urlscan.io logo urlscan.io
SecurityTrails logo

seufinanciamento.99carsforsale.com Open in urlscan Pro
2606:4700:3033::ac43:bbba  Public Scan

Go To Rescan Add Verdict Report
URL: https://seufinanciamento.99carsforsale.com/
Submission: On December 14 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 4 countries across 33 domains to perform 145 HTTP transactions. The main IP is 2606:4700:3033::ac43:bbba, located in United States and belongs to CLOUDFLARENET, US. The main domain is seufinanciamento.99carsforsale.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 5th 2023. Valid for: a year.
This is the only time seufinanciamento.99carsforsale.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
16 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 46.105.202.39 16276 (OVH)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 192.99.47.17 16276 (OVH)
13 2607:f8b0:400... 15169 (GOOGLE)
2 8 2607:f8b0:400... 15169 (GOOGLE)
1 108.138.128.46 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2620:100:a001::4 19750 (AS-CRITEO)
1 104.18.35.167 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 174.129.88.64 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
3 34.98.64.218 396982 (GOOGLE-CL...)
15 2607:f8b0:400... 15169 (GOOGLE)
1 2600:1f18:4e9... 14618 (AMAZON-AES)
1 2 52.46.143.56 16509 (AMAZON-02)
3 3 3.33.220.150 16509 (AMAZON-02)
3 17 142.251.163.154 15169 (GOOGLE)
10 2607:f8b0:400... 15169 (GOOGLE)
11 23.220.112.22 16625 (AKAMAI-AS)
6 23.222.200.28 16625 (AKAMAI-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
2 23.46.150.66 20940 (AKAMAI-ASN1)
5 184.24.36.23 16625 (AKAMAI-AS)
2 2 2606:ae80:145... 25751 (VALUECLICK)
1 74.119.119.150 19750 (AS-CRITEO)
1 1 2600:1f18:612... 14618 (AMAZON-AES)
2 2 35.168.129.45 14618 (AMAZON-AES)
2 3 51.222.39.186 16276 (OVH)
1 1 35.208.249.213 19527 (GOOGLE-2)
2 2 68.67.160.76 29990 (ASN-APPNEX)
1 2607:f8b0:400... 15169 (GOOGLE)
1 34.160.55.127 15169 (GOOGLE)
1 23.222.4.155 20940 (AKAMAI-ASN1)
1 2600:1f1c:a99... 16509 (AMAZON-02)
1 1 35.190.0.66 ()
1 1 69.90.254.78 13768 (COGECO-PEER1)
2 2 50.31.142.31 23352 (SERVERCEN...)
1 1 23.222.12.17 20940 (AKAMAI-ASN1)
145 39
3    2606:4700:3033::ac43:bbba (United States)

ASN13335 (CLOUDFLARENET, US)
seufinanciamento.99carsforsale.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
16    2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3    2607:f8b0:4004:c08::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    46.105.202.39 (France)

ASN16276 (OVH, FR)
u.heatmap.it
3    2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2607:f8b0:4004:c0b::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2607:f8b0:4004:c09::8a (Ashburn, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    192.99.47.17 (Canada)

ASN16276 (OVH, FR)
PTR: us4.heatmap.it
us4.heatmap.it
13    2607:f8b0:4004:c06::8b (Washington, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
8    2607:f8b0:4004:c1d::63 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    108.138.128.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-46.jfk50.r.cloudfront.net
tags.crwdcntrl.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
3    2607:f8b0:4004:c09::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)
37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    174.129.88.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-88-64.compute-1.amazonaws.com
bcp.crwdcntrl.net
2    2607:f8b0:4004:c1b::9a (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
15    2607:f8b0:4004:c08::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2600:1f18:4e9:5a02:d4c8:9f2:5a1a:543f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
2    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
17    142.251.163.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net
cm.g.doubleclick.net
10    2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
11    23.220.112.22 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-112-22.deploy.static.akamaitechnologies.com
contextual.media.net
6    23.222.200.28 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-222-200-28.deploy.static.akamaitechnologies.com
warp.media.net
lg3.media.net
2    2607:f8b0:4004:c08::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    23.46.150.66 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-46-150-66.deploy.static.akamaitechnologies.com
pxlclnmdecom-a.akamaihd.net
5    184.24.36.23 (Lithia Springs, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-36-23.deploy.static.akamaitechnologies.com
hblg.media.net
cs.media.net
2    2606:ae80:1451:18::1690 (United States)

ASN25751 (VALUECLICK, US)
dclk-match.dotomi.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    2600:1f18:612b:4280:bda1:9df6:36cc:93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
google.partners.tremorhub.com
2    35.168.129.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-129-45.compute-1.amazonaws.com
match.360yield.com
3    51.222.39.186 (Canada)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net
onetag-sys.com
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
gtrace.mediago.io
2    68.67.160.76 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
1    2607:f8b0:4001:c10::78 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    34.160.55.127 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 127.55.160.34.bc.googleusercontent.com
akl-navvy.media.net
1    23.222.4.155 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-222-4-155.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
1    2600:1f1c:a99:832c:2412:5a3c:977a:e751 (San Jose, United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    35.190.0.66 (None, )

