGjHj0hRo7u%2FL16A1HSszmugbFOm0EKQwB1jEmmV2yaLEJLB%2FN5DXROaxdDPZ6zSABmbGlmLa6aHlJDWkjOy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e37b077b9d70378-FRA
expires: Sun, 09 Jul 2023 10:36:59 GMT

GET
H2 429 link.html
track.webgains.com/ Frame A8BB 0
0 92ms
30ms Script
text/html 13.42.188.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kgwh6xw9bzy96sc30y2np6pjb6tj59d87h6s7j1272vw00hsqzz4yfbc6saq9tqqxabdrxpkpnnbzwq174ncjpsf4pxe90xcw38tnan5xxe0cxm886kwv2k30agapj8repsz3xrwk8n3a8dcv8vbctepy8yx68gs9pvek0pkpwctd1204pbqfwkaem041anbx32058vx2asrcv9q2fkpesdg36bk5z99zzebps1x31t166k8az8v3fqk6h32seg3fwvy%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jxaf5zdpa9pa771703v5h23y9xft949cdtgjvcmk8w68hmg88hjpk6ynf1cvtk4kw4jtj9sx03yp0shnha7bn99abbw5hw7cn21ca19mgdz3v6qwcgbvxc5nr2kd67q8kswj53aq0dyedfphckkhwmpgg43wpcz9sx096yjyr1ycqpkg02v7yff6x56gac8r8xe2ykbgfc6tas5ree28ywczphcn7d5a725ancdq5cxd6a7242ehf4b8pga9z07k5dmt72153f3pjgbq3md4ehy2c%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCuKgJSjypZOizKIywx_AP3NmM4AKQ4YGEXLaoworwAsCNtwEQASAAYJXStYLEB4IBF2NhLXB1Yi04OTI3NDM1MzQ2NjU0NjY3yAEJqQK2a89MbWayPuACAKgDAcgDAqoE1wJP0E7fRmTU9UCk_hxnN5pDRz58EaTzwuFxRNbSWriTyJT9oSBLf-cMuBNdW0PjaeTfn_KJYJ8WaCbjmFLFy318qzqSQGk0Os36lKBUw_qSISpQjYW8OPEXx8JrQBqV9NnCkf6bb8FHEnEdms5q3bNOFs3osVKZjnNwRThx7PFmcBocVsE0Bgp2BvJ0TcADy3v6l_gJQNtn9hgteZESCJ2yATdeaTAASpKSnQIaRWr52cPDF6HeRj7V7rEbBHuBD2vxYhFMP1nrIsH2bse3kGla-VXJZEQGTP-a6MjNh3XYYpGdeAdRPxS727L91iYv6qQppnSTS7UNLBTz-vqWWJPiUZL_F5GN1SwhlByBuowu2GlBH6JguC7kd5swNLHS6m-bKgNd8335nQkFa8FMzvWlksRhb0TdH1Fvmi98UFLIsn0vRLtvRMWNj3ewZdYlrnJMplYN3fnZ4AQBgAaxwonZoOnVy5ABoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0guVXfrokAHVnEYaU8CJXQ5bsPdA%252526client%25253Dca-pub-8927435346654667%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=320&d=50&e=&g=df1e53697bb333bdf7a0da348a79bf71%2F10321389312676332452&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688812619319&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxaf5zdpa9pa771703v5h23y9xft949cdtgjvcmk8w68hmg88hjpk6ynf1cvtk4kw4jtj9sx03yp0shnha7bn99abbw5hw7cn21ca19mgdz3v6qwcgbvxc5nr2kd67q8kswj53aq0dyedfphckkhwmpgg43wpcz9sx096yjyr1ycqpkg02v7yff6x56gac8r8xe2ykbgfc6tas5ree28ywczphcn7d5a725ancdq5cxd6a7242ehf4b8pga9z07k5dmt72153f3pjgbq3md4ehy2c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuKgJSjypZOizKIywx_AP3NmM4AKQ4YGEXLaoworwAsCNtwEQASAAYJXStYLEB4IBF2NhLXB1Yi04OTI3NDM1MzQ2NjU0NjY3yAEJqQK2a89MbWayPuACAKgDAcgDAqoE1wJP0E7fRmTU9UCk_hxnN5pDRz58EaTzwuFxRNbSWriTyJT9oSBLf-cMuBNdW0PjaeTfn_KJYJ8WaCbjmFLFy318qzqSQGk0Os36lKBUw_qSISpQjYW8OPEXx8JrQBqV9NnCkf6bb8FHEnEdms5q3bNOFs3osVKZjnNwRThx7PFmcBocVsE0Bgp2BvJ0TcADy3v6l_gJQNtn9hgteZESCJ2yATdeaTAASpKSnQIaRWr52cPDF6HeRj7V7rEbBHuBD2vxYhFMP1nrIsH2bse3kGla-VXJZEQGTP-a6MjNh3XYYpGdeAdRPxS727L91iYv6qQppnSTS7UNLBTz-vqWWJPiUZL_F5GN1SwhlByBuowu2GlBH6JguC7kd5swNLHS6m-bKgNd8335nQkFa8FMzvWlksRhb0TdH1Fvmi98UFLIsn0vRLtvRMWNj3ewZdYlrnJMplYN3fnZ4AQBgAaxwonZoOnVy5ABoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0guVXfrokAHVnEYaU8CJXQ5bsPdA%2526client%253Dca-pub-8927435346654667%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.188.208 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-188-208.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:59 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H3 200 2740767399393350 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 143ms
143ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2740767399393350?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cca1d217dfa402be35f14c0581cd97def322243e07376827927fa45e4eb02173