ASN- ()
ads.travelaudience.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
2    50.31.142.31 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    23.222.12.17 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-222-12-17.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
Apex Domain
Subdomains		 Transfer
30 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
256 KB
27 googlesyndication.com
37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
122 KB
23 media.net
contextual.media.net — Cisco Umbrella Rank: 665
warp.media.net — Cisco Umbrella Rank: 2561
lg3.media.net — Cisco Umbrella Rank: 6606
hblg.media.net — Cisco Umbrella Rank: 2037
cs.media.net — Cisco Umbrella Rank: 1381
akl-navvy.media.net — Cisco Umbrella Rank: 47350
299 KB
23 google.com
analytics.google.com — Cisco Umbrella Rank: 152
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404
www.google.com — Cisco Umbrella Rank: 2
73 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
207 KB
5 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
us-u.openx.net — Cisco Umbrella Rank: 491
2 KB
4 gstatic.com
fonts.gstatic.com
csi.gstatic.com
50 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
4 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
976 B
3 akamaihd.net
pxlclnmdecom-a.akamaihd.net — Cisco Umbrella Rank: 23105
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1939
85 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
1 KB
3 heatmap.it
u.heatmap.it — Cisco Umbrella Rank: 38501
us4.heatmap.it — Cisco Umbrella Rank: 82396
11 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
233 KB
3 99carsforsale.com
seufinanciamento.99carsforsale.com
34 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 586
1 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 478
2 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 1765
814 B
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2627
888 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
129 KB
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
2 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
12 KB
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2266
1 KB
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1209
684 B
1 travelaudience.com
ads.travelaudience.com
553 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
463 B
1 mediago.io
gtrace.mediago.io
467 B
1 tremorhub.com
google.partners.tremorhub.com — Cisco Umbrella Rank: 13423
636 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 550
363 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
602 B
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1352
5 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
1 KB
145 33
Domain Requested by
17 cm.g.doubleclick.net 3 redirects google-bidout-d.openx.net
37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
seufinanciamento.99carsforsale.com
37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
13 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
11 contextual.media.net seufinanciamento.99carsforsale.com
contextual.media.net
37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
9 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
www.googletagservices.com
9 securepubads.g.doubleclick.net seufinanciamento.99carsforsale.com
securepubads.g.doubleclick.net
8 www.google.com 2 redirects seufinanciamento.99carsforsale.com
tpc.googlesyndication.com
37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
4 hblg.media.net 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
seufinanciamento.99carsforsale.com
4 lg3.media.net 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
contextual.media.net
4 fonts.googleapis.com seufinanciamento.99carsforsale.com
securepubads.g.doubleclick.net
37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
3 onetag-sys.com 2 redirects 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
3 match.adsrvr.org 3 redirects
3 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 googleads.g.doubleclick.net www.googletagmanager.com
seufinanciamento.99carsforsale.com
3 fonts.gstatic.com fonts.googleapis.com
3 www.googletagmanager.com seufinanciamento.99carsforsale.com
www.googletagmanager.com
3 seufinanciamento.99carsforsale.com seufinanciamento.99carsforsale.com
2 b1sync.zemanta.com 2 redirects
2 secure.adnxs.com 2 redirects
2 match.360yield.com 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 pxlclnmdecom-a.akamaihd.net contextual.media.net
2 www.googletagservices.com seufinanciamento.99carsforsale.com
37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
2 warp.media.net seufinanciamento.99carsforsale.com
37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
2 us-u.openx.net google-bidout-d.openx.net
2 s.amazon-adsystem.com 1 redirects google-bidout-d.openx.net
2 oajs.openx.net 1 redirects
2 analytics.google.com www.googletagmanager.com
2 u.heatmap.it seufinanciamento.99carsforsale.com
u.heatmap.it
1 analytics.pangle-ads.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 cms.quantserve.com 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
1 qsearch-a.akamaihd.net seufinanciamento.99carsforsale.com
1 akl-navvy.media.net contextual.media.net
1 csi.gstatic.com pagead2.googlesyndication.com
1 cs.media.net contextual.media.net
1 gtrace.mediago.io 1 redirects
1 google.partners.tremorhub.com 1 redirects
1 dis.criteo.com 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
1 pr-bh.ybp.yahoo.com google-bidout-d.openx.net
1 google-bidout-d.openx.net oa.openxcdn.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 us4.heatmap.it seufinanciamento.99carsforsale.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 cdnjs.cloudflare.com seufinanciamento.99carsforsale.com
145 51

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-05 -
2024-02-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.heatmap.it
Sectigo RSA Domain Validation Secure Server CA		 2023-06-04 -
2024-06-26		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh

This page contains 16 frames:

Primary Page: https://seufinanciamento.99carsforsale.com/
Frame ID: F050124FE7C35DFD764B47010D88164C
Requests: 49 HTTP requests in this frame

Frame: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 72BB668C962373D9A46C5183CF72B76A
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 03BD2B4C013123E16095F923C83B62B5
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8CFC94F74836857DE668F83ED0FAB8A6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DA5F21666EF160E33C28D395C10B41B6
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 2540E79068CF2A45C414F9DD01D2E39C
Requests: 10 HTTP requests in this frame