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 08 Jul 2023 10:36:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: fCYz9qGHn7vG3g9k8B0Y1kEoxcCp82X3YyvAWmumfLhNzxMHp94kuKgNEviJ0g0StHjI54OeNPGXQclcym5+zg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EB7E 0
0 52ms
51ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssAQNeEGXksZWaW_j4ROsa_IzZ0WXghIXnzzippSoikRju-zpeGt7I1-PO-prUdUZqNjmm9i7RY24BYIJXi_G82Jrn_-7aALLr5IkUMmMb55V6mrIyS81GFGaxrFHiaLaOzOdbbE5nRM_owqI8cXRlDlayq1QZ4HbfMdZ7lIu3U0vrFLv66qmU0-U4oj8iDw7AK8-7xP-YTxZ49G4wK1NYa3lnm7xpt5wznK8PK3jGjJ5g0BdhKjftG0e8q_TpFQ4Ea5NyhalvQQy9DBUxdeK94H4Qojx-LlIH8cicJd6D6Ui-LL6P47U-ouVVQhwLzjvSzzsFVWXcftLdiZdtxNFwmUX2HFQB8STabSJutcS6wXlUhO2M_eFS9CvVrMg21wHhWmcZ_9_pe74lVCHQ4bOhEw8ZyMzPjJbtDTYX4Sz5CgRevqOqajB2wyilTQBPQ0Tye57tlVJQWHkanSFWZ5RbKO8n-JseBuPDUbdFGuuG5sdzDT3HCV_uRF84IrJbd5Ac7A_yO2O1wevuKnIlvnq8EtEjdySO8yCR-65QglyaNuTIBlGue2EpflNoDULzPZg6Horeh5IqIQ84PEb_LP3q07LTi3wJ-WGQ5z003hPDG_8zIRM6gEJfleB3KB5Un61Ps0hoIE97eF5KKNHXcur3HdqQoEbgl3Pf41hTS6Gtr22ofozeHM6n2x7T9XpX2uqDYNbBbKbg085-hQEmddng4o2_KZ4Yp_x0K0NYLoypSmvgjSVYD0EI5gVN53HPJ6Mmk_yh6gMRlre2Gj8GJWKrnq2XmWoTXukyKhHvSNuI7D4qD8XSyZZG3658UmlZc_z8og7ThyYw1G3wyGifbZFoznOewn23E7xDLbjykak22Tm0r-dZfWcLf6EU5femhR5AUG1tOTPef4zV0ZHp3qCOC_xf41EdAznUybmq5ArPO5f42RCWCYqz-oyj2kGGDb1tJ__YnLNby0wz7PnZOCrRdC-twm7Atep24lOUJeAZmBSH51qTDVH00PaH5-oX75icYZNeLEMZ4jwmpOs6ZPwzeKSLdUvs2vh4HfDdaMMCHhLZgZMPEwNP_rDpCq9G3hTtM69vZqHSSaGj_V5atWSxzDyMwv_Uz_zTlvIkFp6MBVJWkC3fldOQ0mdAqzKfWRiZq1AWpAv2xJwDWHgljaaarhD1oHANilXAN_L4L90lXyGMPYY7Na13r4OVN-T-4zxk80hedeU7RLYVOSKUwwS3T48XwSi0i3ZQctzBWrhpeFgOcT9HRILNuxXFUYumEjhROeoMjUvJ27o9jAqA8XPQKbbRnKjRWkyj7UXv3QyRwa5MGhYalipUpXS1TUNIR2Yclw46axV-OcYN8QiVmQz6YUrnicnuCPuMUlyD8vpU&sai=AMfl-YRQ6ihbflqno8MbKE0A-5IihPAebK770R-sbiWQJKKHrhqUWUC0e7gePKJ042P-2ALzs3gqDElmfgIbS_lFJc-Bvff7HHjub3DvGa4ptgXEcGfbxXrMQxKGhutf2lxcViun_f-P67ZIPGn3tgbURINCLLLp4VoP2NQLz84ryG3veNWZtFexAB81uTbGK4eLaVbFcXGocxnf554FQPYD_bjdglWyWpxqhXfYQh6t8qpuuO1Il4cpaUuszaPbgVfMnXr5d352CDnU81TR6PydVmxRA148EJE&sig=Cg0ArKJSzEMe5XQm80FEEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=370&vt=11&dtpt=252&dett=3&cstd=116&cisv=r20230705.94322&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 08 Jul 2023 10:36:59 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F86 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKRPmSzypZPZny7rH8A-IvKDoBwAAAAA4AeAEAg&bg=!MTKlMmbNAAb90kgr3dI7ADkAdvg8WhUzRnPuuCyPOa3hNV2crTL-BZXQNGtqBNZGWx9zdMFZ-Do71lWjBYwgpEusS3C-5C5GsHMCAAABAVIAAAAHaAEHmQL4-WPayI79JDmWFNZmREo4eABlfsgvxc_vobUiWmttl_GphCdUBVq5aQuxoHgrEFdxJub_IM6zBWxPprAqKkgar-hEPVZn1gVLLBGeD_ygFKnFqm8tTLD3lU0ml2WOY8bPpyQVNlr3DnmpNcGs6iHGfMDUDHDXKTD1DbWGG8Jkv3uxi7_xloZC0Sz1QW--OOlCI1q4azNrG8U9ZdWnPnXMmurGzHvKnSpQxv3XzDLUJirqewsvow5mjtmdqUQcjhb9uKU5mfgLHp7BsvKfBVlH7qOx4LQv8xILU__iAS7g2AueDErbuBbW_y_sNLOosPHBUpmT7M7x_0cEPYfdNzWWOkXf8KtJb5Qp9puWmh-K778kqSZa4BnN-EOpiDhT60zOc_uJGPNrUqP9-W3JrVG_qkNdAG0LLWT6PrENyN8phHp8QMNXEQsMMh9nYPW0RhHnsQOKtpfjGxQHU8vNMmZCUTf0Wofm-y-ytAsWNPo8Oa2mPy2-MQLY22If3j0LBzhmi2QEPfIzWusMBXKx85z6YhQe_3XyorvRgYutnVhB9c-g-0o4HEC1Ltj8bHnZqJx5QUEUS_IY5t9T3cqBZaGQZuRxYrlB-Ca50OgTHP6N10hLUIr5Z5gqskKl2PBq3yaRk4TmBbMut44zjSIRZclCS34C5mQBZyJ77jD8VcIdAB5O0rBvOm813_MfZVFFpeXqQ3iPq57Wfb2farxQn9w8T-7NM0BTgy5f1TeYdutj2dla6mjXwVlKdO_LaqTYXvtPgTJ90zKQOlV_hzBNZH3SOTnUzF5gAYDr2jnetjylQ4V6goUVaH557DtotWsRHtv__K6t2eSroxala7ZCoDl2skKnk9yVKU0JgSYRDrvBBbizaHfAB5a6cgCWYiEE_tWByaBv53PbQDpfwrMzciRQb0XtOqr4o3M54fjhUHgVGNt2bET6dw1C0icJDizY_QiKJslP3sWk3duCaTfCEJaCD46wVhdBsd63sc2JDTZ75d0Rdbi6TL5TEA

Requested by

Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EB7E 43 B
215 B 137ms
94ms Image
image/gif 2600:1f18:1aca:4282:9ade:a558:9541:9e8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=a250891c-19c3-4e49-f9ee-a48adc587b06&tv=%7Bc:hLRaZK,time:230,type:e,im:%7Bpci:%7Btdr:149%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:230,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B225~0%5D,as:%5B225~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJpHDVs+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C17*.1450266-71191499%7C171%7C172%7C1731%7C174%7C1811%7C182%7C19,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:19,sis:176%7D&br=c
Requested by: Host: 6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
URL: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:9ade:a558:9541:9e8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 9038410082867569 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 140ms
140ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/9038410082867569?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46baa2a6f37fa5c72a78c3f0db33d5a626985b4f9ce5fb1d5ba9bd8360c1b307

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 08 Jul 2023 10:36:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 884AmX0t3RRMgA/udmgSpTuf32/hKhFqkMRNxiHUBYQivhDIBNT+xbFK6fMe8UzTn0EyYGiHYWDaB7JZcBqb4A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EB7E 43 B
215 B 95ms
94ms Image
image/gif 2600:1f18:1aca:4282:9ade:a558:9541:9e8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=a250891c-19c3-4e49-f9ee-a48adc587b06&tv=%7Bc:hLRb3r,pingTime:-10,time:459,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1688812619817%7C%7Cfdcc293fa4ac23d13f8fdc49959c45a3%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7C2cbf6d23d05193a11b60c89cf8c4af60%7C%7C9b533bfe1765f2d31584872e9b51b74c%7C%7Cfb09ee2bea9e1ae0f40f7faed625f750%7C%7C974f31bbd876eab84e6089921cf4d923%7C%7Cac935dc8998e3565907de5b7323b8fa0%7C%7C1663701684%7D
Requested by: Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:9ade:a558:9541:9e8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:36:59 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 507317848148093 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 136ms
135ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/507317848148093?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f66cf2042fc283bc05b96d871ec742da1c1198a13eb0cad4053b34c9ff844b0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 08 Jul 2023 10:37:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 58JVSO4OokzKNVjG/yz88zlK6u4qzLdtMphpG0vO23/rCUg9LURDraNfkGPiX4oeIRJxqx6PQWBX2OdUkpOeVg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 886845122549418 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 145ms
145ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/886845122549418?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b99c7c09885b47e4b8a468e181a901ccf21506733c228d34b8165a207c272cd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 08 Jul 2023 10:37:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: PWMWUs3kLqLzyy4FLR9fOLT1jnX6kkjnlbhnYLRKwhGdr6ma8hzdNHRLzlrsCGHnrPGRJYoMBVBWtHKaJFhU0A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EB7E 42 B
64 B 51ms
50ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHAHbFamY8fOSr8DrvgEYkGsoKeY_DuQzZo3ykmNsfJhQEE9bHeWOp0YSxYTHgacSmY3bi_KEKxEOP9JCT45_3sKqU07sFC6TNz0-WKl1yIR-UL73O9d4FuGhmGSemr_k&sai=AMfl-YS98MlwyaXR58ExTBUhEaCFi2StBtSFiZVpHko3i9aZY7NNp7pdmrci6F0iEjhWqCJR3Z_pz8U4v7sSuLd5HN078xl8lrXjfcmA2T2eZa1jzEeUmn9tX5YrNEuo&sig=Cg0ArKJSzP1SpH22CO4-EAE&cid=CAQSPABpAlJWP8Da-T8Xcoo5-2AuzAzyWrrnm9xgewH5PgY386rQTOuQbCMfTcIfyqRPCLYfGyyybgyoLkewMhgB&id=lidar2&mcvt=1000&p=113,650,363,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230705&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3380625579&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688812618800&rpt=380&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:37:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 851723189461274 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 135ms
135ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/851723189461274?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

905818c5ad86a8e5eda295d9f8479b3939d5bb71ef1fc5ecb6ba5bfa401fa9fe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 08 Jul 2023 10:37:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: STit5We30Yp635ctFi56dJsjO3ZQgKSpJCo7dI108icOAIcDODheG0Wtuv5eIjlkxHhORhHrSkKAvcga09JHcQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 10ms
6ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1537353300119728&ev=PageView&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812620408&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688812618161.1291072041&cs_est=true&it=1688812617900&coo=false&rqm=GET

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 13ms
9ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1897808950573752&ev=PageView&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812620409&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688812618161.1291072041&cs_est=true&it=1688812617900&coo=false&rqm=GET

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 14ms
10ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1417078182161683&ev=PageView&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812620409&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688812618161.1291072041&cs_est=true&it=1688812617900&coo=false&rqm=GET

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 14ms
10ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1213417872897242&ev=PageView&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812620410&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688812618161.1291072041&cs_est=true&it=1688812617900&coo=false&rqm=GET

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 14ms
10ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2740767399393350&ev=PageView&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812620411&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688812618161.1291072041&cs_est=true&it=1688812617900&coo=false&rqm=GET

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 14ms
11ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=9038410082867569&ev=PageView&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812620411&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688812618161.1291072041&cs_est=true&it=1688812617900&coo=false&rqm=GET

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 14ms
11ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=507317848148093&ev=PageView&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812620412&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688812618161.1291072041&cs_est=true&it=1688812617900&coo=false&rqm=GET

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 15ms
11ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=886845122549418&ev=PageView&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812620413&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688812618161.1291072041&cs_est=true&it=1688812617900&coo=false&rqm=GET

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 15ms
12ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=851723189461274&ev=PageView&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812620413&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688812618161.1291072041&cs_est=true&it=1688812617900&coo=false&rqm=GET

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 15ms
12ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1283798162486649&ev=ViewContent&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812620414&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688812618161.1291072041&it=1688812617900&coo=false&rqm=GET

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 19ms
16ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1537353300119728&ev=ViewContent&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812620414&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688812618161.1291072041&it=1688812617900&coo=false&rqm=GET

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 19ms
17ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1897808950573752&ev=ViewContent&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812620415&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688812618161.1291072041&it=1688812617900&coo=false&rqm=GET

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 20ms
17ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1417078182161683&ev=ViewContent&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812620415&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688812618161.1291072041&it=1688812617900&coo=false&rqm=GET

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 20ms
17ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1213417872897242&ev=ViewContent&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812620416&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688812618161.1291072041&it=1688812617900&coo=false&rqm=GET

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 20ms
18ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2740767399393350&ev=ViewContent&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812620416&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688812618161.1291072041&it=1688812617900&coo=false&rqm=GET

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 21ms
19ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=9038410082867569&ev=ViewContent&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812620417&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688812618161.1291072041&it=1688812617900&coo=false&rqm=GET

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 21ms
18ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=507317848148093&ev=ViewContent&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812620417&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688812618161.1291072041&it=1688812617900&coo=false&rqm=GET

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 20ms
18ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=886845122549418&ev=ViewContent&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812620418&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688812618161.1291072041&it=1688812617900&coo=false&rqm=GET

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 114ms
112ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=851723189461274&ev=ViewContent&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812620419&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688812618161.1291072041&it=1688812617900&coo=false&rqm=GET

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 21ms
19ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1283798162486649&ev=Microdata&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812620420&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22e-bolsa-familia-150%20%E2%80%93%20Saiba%20Mais%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.111&r=stable&ec=2&o=30&fbp=fb.1.1688812618161.1291072041&it=1688812617900&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: creditosaibamais.com
URL: https://creditosaibamais.com/e-bolsa-familia-150/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.3.1/ 20 KB
7 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-app.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aade4473b4c7427f41a5b3aeacddf7a2e3532f2b7fece88a77644ec0e27d81a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 16:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6586
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:48 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Jul 2024 16:42:08 GMT

GET
H2 200 firebase-analytics.js Show response
www.gstatic.com/firebasejs/8.3.1/ 35 KB
11 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-analytics.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5bda00a5ec63e26748b9f40cf1356b3823db279199d74813874255c748657d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 19:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10746
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Jul 2024 19:24:06 GMT

GET
H2 200 firebase-auth.js Show response
www.gstatic.com/firebasejs/8.3.1/ 173 KB
173 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-auth.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0460dfa53507eb6b050b3035d367ab5ddd0d2c7ccb31fe7a68fc6ac1cfbb2c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:25:30 GMT
x-content-type-options: nosniff
age: 580290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177065
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:55 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 30 Jun 2024 17:25:30 GMT