Frame: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7414EADDF40B7E054850E12C73D541E5
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Frame ID: 33D56F58A37FB67637A920A1511C95E7
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3195&&kkdd=*u%7Cu%7CnH9*A3&87=RHXbzzeeH.eAXX.be.4&VImZ=X&Scmp=X&-I8=RR4X&Uc-W=04AH&-7I=eDOH!HHRY&-m-I=!-LVty1hNPY1ERNN5ZZP-f%3D%3D&-Z7I=HH4.eHARA&c7vW=RXbAyH.e&--=Oq&c-=g0&-2sS=cSSNS7VZpU7tsNUWcU&m7I=ei_*Al)H(&Um7I=9PzA.qQ&2UUmc=R&ZZZ=Uv*520-J505HYIa3fAqPNxP-*lBX)t35!02)tItaDh4FnPt-_FSDA6mZ9X(Of.!l&dfZx=2UUmc%3A%2F%2FcWhx7sps-7pSWsUtuQQ-pZcxtZcpJWu-tS&WdfZx=fHHY!%3Aqq!PydevRv(eRkPvHSu77(R0!dS0!RaPu(Sk&scW=z&Jf=R&hVI=A&pIUR=eDOOQPMer&pIUb=RR.bRRXQR&nIpUp=cIb%3DshJJj7hZJNJ%3DRXjtVWZmS%3Dbub.jItSNn%3DXuz4jc-I%3DsEjZpW%3DX%2CXjItSNJ%3DbXj8JbZNcI%3DbXb4RbRAX4j7hZJNn%3DH4zuAzjhZJNUd-%3DXjhZJNZbpNn%3DXjcUI%3DbQz.RAQHbHjSsNnW2NnttcU%3DXuQjZpU%3DXuXXX%2CXj7m%3DRQPA9ipnmDda7R8DgnOzvbjxnn%3DRzjn2N7S%3D4ejZ77mhp%3DzH%2CzHjZ-%3DRjZ7ch7I%3DX%2CXjZmcNcI%3DbXb4RbRAX.jZpI8%3DXuXXX%2CXjhZJNn%3DRu4.j8JbZNhZJNn%3DXjcSSNfZ%3D44ueQAejhZJNJ%3DRXjcJ8%3Db4u.bjV-pU%3D5RXjnn%3DRQ.jcSSNShJ%3DXu.jWZmS%3Dbub.j8JbZNhZJNd-%3DXYXjmc7N-%3De%2C4%2CX%2CX%2CX%2CX%2CX%2CXjnS%3DRjmc7NI%3DAQQbjZdW%3DX%2CXjp4mNn%3DR44uQ%2CeAuX4jcI%3DRjh7I%3Dbgp6JxDY0s2_OfP7FEj-8JbZNn%3DRAbueQjnUI%3Dbb4QeR44.AQ4A4XRXeXe..eAA.44HbX4bzeQRRbbz.RQ4H.R.XebXAb..QzQeX.Qeeeb4XAzRAzAA.bHHQQ44XAA.HR.z4RQR.Rez.Xjh7S%3DXjZdU%3DXuXXX%2CXjtVIbmNn%3DXuQejcc%3D(Tj--%3DOqjdnNIJ%3DmUjh7f%3D5Rj-W%3DXjZ-8%3DARuHRjDg%3D4X.RjdnNh-%3DRjsUc%3DRHjdnNhJ%3DmUjdnN--dc%3DXj-U%3DnhxxpJtjnccNB9)%3D(T%2C(Tjnpc7cb%3DRQ.jnpc7cR%3DRQ.jdnNUU%3DXjn2NcI%3DbXb4RbRAXRjI-%3Dej8JbZNn%3DR44uQjUU%3DAQQRj8fNWy-%3DXuQAjcSSNn7I%3DRu4.j87cNcI%3D44QjhZJNZmcNn%3DRAuRRjn2N-t%3DXjctna%3DbXAuzbjI-b%3DRj8Npcs%3DbXbHej3i%3DuCcpJWuCjJpcU%3Dj-8tV%3DRAbueQj87cNhZJNn%3DXuzj8JbZN7NcI%3DbXb4RbR4b4j87cNhZJNJ%3DXjWU%3D4bj8JbZN7Nn%3DXuAzj87cNn%3DbXRu4j8JbZNhZJN87%3DRY5R.jhZJNU87%3DXj88%3DXj-8JbZNcI%3D44QjZx8%3DARuHRjJbZNn%3DRXXXjfZNn%3DRbQ%2CXjcSSNcI%3DbXb4RbRAXRjZpIm%3DXuXXX%2CXjc7I%3DHH4.eHARAjhZJNZmcNd-%3DXjdnNcZ-%3Ddnnj8fh%3DXuQAjIbmNJ%3DRXj-8Jb%3DRAbueQj4m-x%3DQQQuQbjtVNSc2%3DRu4HjISSNcUZV%3DcSSNS7VZpU7tsNUWcUjIbmNn%3DXuQQjZmcNn%3DeAuX4jhZJNcZmcNn%3DRAuRjZdfm%3DXuXXX%2CXj3ib%3DuCcpJWuCjZdfI%3DXuXXX%2CXj7c*Wx%3DXjiM%3DXj7c7x%3DXjhZJNZm-Nn%3DXjn7I%3DRu4.jdnNmU%3DTZU7-JWjhZJNZmcNZ8%3DXj-nIm%3DRu4.XjcI%3DRj7UEmWN7I%3DRHjcWJJWZNUpVN7I%3DbQz.RAQHbHjchmmJENUpVN7I%3DjIWUW-UWINUpVN7I%3Dj87Wfpn7J7UE%3DXuQAjmtc%3DRjp-NUEmW%3DRjpInJd%3DbQz.RAQHbHjpSm%3DRjtVn7I%3Dbub.XjnxJZ%3DXuXRXjch7I%3DDTYqY6I7P5TkPovqvknS!QsVHitjIU-%3DWpcUNc-jISSNWZmS%3DxpJcWjISS%3DcSSNS7VZpU7tsNUWcUjnIm-pmI%3DXjIpJV%3DcSSj7scJ%3DRjctnm%3Djy7I%3DTwo5mhn5bQ.H.4z.Ae..QQHRj2USJ%3DRjcSSNpm7%3D8Rj7n-%3DRjscv%3DRHjUVc%3DbzXybzX%7C4XXybzX%7C4XXy.XX%7C4XXyRXzX%7C4bXyAXX%7C4bXyAeX%7C44.ybeX%7CARAyH4.%7CAeXy4bX%7CzeXyAXX%7CH4.yARA%7CHzXybXX%7CHzXy4XX%7CH.eyRXbA%7CQ4XyReX%7CQHXybzX%7CRXbAyH.ejncn%3DXjncm%3DXjUSy%3Db4.&sU8=X&SSS=.U)5r(hyz7O%3D&7f=X&7sgxZ=R&nIZgI=A.X&n7I=4AQQbR&S-x=H.zQb&EIcmZ=R&npW=1yWVvvp(yA&dpUmZW=R&-pItSp7s=Uv*520-J505rq2(Ab5hhxIsz_o2b7DX(.LI4bEAgq-al_raNdEatvV%3D%3D&EmJm=R&7c7I=z&pI8=gs8WcUtZ%20Mt-hc&ccS-ZN8WZ=z&mV7I=mXRQzzbAHRAzUbXb4RbRAR4XR&ccJI=%7B%22cc7m%22%3A%22b.Xb%3Axx-e%3AXXXb%3AXXXX%3AXXXX%3AXXXX%3AXXXX%3AXXXX%22%2C%22cc--%22%3A%22Oq%22%2C%22ccc-%22%3A%22(k%22%2C%22cc-UE%22%3A%22nhxxpJt%22%7D&2USJcZ-=R&sflct=8451290&U-xN-Sm=R&ure=1
Frame ID: D2B934BDE2F5418367F23FA2221F77B6
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 81E1AAF046060A41342BA25E4F1B7769
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BBA912FEF0C4578F17969DCDEB87A857
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 743839015C3FD4DF02DDF859BCE5CC3F
Requests: 15 HTTP requests in this frame

Frame: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6CAAAA104C1E0BBB2C833FBB6903B18F
Requests: 18 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3434&&kkdd=*H%7C3%7CAH9n*&En=zHh*66kkHHk6U*Uz~hk&)Sm(=h&icmA=h&JSE=zzuh&wcJ2=0uUH&JnS=k.OH!HHzY&JmJS=!J8)ly-g7tY-az775((tJs%3D%3D&J(nS=UH6KUKuuk&cnv2=uuKy*kh&JJ=Oq&cJ=L0&JZPi=Nj3CDf1&mnS=kpD3Ub4Hf&wmnS=9t6UKq~&Zwwmc=z&(((=wv35Z0Je505HYSxCsUqt7_tJ3bBh4lC5!0Z4lSlx.guITtlJDIi.UQm(9hfOsK!b&Pc2=6&es=z&g)S=U&ASwz=k.OO~tMkN&ASw*=zzK*zzh~z&TSAwA=cS*%3DPgeeVng(e7e%3DzhVl)2(mi%3DhX~VSli7T%3DhX6uVcJS%3DPaV(A2%3Dh%2ChVSli7e%3D*hVEe*(7cS%3D*h*uz*zUhuVng(e7T%3DHu6XU6Vg(e7wdJ%3DhVg(e7(*A7T%3DhVcwS%3DHu6U*zUzViP7T2Z7Tllcw%3DhXk~V(Aw%3DhXhhh%2ChVnm%3Dz~tU9pATm.dxnzE.LTO6v*V_TT%3DzUVTZ7ni%3DukV(nnmgA%3D6H%2C6HV(J%3DzV(ncgnS%3Dh%2ChV(mc7cS%3D*h*uz*zUhKV(ASE%3DhXhhh%2ChVg(e7T%3DzXz6VEe*(7g(e7T%3DhVg(e7e%3DzhVceE%3D*uXK*V)JAw%3D5zhVTT%3Dz~KV2(mi%3DhX~VEe*(7g(e7dJ%3DhYhVmcn7J%3D~%2Cu%2Ch%2Ch%2Ch%2Ch%2Ch%2ChVTi%3DzVmcn7S%3DU~~*V(d2%3Dh%2ChVAum7T%3DzuX*u%2CzhuXUkVcS%3DzVgnS%3D*LAQip!--ZebTUqJeNVJEe*(7T%3DUX*KVTwS%3D**u~kzuuKU~u6uz~6~kk6U~6*6~z*zuH6uzHH~*~uKzzhK6*kK*zk~kukz~HKUz6hKuHU6HkzzUH66zzHKu*uHHzuHk6uUkhh~6uuUUVgni%3DhV(dw%3DhXhhh%2ChVl)S*m7T%3DhX~kVcc%3DfjVJJ%3DOqVdT7Se%3DmwVgns%3D5zVJ2%3DhV(JE%3DUzXHzV.L%3DuhKzVdT7gJ%3DzVPwc%3DUVdT7ge%3DmwVdT7JJdc%3DhVJw%3DTg__AelVTcc7B94%3Dfj%2CfjVTAcnc*%3Dz~KVTAcncz%3Dz~KVdT7ww%3DhVTZ7cS%3D*h*uz*zUhzVSJ%3DkVEe*(7T%3DzuX*uVww%3DU~~zVEs72yJ%3DhXkUVEnc7cS%3Duu~Vg(e7(mc7T%3DzUXzzVTZ7Jl%3DhVSJ*%3DzVE7AcP%3D*h*HkVCp%3DXocAe2XoVeAcw%3DVJEl)%3DUX*KVEnc7g(e7T%3DhX6VEe*(7n7cS%3D*h*uz*zu*uVEnc7g(e7e%3DhV2w%3D*kVEe*(7n7T%3DhXh6VEnc7T%3DHu*XhKVEe*(7g(e7En%3DzY5zKVg(e7wEn%3DhVEE%3DhVJEe*(7cS%3Duu~V(_E%3DUzXHzVe*(7T%3DzhhhV(ASm%3DhXhhh%2ChVcnS%3DUH6KUKuukVg(e7(mc7dJ%3DhVdT7c(J%3DdTTVEsg%3DhXkUVS*m7e%3DzhVJEe*%3DUX*KVumJ_%3D~~~XuHVl)7icZ%3DhXuKVSii7cw()%3DZA(ilPaVS*m7T%3DhX~~V(mc7T%3DzhuXUkVg(e7c(mc7T%3DzUXzV(dsm%3DhXhhh%2ChVCp*%3DXocAe2XoV(dsS%3DhXhhh%2ChVnc32_%3DhVpM%3DhVncn_%3DhVg(e7(mJ7T%3DhVTnS%3DhX~VdT7mw%3Dj(wnJe2Vg(e7(mc7(E%3DhVJTSm%3DhXu*UVcS%3DzVnwam27nS%3DzHVc2ee2(7wA)7nS%3DHu6U*zUzVcgmmea7wA)7nS%3DVS2w2Jw2S7wA)7nS%3DVEn2sATnenwa%3DhXkUVmlc%3DzVAJ7wam2%3DzVASTed%3DHu6U*zUzVAim%3DzVl)TnS%3DhX~hhVT_e(%3DhXhzhVcgnS%3D.jYqYfbkHut3dI_P5O3B71L6eClVSwJ%3D2Acw7cJVSii72(mi%3D_Aec2VSii%3DZA(ilPaVTSmJAmS%3DhVSAe)%3DS2_AgewVclTm%3DVynS%3DjWF5mgT5~Uu~zhK*h66kH~HKVZwie%3DzVSJgw%3DK6VSl)T%3Dh5zV2Jm7gc2S%3D8h6V2Jm7mh6%3DhXKhkhuh6zKzh~HkkV2Jm7mzh%3DzXhhHHkukukKu6Hk~zV2Jm7mz6%3DzXuuk*~zHK*~z*KhKuV2Jm7m*h%3DzXK*~KK6*UzhuKk~z6V2Jm7m*6%3DzX~Uuz6z*Kh6UhH*k*V2Jm7muh%3D*X*UHhhK6h*h6hK*~UV2Jm7mu6%3D*X6K6KkKHhUU~K*zHuV2Jm7mUh%3D*Xk~~h*HK*U**6z~HV2Jm7mU6%3DuX*6khKuzU~~kuh6KV2Jm7m6h%3DuXKUKHh66kUuHUHu6V2Jm7m66%3DUXzhhh*~K~K~hHkHV2Jm7mKh%3DUXHzUUUu*Kzu6zHk~V2Jm7mK6%3D6XuKHu*u*zh~ukH~KV2Jm7mHh%3DKX*h*HUk6UH*u~~KHV2Jm7mH6%3DHX*H**zuhk*zUH6UUV2Jm7mkh%3DkXkhuhzKuhHu*UzUKV2Jm7mk6%3DzzXz*zH66Hh6uz66~kV2Jm7m~h%3Dz6Xu6~Ukk~*Uz*~~*6V2Jm7m~6%3D*HXKkhkuUuU6*HuHukV2Jm7m~~%3D~UXKzhKkh~zH~uu**VnTJ%3DzVPcv%3DUVw)c%3D*6hy*6h%7Cuhhy*6h%7Cu*hyzhh%7CuuKy*khVTcT%3DhVTcm%3DhVwiy%3D*zK&PwE=h&iii=AC.k.)~UUAae6bn5AQC(_C5kkgE1Ugd)(nCPljJiHDd%3D&ns=uuK&nPL_(=z&TS(LS=UKh&TnS=uU~~6K&iJ_=HK6~*&aScm(=z&TA2=-y2)vvAfyy&dAwm(2=z&JASliAnP=wv35Z0Je505NqZfU*5gg_SP6DFZ*n.hfK8Su*aULqJxbDNx7daxlv)%3D%3D&amem=z&ncnS=6&ASE=LPE2cwl(%20MlJgc&cciJ(7E2(=6&m)nS=mhz~66*UHzU6w*h*uz*zUzuhz&cceS=%7B%22ccnm%22%3A%22*Kh*%3A__Jk%3Ahhh*%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22ccJJ%22%3A%22Oq%22%2C%22cccJ%22%3A%22f1%22%2C%22ccJwa%22%3A%22Tg__Ael%22%7D&Zwiec(J=z&sflct=6211125&wJ_7Jim=z&ure=1
Frame ID: 9C084815FDFE3357416B2DB9750312A6
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: F06EC34D09B3A5A924FC17F25184C5EC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 24D82CEC5140F0A54B079C7698009212
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Como Solicitar o Financiamento de Veículos Santander