GET
H2 200 firebase-firestore.js Show response
www.gstatic.com/firebasejs/8.3.1/ 320 KB
89 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-firestore.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d73b123cd2ef3afda65cb6e76579341b1bb1f27faddb0dfc54875e7a05b0114b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 18:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 576269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90517
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:48 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 30 Jun 2024 18:32:31 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.3.1/ 40 KB
11 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-messaging.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5243470d2be31f9aaf768f030f06b894aad081801460b75f6b396aca06fd8dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:33:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10884
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:56 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jul 2024 15:33:02 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 75ms
75ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306290101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

5693d43dda7b024fa6274df87c264ae8ba438417c4d8a147a815abc2d7efc2bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:37:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11974
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EB7E 0
20 B 49ms
49ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4012292601039&version=m202301230201&ct=76&x=1&cor=1908657309137392400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:37:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:37:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 10:37:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D580 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://creditosaibamais.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 235
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 10:33:05 GMT
expires: Sun, 07 Jul 2024 10:33:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B954 783 B
535 B 25ms
24ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ab0cf2da17dca743817dfd63fbd27159264e7a023b616ba756faf37ff3db3f1d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-S8qC0-LEk39cuxpHJJc-Qw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://creditosaibamais.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-S8qC0-LEk39cuxpHJJc-Qw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 10:37:00 GMT
expires: Sat, 08 Jul 2023 10:37:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame D580 37 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Jul 2024 10:33:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B954 0
0 47ms
46ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306290101&jk=2755011246747470&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D580 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?H27H6w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:37:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EB7E 43 B
215 B 94ms
93ms Image
image/gif 2600:1f18:1aca:4282:9ade:a558:9541:9e8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=a250891c-19c3-4e49-f9ee-a48adc587b06&tv=%7Bc:hLRbtT,pingTime:1,time:2099,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D,%7Bpiv:100,vs:i,r:,t:1098%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1098,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1092~0,1~100%5D,as:%5B1093~300.250%5D%7D%7D,%7Bsl:i,t:1098,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:98,fm:tJpHDVs+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C17*.1450266-71191499%7C171%7C172%7C1731%7C174%7C1811%7C182%7C19,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:19,sis:176%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:9ade:a558:9541:9e8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:37:01 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EB7E 43 B
215 B 116ms
115ms Image
image/gif 2600:1f18:1aca:4282:9ade:a558:9541:9e8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=a250891c-19c3-4e49-f9ee-a48adc587b06&tv=%7Bc:hLRbtT,pingTime:1,time:2099,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D,%7Bpiv:100,vs:i,r:,t:1098%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1098,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1092~0,1~100%5D,as:%5B1093~300.250%5D%7D%7D,%7Bsl:i,t:1098,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:98,fm:tJpHDVs+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C17*.1450266-71191499%7C171%7C172%7C1731%7C174%7C1811%7C182%7C19,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:19,sis:176%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:9ade:a558:9541:9e8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:37:01 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EB7E 43 B
215 B 93ms
93ms Image
image/gif 2600:1f18:1aca:4282:9ade:a558:9541:9e8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=a250891c-19c3-4e49-f9ee-a48adc587b06&tv=%7Bc:hLRbtU,pingTime:1,time:2100,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D,%7Bpiv:100,vs:i,r:,t:1098%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1098,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1092~0,1~100%5D,as:%5B1093~300.250%5D%7D%7D,%7Bsl:i,t:1098,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:98,fm:tJpHDVs+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C17*.1450266-71191499%7C171%7C172%7C1731%7C174%7C1811%7C182%7C19,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:19,sis:176,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:9ade:a558:9541:9e8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:37:01 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306290101&jk=2755011246747470&bg=!uLulu-_NAAb90kgr3dI7ADkAdvg8WrxebxSPyV2yGb66TeioDmk56Ed5SNS_owpPcL5UfxsNx1rmQAtTzba9WjOIPaxMET-UoqUCAAAAUFIAAAAHaAEHCgDcwnsY-7CnADROaEydMijo9hn08oJt-mj7q9ARmba7P6iujhwB7Xg0v7OeeIgL-vzOwXPKV7DkUlx8ThexO7kRgZwplo4P6ELk4AevtVfvsH3z7PvsiMFmbTqfh9ewJit8MCJR3p7RgkehRE6AxajbetkM13vhNLfRwJSYwofax8o5blzZJasEGDuH6-Nnx7B7DGk6YbNfWSWDQzeuZVkKkizsQHLzPdooIwpu-uQd1p7WFyi8-FraWfEjPON6YgKQba8yi7D3xpezFpYCwAfKwDhRxI6bt3sdQi8JC5kCrbb9afvMCdb6MyhqW-pVtMSycJSjniGKXavcAAv8xf2kQY5UwlACyguPu0lCe2UqxzLw0KGYGhiH53JmdN_bsjK3m9aoENnONPhF227ie52TLdDMMiBjdRaipdXkBGgJ88kEI97jJpsQvnX4AW_UOAIMQN5EIngOpks6yfkFi2sMDPvNLbhRORrqZz918Fg5MUzoXvDTlodu1cKwRc-lSdlQnk08DzIL-yYtBBz8Pwq05sUbIK7sB3Mp3QghNZQQP6n7bPPe_7vGMf04c1qfp8dsfixq-LWD2HU2Tb2NRTqWecEWSBHSnrLhwvIgzx6rbSHfHY6NGy0OHyBEdTje1Oegb8kHw7OtK-UHfX61vWRKiFa1lEzTBu6ZkQBKZSSfeLwbgQ5UBCF6xNlfEmIrSsY_lh58L8LjU3GglhRfWWhbsH4dn3lFcCAZHEVVLuZNK3tVvnTeBZVtrARYSa3nDzgNqgGWe_3mwv_FTypWvhUkQMK2UM6nj7RZoO4ZUSNAW6ndhvmX3HDSqPfVyJgJRsC-zX-FtJJF_EjCwH6uosYoAm5GGtQkJfMoTClT66GZkwXzRCpEME5CVgo_wh7aRJ4XQkHXdDCgsXt-prrHGj-fyz-GF_MTkvTyXD5MSUeFyxGu0IjeKO1K4FfOGJneJc5SSUHRByzKQ41Lj5blXAQYp81L-SRetKugXM7JdeL8zGTvzvjzejHrh0Ex6OhfZhqL_Rvzbul1-y6isX8eKAnmplXnzPS5r_yhXkfprs7Yd4Z48wEXm6PzOIQuhmpTxX-JdlyDFjKfsdfSo732WRgW82XgedT6v70c83wnaWgSwvTP9w1lljATwYhQQ8uNpFk-u01tJ51eLXl3B7IHXucFT65EuAUIUySjGSgXyjmOfRJb245I8m35ZIzEMW0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 8ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1537353300119728&ev=Microdata&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812621913&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22e-bolsa-familia-150%20%E2%80%93%20Saiba%20Mais%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.111&r=stable&ec=2&o=30&fbp=fb.1.1688812618161.1291072041&it=1688812617900&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1897808950573752&ev=Microdata&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812621914&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22e-bolsa-familia-150%20%E2%80%93%20Saiba%20Mais%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.111&r=stable&ec=2&o=30&fbp=fb.1.1688812618161.1291072041&it=1688812617900&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1417078182161683&ev=Microdata&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812621916&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22e-bolsa-familia-150%20%E2%80%93%20Saiba%20Mais%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.111&r=stable&ec=2&o=30&fbp=fb.1.1688812618161.1291072041&it=1688812617900&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1213417872897242&ev=Microdata&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812621917&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22e-bolsa-familia-150%20%E2%80%93%20Saiba%20Mais%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.111&r=stable&ec=2&o=30&fbp=fb.1.1688812618161.1291072041&it=1688812617900&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2740767399393350&ev=Microdata&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812621918&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22e-bolsa-familia-150%20%E2%80%93%20Saiba%20Mais%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.111&r=stable&ec=2&o=30&fbp=fb.1.1688812618161.1291072041&it=1688812617900&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=9038410082867569&ev=Microdata&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812621919&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22e-bolsa-familia-150%20%E2%80%93%20Saiba%20Mais%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.111&r=stable&ec=2&o=30&fbp=fb.1.1688812618161.1291072041&it=1688812617900&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=507317848148093&ev=Microdata&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812621920&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22e-bolsa-familia-150%20%E2%80%93%20Saiba%20Mais%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.111&r=stable&ec=2&o=30&fbp=fb.1.1688812618161.1291072041&it=1688812617900&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=886845122549418&ev=Microdata&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812621921&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22e-bolsa-familia-150%20%E2%80%93%20Saiba%20Mais%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.111&r=stable&ec=2&o=30&fbp=fb.1.1688812618161.1291072041&it=1688812617900&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=851723189461274&ev=Microdata&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&rl=&if=false&ts=1688812621923&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22e-bolsa-familia-150%20%E2%80%93%20Saiba%20Mais%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.111&r=stable&ec=2&o=30&fbp=fb.1.1688812618161.1291072041&it=1688812617900&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Jul 2023 10:37:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 script-push.js Show response
script.joinads.me/ 1 KB
1 KB 16ms
15ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.joinads.me/script-push.js
Requested by: Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3cb238c7630ba8bd60ede523b57d4b3619086b3c54c04297662d2fddc65c6c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:37:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76806
cf-polished: origSize=1468
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Apr 2021 12:59:37 GMT
server: cloudflare
etag: W/"6065c3b9-5bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLREtGYMIG2cFoMDp%2BMCUC7XCjAR27Rwja8qHTCo2fldO0lc7GZjbr%2ByfKhWtuCtocuuxzPbtevueOgaCCMgOfTAuU4v%2FmIi6r7KEn0h2Gni14fAmHaEDWzFpINR0EaqlJ7c3oC1gYOlvgwRIZioyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e37b08aeaf29bce-FRA
expires: Mon, 01 Jul 2024 13:16:56 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 30ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3J8W9ZHFES&gtm=45je3750&_p=1455176921&cid=311711695.1688812618&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1688812618&sct=1&seg=0&dl=https%3A%2F%2Fcreditosaibamais.com%2Fe-bolsa-familia-150%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_969&dt=e-bolsa-familia-150%20%E2%80%93%20Saiba%20Mais&en=scroll&epn.percent_scrolled=90&_et=26
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3J8W9ZHFES
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creditosaibamais.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 10:37:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://creditosaibamais.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.creditosaibamais.com/	1970-01-20 15:16:28	Name: _gcl_au Value: 1.1.546788245.1688812618
.creditosaibamais.com/	1970-01-20 22:42:52	Name: _ga_3J8W9ZHFES Value: GS1.1.1688812618.1.0.1688812618.0.0.0
.creditosaibamais.com/	1970-01-20 15:16:28	Name: _fbp Value: fb.1.1688812618161.1291072041
.criteo.com/	1970-01-20 22:28:28	Name: uid Value: c49a9bf0-8d49-4c58-a223-a4e921e60b57
.creditosaibamais.com/	1970-01-20 22:42:52	Name: _ga Value: GA1.2.311711695.1688812618
.creditosaibamais.com/	1970-01-20 13:08:19	Name: _gid Value: GA1.2.2141954788.1688812618
prism.app-us1.com/	1970-01-20 13:50:04	Name: prism_800525001 Value: 8b603802-e467-471c-b38a-0f8252f1fd8c
.creditosaibamais.com/	1970-01-20 13:06:52	Name: _gat_gtag_UA_201994943_4 Value: 1
.creditosaibamais.com/	1970-01-20 13:50:04	Name: prism_800525001 Value: 8b603802-e467-471c-b38a-0f8252f1fd8c
.openx.net/	1970-01-20 21:52:28	Name: i Value: b74a5541-ba10-4026-9901-67cc5cf6009f\|1688812618
.creditosaibamais.com/	1970-01-20 22:28:28	Name: cto_bundle Value: wdzRvF9MJTJCTWl1eE80S2o2SlF3cXBqNWVpc25LSGR3eEVCNHlsYzBtRXU2WXUxUlJPb2dzayUyRllnNXN0QzZBUlFXVEJQRHNtOVRzVUw1T0Y0ZWNEMU5VNGRWWjdnVWJoVzZEM1NESXJTYkswVWdoSURXWmV6RmV5cjFQakhrZkNrTSUyQmVoZkh3dVpjUjVnajA1NGNLcXQ3YzNaaWt3SUNUWFFuR0tLTFpUa28yc2xKYm8lM0Q
.simpli.fi/	1970-01-20 21:53:55	Name: suid Value: 59562F31D6AE485F88BC48C0AC0B71A0
.adform.net/	1970-01-20 13:51:31	Name: C Value: 1
.yahoo.com/	1970-01-20 21:52:50	Name: A3 Value: d=AQABBEo8qWQCEPqi_myHXcBQVuwYZZIZm6QFEgEBAQGNqmSzZAAAAAAA_eMAAA&S=AQAAArXoamzyxhgMWGfIoqUrEZ0
.adform.net/	1970-01-20 14:33:16	Name: uid Value: 9134624842865552166
.casalemedia.com/	1970-01-20 21:52:28	Name: CMID Value: ZKk8SsACxoED4bg.EufmyQAA
.casalemedia.com/	1970-01-20 15:16:28	Name: CMPS Value: 2240
.casalemedia.com/	1970-01-20 15:16:28	Name: CMPRO Value: 2240
.adnxs.com/	1970-01-20 15:16:28	Name: uuid2 Value: 6022508557618928479
.adnxs.com/	1970-01-20 15:16:28	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C''o5p7c!]tbPl1M>e)ZlrFUfJ+tGXxoDQ23+.Ad7:CVC@'wN[r17>R!4N_KBbL==zpX3If)y3KL9D3I?+UqTD(6
.doubleclick.net/	1970-01-20 17:26:04	Name: APC Value: Aa3gxNqmWcjkKHGYumIhK9Bm30qVwjTWkyZbXoJtwpYYw-uTvmmYLw
.quantserve.com/	1970-01-20 15:16:28	Name: d Value: EAQBCQG1KYEA
.quantserve.com/	1970-01-20 22:37:07	Name: mc Value: 64a93c4b-134c3-c752c-da69b
.lijit.com/	1970-01-20 21:52:28	Name: ljt_reader Value: G8h8vGZHEW6OMcotQJ2a5key
.360yield.com/	1970-01-20 15:16:28	Name: tuuid Value: fd915491-acce-40a9-8c56-275be464ec80
.360yield.com/	1970-01-20 15:16:28	Name: tuuid_lu Value: 1688812619
.bidswitch.net/	1970-01-20 21:52:28	Name: c Value: 1688812619
.bidswitch.net/	1970-01-20 21:52:28	Name: tuuid_lu Value: 1688812619
.bidswitch.net/	1970-01-20 21:52:28	Name: tuuid Value: 4889d8b0-8ac2-429a-a776-180de8d586df
.bidswitch.net/	1970-01-20 13:06:52	Name: google_push Value: AaAOQGGPADRbTA0MATpW7kGRXJaZHWgpnFnEjgopednIW8rWWniQznLBHRcSCLJFPkczhdRMlGK2IFUue3kVpiUvu-AP-biGwx19
.doubleclick.net/	1970-01-20 22:28:28	Name: IDE Value: AHWqTUmm82LEL3X6IVVOJQWoWL-s4pP2y8YaOl0RFytcJB4YMyzVSKdkV-FgAX0OFTo
.quantserve.com/	1970-01-20 15:16:28	Name: sp Value: CgsI2WUSBgjL-KSlBg==
.creditosaibamais.com/	1970-01-20 22:28:28	Name: __gads Value: ID=8e7f66ebe76c1a37:T=1688812618:RT=1688812618:S=ALNI_MYI5wizq4yCbuZF3S-80Qz0Qn4UVA
.creditosaibamais.com/	1970-01-20 22:28:28	Name: __gpi Value: UID=00000c38a591a0ab:T=1688812618:RT=1688812618:S=ALNI_MYBvAuJcOEeD23crWnQtiGEVuNKCw
.3lift.com/	1970-01-20 15:16:28	Name: tluid Value: 2852022198081653669390
.tribalfusion.com/	1970-01-20 15:16:28	Name: ANON_ID Value: aQnsIHo0P8fCmTN83vUGN8GnJknJnbxwATSbjZds9w1VhBg14PL2ZcPHlhxdAUrxhbb2j7E13siCJvv5Ibvapil2L4