Detected technologies

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Page Statistics

145
Requests

87 %
HTTPS

46 %
IPv6

33
Domains

51
Subdomains

39
IPs

4
Countries

1546 kB
Transfer

4285 kB
Size

37
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fseufinanciamento.99carsforsale.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fseufinanciamento.99carsforsale.com%2F&rid=esp&cc=1
Request Chain 39
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ba6c704f-d2d1-c85c-3843-d6d0418d1f62 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ba6c704f-d2d1-c85c-3843-d6d0418d1f62&dcc=t
Request Chain 40
  • https://match.adsrvr.org/track/cmf/openx?oxid=e2ba0c32-ce7b-73a6-f84d-544729bed482&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=e2ba0c32-ce7b-73a6-f84d-544729bed482&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=e49ecee8-9022-46aa-9731-ff577ddf19c1&ttd_puid=e2ba0c32-ce7b-73a6-f84d-544729bed482&gdpr=0&gdpr_consent=
Request Chain 42
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPeWTofLopBp7DZ7JNxvvL4&google_cver=1
Request Chain 58
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 76
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEF1c0x6xNzg1nTvFxzzM-nU&google_cver=1&google_push=AXcoOmSpo8YN-UgCUk4t_UpDJP2Pqj0pS9wPP3KYnM0kdrEvA7regciRgfeM6oMLs16a4EvfkYjSjqMF2ozlBjuP0rT0MTZVT0y7kQ HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=3ce21414153e11fa&is_secure=true&networkId=14000&version=1&google_gid=CAESEF1c0x6xNzg1nTvFxzzM-nU&google_cver=1&google_push=AXcoOmSpo8YN-UgCUk4t_UpDJP2Pqj0pS9wPP3KYnM0kdrEvA7regciRgfeM6oMLs16a4EvfkYjSjqMF2ozlBjuP0rT0MTZVT0y7kQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGV0LQv3tfWwM06zElAAAAAAA&expiration=1702645277&google_cver=1&is_secure=true&google_gid=CAESEF1c0x6xNzg1nTvFxzzM-nU&google_push=AXcoOmSpo8YN-UgCUk4t_UpDJP2Pqj0pS9wPP3KYnM0kdrEvA7regciRgfeM6oMLs16a4EvfkYjSjqMF2ozlBjuP0rT0MTZVT0y7kQ
Request Chain 78
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEM5Bc0uMQxj79Z7RYJek3lE&google_cver=1&google_push=AXcoOmROvwqSn621L4qS6LzyiKYxExYZEeETXzA66A2xqn3Xft8J3Kn9gXwSTcjZE8Z4uuTSu_a9XJumjNOxWO5uen-6SGLC9qGraA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=MTljZDhjZWY0NjAwNGQzMGE4NjZlMDIxNjMxYzVhYzY%3D&UIDF=CAESEM5Bc0uMQxj79Z7RYJek3lE&google_cver=1&google_push=AXcoOmROvwqSn621L4qS6LzyiKYxExYZEeETXzA66A2xqn3Xft8J3Kn9gXwSTcjZE8Z4uuTSu_a9XJumjNOxWO5uen-6SGLC9qGraA
Request Chain 79
  • https://match.360yield.com/match/ebda?google_gid=CAESEIuRLMWqBSkETosnIDtEwL8&google_cver=1&google_push=AXcoOmS9XXxFqU9Kn02kWx_whp_J6YdqJzDkbjGIGZDrSjH45b_YinnDzq-8QCh90ONqrXIle0KrMMp32_ssPURx-ZWOlOeEpCWb HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEIuRLMWqBSkETosnIDtEwL8&google_cver=1&google_push=AXcoOmS9XXxFqU9Kn02kWx_whp_J6YdqJzDkbjGIGZDrSjH45b_YinnDzq-8QCh90ONqrXIle0KrMMp32_ssPURx-ZWOlOeEpCWb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PJVPndSmRxGN52DQUikIZg&google_push=AXcoOmS9XXxFqU9Kn02kWx_whp_J6YdqJzDkbjGIGZDrSjH45b_YinnDzq-8QCh90ONqrXIle0KrMMp32_ssPURx-ZWOlOeEpCWb
Request Chain 80
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELUfGIKArw0aWhynTQF0RPc&google_cver=1&google_push=AXcoOmSJokjyPc3O0LB3HwDt77WkL3gWP_g0ZT_raeXZhgRb6g5ShlShqsnLAM6q5utphkz97uw2K1qo7s5Jw1JHpQgbbzJxVO2eGM4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSJokjyPc3O0LB3HwDt77WkL3gWP_g0ZT_raeXZhgRb6g5ShlShqsnLAM6q5utphkz97uw2K1qo7s5Jw1JHpQgbbzJxVO2eGM4 HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 81
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEEQsVdWAdSIu8qqiroQJ4lo&google_cver=1&google_push=AXcoOmQbM7DC19sca5qWCAP0d5NB_d2WQbVwBf75OhYrbyraPbHnEQ6OiCfw9HqHJUBODzfFmIrAmIp839OMRoL486zjZFhZcLhDZA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQbM7DC19sca5qWCAP0d5NB_d2WQbVwBf75OhYrbyraPbHnEQ6OiCfw9HqHJUBODzfFmIrAmIp839OMRoL486zjZFhZcLhDZA&google_hm=f5ef61ca70076ecf288nbv00lq57lha2
Request Chain 82
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEMQSxY26W63n0zzIlVXLR_Q&google_cver=1&google_push=AXcoOmRxWcMeHMdYwsflcd4YDI0PcxLime-SYcaTkd9HuAcv847jXClPkayFTJ-PaoXLBqDHU9A-e7CaZeLt1FC8T1Loq_RBsF2NNBM HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEMQSxY26W63n0zzIlVXLR_Q%26google_cver%3D1%26google_push%3DAXcoOmRxWcMeHMdYwsflcd4YDI0PcxLime-SYcaTkd9HuAcv847jXClPkayFTJ-PaoXLBqDHU9A-e7CaZeLt1FC8T1Loq_RBsF2NNBM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjI1ODgzNTQ1NDM1MjA5MjU3Ng%3D%3D&google_gid=CAESEMQSxY26W63n0zzIlVXLR_Q&google_cver=1&google_push=AXcoOmRxWcMeHMdYwsflcd4YDI0PcxLime-SYcaTkd9HuAcv847jXClPkayFTJ-PaoXLBqDHU9A-e7CaZeLt1FC8T1Loq_RBsF2NNBM
Request Chain 84
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ1NTYwNDc2NjYzMzg0MzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEPK-jXUsMNYhKT1rLY4--aE&google_cver=1
Request Chain 97
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 128
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOU8yjWkg9NX8b2UqvVghlw&google_cver=1&google_push=AXcoOmRmwpiiMkRwqItk-o89NCJSW8nVMGsb3DPCLJ7NafzusEfp0Zt-VBp6Olu-k7XmwDL0cOfXV7RhgkYb-7r0WG233abZ4U6SWS8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTQ5ZWNlZTgtOTAyMi00NmFhLTk3MzEtZmY1NzdkZGYxOWMx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e49ecee8-9022-46aa-9731-ff577ddf19c1
Request Chain 129
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESECkvhfF23v3MOsE3W3Abtmk&google_cver=1&google_push=AXcoOmT-oOdDueT2CRsxFcpDiA97f8nLj-IxlaBRnuKjqe4FxI0i7ImqHoYCtNnFNc1nl6Qd0XQWw6nnQTn8iohDvqLen5-kZyS4Cw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ZFsifyJaS48-Pq0F5fnPZA&google_push=AXcoOmT-oOdDueT2CRsxFcpDiA97f8nLj-IxlaBRnuKjqe4FxI0i7ImqHoYCtNnFNc1nl6Qd0XQWw6nnQTn8iohDvqLen5-kZyS4Cw
Request Chain 130
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEN4RhjzfXY4xvSxkTraRgCM&google_cver=1&google_push=AXcoOmRxZqkrvxIbMi-AQTOIb8U2A8mYRFo1utLwIozMxk3zx74IHJNTS7zRVPTj_qNt7N0RfMNFHlTev5uZohaCc6rUXLk2O2k4jEFP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=864656434753&us_privacy=1---
Request Chain 131
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGlvh2g3pgs09vMpDR8mfpE&google_cver=1&google_push=AXcoOmSPqbIf_tDAIJvTp5PpxxXZ1z7wxN7UgbFybRqgCFfQRi2G_cdof9W5s8o1YzYeF_9sy0OOYxa4MB7avK1m075f2N2gv2N6SRQG HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEGlvh2g3pgs09vMpDR8mfpE&google_push=AXcoOmSPqbIf_tDAIJvTp5PpxxXZ1z7wxN7UgbFybRqgCFfQRi2G_cdof9W5s8o1YzYeF_9sy0OOYxa4MB7avK1m075f2N2gv2N6SRQG&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSPqbIf_tDAIJvTp5PpxxXZ1z7wxN7UgbFybRqgCFfQRi2G_cdof9W5s8o1YzYeF_9sy0OOYxa4MB7avK1m075f2N2gv2N6SRQG&google_hm=MHV5UUl1bk9fR1Q1aHZIN2hEYnQ=
Request Chain 132
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGERjlF1bVXvDHLdkFZZLBU&google_cver=1&google_push=AXcoOmRiInN1oJlwA-zG-E_JjFz2xkQof1y-y8FDBEhOxV9yiuDPUe94o9PSegqOLbHfxKpIlml0reBE8WNbXbOr9UNKIey8CcHHd0vs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRiInN1oJlwA-zG-E_JjFz2xkQof1y-y8FDBEhOxV9yiuDPUe94o9PSegqOLbHfxKpIlml0reBE8WNbXbOr9UNKIey8CcHHd0vs
Request Chain 133
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESELa40RsLhtHP1AnuuPGkG_w&google_cver=1&google_push=AXcoOmTVfKDIk6SOEyMRMfUYFrSSc6-KsVMDvS-FkiPzNOr-lUHecRPkAXkPnZXwqsrSw4Z6AfdHfrPLFjepjkT1MLk-W9DpEV65Mf1aig HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTVfKDIk6SOEyMRMfUYFrSSc6-KsVMDvS-FkiPzNOr-lUHecRPkAXkPnZXwqsrSw4Z6AfdHfrPLFjepjkT1MLk-W9DpEV65Mf1aig