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://as.ad4m.at/ad/dr?ed=1kp8318hb48crzc7e5wb66r1d5bgnbc8svgtaw2k9k8g2c397b3byyn2mgs3v9b86pmwhw9fy0zw8ndp8ys7rh6m8txm1wgkp7sdg3fe3vtj1209a0x66fk6jd19nez0mg7awfbp67a6960wp22y55daa9krznvzgvcmschd1r4k2c7vggy9xyjmptf8wp0xrx8qys46rjapd5k79pxhkmmb8gh4b2h4dpezk0b17y9y51vebazz01yn8dtffb6tp55bhpaj44x2j714ktt7xdndhrdhmwym9tcjxw1xk2737vbnptt5h5rdz10w9m4j94em0jm7r04wyfjgsjbvp793k1r2w84b11vmf9ccnygvdpkh83qsth3wdf08784tjetaaxkbgna4p07rpjp21bqcn6562ttp9tfj58w1j7gfqywpmr7k3bxcjs2whkpxsvnjedrsn8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuKgJSjypZOizKIywx_AP3NmM4AKQ4YGEXLaoworwAsCNtwEQASAAYJXStYLEB4IBF2NhLXB1Yi04OTI3NDM1MzQ2NjU0NjY3yAEJqQK2a89MbWayPuACAKgDAcgDAqoE1wJP0E7fRmTU9UCk_hxnN5pDRz58EaTzwuFxRNbSWriTyJT9oSBLf-cMuBNdW0PjaeTfn_KJYJ8WaCbjmFLFy318qzqSQGk0Os36lKBUw_qSISpQjYW8OPEXx8JrQBqV9NnCkf6bb8FHEnEdms5q3bNOFs3osVKZjnNwRThx7PFmcBocVsE0Bgp2BvJ0TcADy3v6l_gJQNtn9hgteZESCJ2yATdeaTAASpKSnQIaRWr52cPDF6HeRj7V7rEbBHuBD2vxYhFMP1nrIsH2bse3kGla-VXJZEQGTP-a6MjNh3XYYpGdeAdRPxS727L91iYv6qQppnSTS7UNLBTz-vqWWJPiUZL_F5GN1SwhlByBuowu2GlBH6JguC7kd5swNLHS6m-bKgNd8335nQkFa8FMzvWlksRhb0TdH1Fvmi98UFLIsn0vRLtvRMWNj3ewZdYlrnJMplYN3fnZ4AQBgAaxwonZoOnVy5ABoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0guVXfrokAHVnEYaU8CJXQ5bsPdA%26client%3Dca-pub-8927435346654667%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=320&d=50&e=&g=df1e53697bb333bdf7a0da348a79bf71%2F10321389312676332452&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688812619319&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxaf5zdpa9pa771703v5h23y9xft949cdtgjvcmk8w68hmg88hjpk6ynf1cvtk4kw4jtj9sx03yp0shnha7bn99abbw5hw7cn21ca19mgdz3v6qwcgbvxc5nr2kd67q8kswj53aq0dyedfphckkhwmpgg43wpcz9sx096yjyr1ycqpkg02v7yff6x56gac8r8xe2ykbgfc6tas5ree28ywczphcn7d5a725ancdq5cxd6a7242ehf4b8pga9z07k5dmt72153f3pjgbq3md4ehy2c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuKgJSjypZOizKIywx_AP3NmM4AKQ4YGEXLaoworwAsCNtwEQASAAYJXStYLEB4IBF2NhLXB1Yi04OTI3NDM1MzQ2NjU0NjY3yAEJqQK2a89MbWayPuACAKgDAcgDAqoE1wJP0E7fRmTU9UCk_hxnN5pDRz58EaTzwuFxRNbSWriTyJT9oSBLf-cMuBNdW0PjaeTfn_KJYJ8WaCbjmFLFy318qzqSQGk0Os36lKBUw_qSISpQjYW8OPEXx8JrQBqV9NnCkf6bb8FHEnEdms5q3bNOFs3osVKZjnNwRThx7PFmcBocVsE0Bgp2BvJ0TcADy3v6l_gJQNtn9hgteZESCJ2yATdeaTAASpKSnQIaRWr52cPDF6HeRj7V7rEbBHuBD2vxYhFMP1nrIsH2bse3kGla-VXJZEQGTP-a6MjNh3XYYpGdeAdRPxS727L91iYv6qQppnSTS7UNLBTz-vqWWJPiUZL_F5GN1SwhlByBuowu2GlBH6JguC7kd5swNLHS6m-bKgNd8335nQkFa8FMzvWlksRhb0TdH1Fvmi98UFLIsn0vRLtvRMWNj3ewZdYlrnJMplYN3fnZ4AQBgAaxwonZoOnVy5ABoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0guVXfrokAHVnEYaU8CJXQ5bsPdA%2526client%253Dca-pub-8927435346654667%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
network	error	URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kgwh6xw9bzy96sc30y2np6pjb6tj59d87h6s7j1272vw00hsqzz4yfbc6saq9tqqxabdrxpkpnnbzwq174ncjpsf4pxe90xcw38tnan5xxe0cxm886kwv2k30agapj8repsz3xrwk8n3a8dcv8vbctepy8yx68gs9pvek0pkpwctd1204pbqfwkaem041anbx32058vx2asrcv9q2fkpesdg36bk5z99zzebps1x31t166k8az8v3fqk6h32seg3fwvy%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jxaf5zdpa9pa771703v5h23y9xft949cdtgjvcmk8w68hmg88hjpk6ynf1cvtk4kw4jtj9sx03yp0shnha7bn99abbw5hw7cn21ca19mgdz3v6qwcgbvxc5nr2kd67q8kswj53aq0dyedfphckkhwmpgg43wpcz9sx096yjyr1ycqpkg02v7yff6x56gac8r8xe2ykbgfc6tas5ree28ywczphcn7d5a725ancdq5cxd6a7242ehf4b8pga9z07k5dmt72153f3pjgbq3md4ehy2c%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCuKgJSjypZOizKIywx_AP3NmM4AKQ4YGEXLaoworwAsCNtwEQASAAYJXStYLEB4IBF2NhLXB1Yi04OTI3NDM1MzQ2NjU0NjY3yAEJqQK2a89MbWayPuACAKgDAcgDAqoE1wJP0E7fRmTU9UCk_hxnN5pDRz58EaTzwuFxRNbSWriTyJT9oSBLf-cMuBNdW0PjaeTfn_KJYJ8WaCbjmFLFy318qzqSQGk0Os36lKBUw_qSISpQjYW8OPEXx8JrQBqV9NnCkf6bb8FHEnEdms5q3bNOFs3osVKZjnNwRThx7PFmcBocVsE0Bgp2BvJ0TcADy3v6l_gJQNtn9hgteZESCJ2yATdeaTAASpKSnQIaRWr52cPDF6HeRj7V7rEbBHuBD2vxYhFMP1nrIsH2bse3kGla-VXJZEQGTP-a6MjNh3XYYpGdeAdRPxS727L91iYv6qQppnSTS7UNLBTz-vqWWJPiUZL_F5GN1SwhlByBuowu2GlBH6JguC7kd5swNLHS6m-bKgNd8335nQkFa8FMzvWlksRhb0TdH1Fvmi98UFLIsn0vRLtvRMWNj3ewZdYlrnJMplYN3fnZ4AQBgAaxwonZoOnVy5ABoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0guVXfrokAHVnEYaU8CJXQ5bsPdA%252526client%25253Dca-pub-8927435346654667%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6af2d74051c9b32b80ba1c16bad32b20.safeframe.googlesyndication.com
a.tribalfusion.com
ad4m.at
adservice.google.com
ap.lijit.com
as.ad4m.at
assets.ad4m.at
c1.adform.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
creditosaibamais.com
diffuser-cdn.app-us1.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
match.360yield.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
prism.app-us1.com
prod-rtb.ad4mat.net
receitasninja.lt.acemlna.com
region1.google-analytics.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
script.joinads.me
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.webgains.com
trackcmp.net
um.simpli.fi
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