145 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
seufinanciamento.99carsforsale.com/ 		23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://seufinanciamento.99carsforsale.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:bbba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.6
Resource Hash
aaf995362435afad90dbf3f8cb9228187564bc2c3d51e0166fca2332bdbedb42

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8356a2627e8d4bbb-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 14 Dec 2023 13:01:14 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYmAHJTsPiEyg1206CP6sJot1DC0%2BtraxqKrJaQY2hLcj4WIR4FpEPlV%2FlH9Ng8xocQ7Ln%2BCCpWn%2B2BzlkhWDXzcFBs7GzZ0%2BoQWeYfKSn8l11JaMwXCXDjSuxK2wVWthu8b1BjemVdoub6mp7obeSqqm2EeoZDx8uXMUVXm1FcR"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.6
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/normalize.min.css
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1826660
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
633
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-745"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6fZk9qC9aHdF%2FJLPoMumqRHmo7CiL7M0kvZEn7SGTpqOuYYYKtVAyXNLOF62DY7zXrz11d%2BX%2FtLdHvicjYrN8ocawLMAos6d1L1%2BzZ1OVVTq2Af4FUAoYROnkXUupcG2Cw6HGwAAqSFit6vjWEM0fJy"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8356a2650f544bbb-BUF
expires
Tue, 03 Dec 2024 13:01:14 GMT
styles.css
seufinanciamento.99carsforsale.com/templates/15/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://seufinanciamento.99carsforsale.com/templates/15/css/styles.css?v1.2.8
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:bbba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81e8ce3dda7a27bc17d1d6dafc7a111c05f0be6af3ced4d83f361503763b0c96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 08 Nov 2023 19:15:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654bde48-fa4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLHTuL2pCi36WF1acNgOCBO73j%2B%2FoFqNvYzHkSva9jeUzE5Fk8c6eXASXyxtCvPNUpdCtheyuOu%2BdVROUJTldQ2JcczO9LWTy9%2Bj3xSz2U%2F2cX17KOdvhhaWYv3gRCYxzz3LMCQTZsjwM2aHx%2BTyKGDvXzLWV1rCOhyQGj8l12Ht"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8356a2649f3e4bbb-BUF
alt-svc
h3=":443"; ma=86400
08e80366de12cebda8f12f9c376516709d02_unnamed%20(1).png
seufinanciamento.99carsforsale.com/midias/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://seufinanciamento.99carsforsale.com/midias/08e80366de12cebda8f12f9c376516709d02_unnamed%20(1).png
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bbba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ecba3e9cda1660fa2d97d12e8f6c47c71c12ec31fc9c006ec042ca4a270a247