13.42.188.208
142.250.185.194
142.250.186.66
162.19.138.116
172.217.16.194
178.250.7.13
185.80.39.216
185.86.138.154
2001:4860:4802:32::36
216.52.2.39
2600:1901:0:76b9::
2600:1f18:1aca:4282:9ade:a558:9541:9e8
2600:9000:2250:e00:a:e047:753:be1
2600:9000:238d:ae00:8:48e:53c0:93a1
2600:9000:25e8:2400:1b:5138:8a40:93a1
2606:4700:10::ac43:266a
2606:4700:20::681a:ad1
2606:4700:3032::ac43:d552
2606:4700:4400::6812:2a69
2606:4700::6811:915b
2606:4700::6811:925b
2606:4700::6812:19ad
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:800::2002
2a00:1450:4001:806::200a
2a00:1450:4001:808::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2006
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2001
2a00:1450:400c:c07::9b
2a02:2638:3::c
2a02:2638:d::2
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:600::485
2a05:d018:d29:3602:6e4d:34d1:c2b7:b436
2a06:98c1:3120::3
3.123.134.248
3.225.185.243
3.71.149.231
34.102.146.192
34.120.135.53
34.248.166.228
34.98.64.218
35.186.253.211
35.204.158.49
37.157.3.29
37.252.171.22
51.89.9.254
54.76.252.247
76.223.111.18
01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
022c3888c39a6cef1ce046f314786b799f35f8104f7d277f8e5f5752f1cad3e9
0231a170cb5204055696f44f744eec121d834462c11476f479ff523fe59d294c
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
040d7ede7bb6e88d81c1a97598b88795be77ce061fa9bbc3829bc1c4f50aadea
0716cb152b52548160be492580053b821b1d1a07b488cfcb667763642a892c48
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0aade4473b4c7427f41a5b3aeacddf7a2e3532f2b7fece88a77644ec0e27d81a
0b5f517cbb796d499b49a4d5a1e93212d72a1e73e2690c365074b90b1ac9c169
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc5bb8602d145911a5b5b784bf2338c30a3a137b8f6a2c2fb73761afcac0b15
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
117fea0ee3b56808ae9733aa6388ce7b52cb360203fd7c9356a4588d55b52857
1188460bd909dd436072c59c51e4599eda9e98d99eae9b554f49b38f37e9d7ed
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47
1509a76ee52712d4cfd3621e11e65c1d10e7b7e59e336d90e8f63b6d5e52d363
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1b6563597d0488e5598a8c453d90ef95fec609b58042032afe13520103bc0397
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1cae92b6720ec25a723beb4aacb4f5a13eef11dca7103dd8e9579fe0b410280c
20e74dbf3ee183f6fe1447dd7efef616905f78e10733e618dfd67f54c8a25ca8
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
2154bfe53419238a4ef30dba073050b0470213c39efc8b401e47b48a922efd1d
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
288624bba893e4d8b459ed92ec649c4dff0062897be453cae754c799b513b1ba
2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
30b375f98eb05c2d1eff2490f6dcad5886bc1a383d592549cfd0359d41f7a6d6
314c8488d5c017bbc1ee3c27664e4df9da52854a12b815d8b775bbde6f33bd09
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3199c60c8b2fce672c86cc24ba032d20cd2d43763ee33e5c4c281c99dbda31ae
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68
39d0fd9943a1069718bb60c51587b8a2b7711d562766565fafd8ac6050e44cdb
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
3b47c4996ccab3caa2140b473cbdaa5b98b9ea58c1936d51e6b565b0f57730ff
3cc0b563084ab3f3f982828651c83e32b01aacaeecca60f0edffbf4e29905218
3f1b1c4a26937289f49e2b3e7e2999156a900758dbe78f41d6c72f45d859ed2c
3f5eb651e087476c3214a5fbb8b77346f7f0dff068c3d961c6070424746fb9db
407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
45560b2075c130b29313a3690169de8ad3d8fc12d60387af995c955377173ad0
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46baa2a6f37fa5c72a78c3f0db33d5a626985b4f9ce5fb1d5ba9bd8360c1b307
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
517b5b29ec6d14cf27d10e562ca677177233a78b5213a7d0e304d31580004491
51c358915e20690e52764d3ff8c3e41215e302fb12768326ab21df4a7de04488
51f36864e3fb5b3479d50de93d44403cee100c743cb5c97a1da0b924ca671a86
522c43bbc287d20af13db368987d801fea4e19573f2e9fd78edd993931ea2dad
52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba
5243470d2be31f9aaf768f030f06b894aad081801460b75f6b396aca06fd8dda
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5565d96a4b66a49049a7fca5dfc8d26ebe0336778006052124283abb0347be8c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5693d43dda7b024fa6274df87c264ae8ba438417c4d8a147a815abc2d7efc2bf
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67279c322cc6b5c37ab83ad7b7a201507f5be3df340fec03f97f80feb793a4c5
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6306a06ed45ba39a8aea03d2cfb48cd34e56ba39ef02e5ac038cec237081e3
6e977f280003be0fc14811cb5239a7f2abb315843431cfe0716a7c1ceb1037f1
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
76bc0515b8cbe534a349d706c29670a6905c795dc72771758572f6ba2cee3d89
7907969db6f10b2ab2b6332acab2a947664619ae9cdcd526ffd817c329eced68
7a9cf10205d9af79b873f6199a2a50c7ff8375b8d4613b8570d27f206163dacf
7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7f953399a813f6fba620287c04c112ec8eaaf135a8a21e9577e324cde88085a9
816780f95a5d7b269715932751e66a55ae636369cf239dc448f6a4756df06c1f
8187dcb05ebcfc94502aeec0524c23c7d22afbafe17aff1d39acc1d59a3a52db
905818c5ad86a8e5eda295d9f8479b3939d5bb71ef1fc5ecb6ba5bfa401fa9fe
922dbf28ecc4bd7341bb01fb1f64c367b6cbd4a96db57935b39b3dbe35cce6cf
939d7a7d1e3d9ba01e872498508970299f9fb72c6f997b5cb108cf143801fab9
9603078d83691c1cc2badd9655952460d4fcd62d78966655a00ad9eecb3eb016
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b99c7c09885b47e4b8a468e181a901ccf21506733c228d34b8165a207c272cd
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9f66cf2042fc283bc05b96d871ec742da1c1198a13eb0cad4053b34c9ff844b0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ffbb95ffe440cba7a6b1aa64cca77df7cb0d28ad5fcbff506ca92bb72ab1076
a0c3e823a07498a845daa25db9e85afdb4a985866f00b4cf1518f363336cd030
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1ae5ff9dd11b29accfa98dc487601463702ba29e4a1fb50ac887cf3a27b7d1c
a1b21977d78f485efce7f453413e6e8f1d6a1360f766cfdaf58d332cff255363
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a999236984a85c2102bf13a15fee046cdde60128fefbd6ad4773c80c93167420
ab0cf2da17dca743817dfd63fbd27159264e7a023b616ba756faf37ff3db3f1d
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
af56f9a97ba9853d88e0dc672d67e32e3ff2f829df312625ef64a878f8632cf2
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
afc24dfed8f3f2749e5cbe4a86053b55e5c063c23ea09ddf40544a0bfe03ae0c
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b5bda00a5ec63e26748b9f40cf1356b3823db279199d74813874255c748657d2
bb886e724b7045c177503cc02fe83cc95f1c5f611d7a49423125668d96bed22a
bf04e01d59215c6d69975c3d43a39f64c838fb9e4ca29ad80b5fd647da48970e
c06f3e2d11ae8d13ec4972e9735e56c690bfd2ebd0ab3dddc7e139823aa68a22
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c2a414dafb5f5d16ce04fe5618c86bf9485acadc4a215885716169fe972e3bfa
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08
c34d19139fa9065fdb1b2cc41071fa394aabb44dbd59b6e4f0b7b34ca37bf2bf
c3b96f7c909bf426eb41e8d63b19ee5da9288e3c3e9d4fc6197c900a524ad425
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
c478a21227c8c63ed9b7ecb07c06e3a99cb6e4a253aeed7687fe43d5b0aa13d6
c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32
c6ea3b67b8bc4dd15db55c0ec71ea8a32ceafbdd9f48386b056c2463f9d657bb
c85a8aa65067d5e66e262e065206b90b5477f00c755cb6305e620a55359dcfc5
c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb5b0948893ab59c70aa1a32e7528de652ad93c43859015a990ef2c334d8d6cc
cca1d217dfa402be35f14c0581cd97def322243e07376827927fa45e4eb02173
d0460dfa53507eb6b050b3035d367ab5ddd0d2c7ccb31fe7a68fc6ac1cfbb2c2
d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f
d73b123cd2ef3afda65cb6e76579341b1bb1f27faddb0dfc54875e7a05b0114b
dbbc97570be1828460e926ceb5c92efa65afcc9928a71079551890266e3d12de
dbcfe1a30f2e7674e4be6375ba53ca870f68ddddcb19eeec1332b4ab813cb9c5
dcd65701429a1b8345f23ca44dec6bbd65db04667a710190513836051def6a4b
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dd33afcbd1e6821616e4b921242b16d53e7cd2b1142023f86d4b20393b5a3716
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0210f03466483eef832f6ff05d426e43285384acd7e2ae417f53000483f02e7
e084993b5a8ae1d192666212bd712b26a868e2c3801c0693d4538071b9cd8b05
e20290b3ecfb4d7a3aa73f0e694e2e33353ac8107db65aeeee33366c140f7e91
e306bc9c7c10b7268044485b23831b9c5d254e4be577394c9917e8cb575896d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cb238c7630ba8bd60ede523b57d4b3619086b3c54c04297662d2fddc65c6c4
e494faa2368bc0fadfedc1197aca7b4f6d3755ce61d812b789bd5ffb333a2b23
e4ec339f2909bc40e2697423a7f7c387e231362bf91151ff8311a206e490b35d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e9ba3d0c5d5408e00becd36ad394fa9ad9c0616741ebdd6dddc8e837db3605ba
e9d96de6ba659a2d25e1f09582373ba81250a2fbe672ec5e583568a031a08e98
ed57e4e386f0ea1868d9d4109261a8ec197f5b9ab81b8227bf3142c7f64a643a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1
f756280b2feedc9c65e4c40f98ca7f289be6b5efaf9d392584d977e08752269f
fb37cf0f1083294c34e3abfff9d50228f7706755e756cfe29972d5acbf085bb4
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
fef724d37a188f24ad7c5992d8a1360f011fb2a460567f290079c6c4949c78ae

creditosaibamais.com Open in urlscan Pro 2606:4700:3032::ac43:d552 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

271 Requests

91 %HTTPS

62 %IPv6

44 Domains

66 Subdomains

53 IPs

9 Countries

4389 kBTransfer

12076 kBSize

36 Cookies

0 Outgoing links

Page URL History

Redirected requests

271 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

creditosaibamais.com Open in urlscan Pro
2606:4700:3032::ac43:d552 Public Scan

Screenshot
Live screenshot

Full Image

271
Requests

91 %
HTTPS

62 %
IPv6

44
Domains

66
Subdomains

53
IPs

9
Countries

4389 kB
Transfer

12076 kB
Size

36
Cookies

271 HTTP transactions
1 data transactions