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:14 GMT
cf-cache-status
MISS
last-modified
Tue, 10 Oct 2023 14:05:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65255a40-634c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBR2fJtNMKO1ifXYagYIlbKALlZSVzqia841ZiTlWlsEyvWDFUW%2Fh8GbI%2BnAEDxDVojL4C4sMW6%2F%2FbdlJAmIGk3IyuKACjY%2BdYT2arJaF%2Bq%2B13IbROViw7G4mRO0HeHydGbbxJIDTY0Llbps3IdSV5FZWCiMVhEaisMrVqbCoUUg"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8356a265384d6aee-BUF
alt-svc
h3=":443"; ma=86400
content-length
25420
css2
fonts.googleapis.com/ 		3 KB
926 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600&display=swap
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/templates/15/css/styles.css?v1.2.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
02e8944ed774c3367114968f5198158e1a8c8576a30f240ca4be2c6ecf0f492d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 14 Dec 2023 13:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 12:42:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Dec 2023 13:01:14 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b277d2c18d6066d37e4f5a8a20b111b221e9d335b06cc9ea372c60b8bf5ca937
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29332
x-xss-protection
0
server
cafe
etag
301 / 19705 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 13:01:14 GMT
js
www.googletagmanager.com/gtag/ 		227 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TJK4NSZXBW
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3ae3e5bef1d65f47e1f785dbe997922d24717b6044ff01015cd4f13c38ebfdfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81805
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 14 Dec 2023 13:01:14 GMT
js
www.googletagmanager.com/gtag/ 		202 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-446570526
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b5399d6eaf6df1955dfdbdf008306492e4ce431c24a941e6c463a71453abb589
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74528
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 14 Dec 2023 13:01:14 GMT
log.js
u.heatmap.it/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://u.heatmap.it/log.js
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
008702ed20b35006a694d4dc03dbb3f38c759a7db77b016857bd3641e7b54ce7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 12:32:43 GMT
content-encoding
br
last-modified
Wed, 29 Mar 2023 17:53:13 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.122.0/26
etag
"64247b09-6b2b"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=3600
x-cdn-pop
bhs
accept-ranges
bytes
content-length
10532
x-request-id
209656311
expires
Mon, 11 Dec 2023 13:32:43 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://seufinanciamento.99carsforsale.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:32:52 GMT
x-content-type-options
nosniff
age
584902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 18:32:52 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://seufinanciamento.99carsforsale.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:30:10 GMT
x-content-type-options
nosniff
age
585064
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 18:30:10 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:25:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
2122
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 13 Dec 2024 12:25:52 GMT
seufinanciamento.99carsforsale.com.js
u.heatmap.it/conf/ 		44 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://u.heatmap.it/conf/seufinanciamento.99carsforsale.com.js
Requested by
Host: u.heatmap.it
URL: https://u.heatmap.it/log.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
f712cf0fe79b235265b9b898f2e4464d921937ab29e1475b23c8a7cb8d4024af

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:00:43 GMT
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.122.0/26
content-type
text/javascript;charset=UTF-8
cache-control
max-age=300
x-cdn-pop
bhs
accept-ranges
bytes
content-length
49
x-request-id
825328034
expires
Thu, 14 Dec 2023 13:05:43 GMT
js
www.googletagmanager.com/gtag/ 		227 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TJK4NSZXBW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-446570526
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e75e61cb89124aa721b6f1a0cdacb0f09d005ee959433cb5943e4a2e9083291
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81777
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 14 Dec 2023 13:01:14 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/446570526/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/446570526/?random=1702558874903&cv=11&fst=1702558874903&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v886994008&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fseufinanciamento.99carsforsale.com%2F&hn=www.googleadservices.com&frm=0&tiba=Como%20Solicitar%20o%20Financiamento%20de%20Ve%C3%ADculos%20Santander&auid=398324879.1702558875&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-446570526
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
001f78c2467c70ae4535ffb900e9cb57d78c9cde1d7c816f44ec403d74f7cea4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1286
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
266 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-TJK4NSZXBW&gtm=45je3bt0v9135192634&_p=1702558874665&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=844009142.1702558875&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1702558874&sct=1&seg=0&dl=https%3A%2F%2Fseufinanciamento.99carsforsale.com%2F&dt=Como%20Solicitar%20o%20Financiamento%20de%20Ve%C3%ADculos%20Santander&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1078
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TJK4NSZXBW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::8a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://seufinanciamento.99carsforsale.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
266 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TJK4NSZXBW&cid=844009142.1702558875&gtm=45je3bt0v9135192634&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TJK4NSZXBW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://seufinanciamento.99carsforsale.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pv
us4.heatmap.it/log/ 		0
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us4.heatmap.it/log/pv?pid=114328&u=https%3A%2F%2Fseufinanciamento.99carsforsale.com%2F&tpl=.&pt=Como%20Solicitar%20o%20Financiamento%20de%20Ve%C3%ADculos%20Santander&t=380449
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.99.47.17 , Canada, ASN16276 (OVH, FR),
Reverse DNS
us4.heatmap.it
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Thu, 14 Dec 2023 13:01:15 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Length
0
Expires
Thu, 14 Dec 2023 13:01:14 GMT
92206805
fundingchoicesmessages.google.com/i/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/92206805?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
671c8110727247e1e3959a84855028e25f92d2990ac3eda3f4e56a54a8caa587
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RfWfYeKreXoIV9uVkmR8Bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:15 GMT
content-security-policy
script-src 'report-sample' 'nonce-RfWfYeKreXoIV9uVkmR8Bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/446570526/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/446570526/?random=1702558874903&cv=11&fst=1702558800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v886994008&u_w=1600&u_h=1200&url=https%3A%2F%2Fseufinanciamento.99carsforsale.com%2F&frm=0&tiba=Como%20Solicitar%20o%20Financiamento%20de%20Ve%C3%ADculos%20Santander&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_eMIqTl-P84qA-X0h8hZrC0qhIfju8w&random=1873179156&rmt_tld=0&ipr=y
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxUSAxYkgdydlhH_gEw6_N_v3bQJ_3KlvcJw4XusLs4jgDgKh8LORaYfNBu0bdFdOPCv2wa9r5BwVeJ5D56vt4asLviQHdJ1IRemYpGTXPkUdPX8Fx6x_nPC4Bok9OMiZhf5DRr5pA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUSAxYkgdydlhH_gEw6_N_v3bQJ_3KlvcJw4XusLs4jgDgKh8LORaYfNBu0bdFdOPCv2wa9r5BwVeJ5D56vt4asLviQHdJ1IRemYpGTXPkUdPX8Fx6x_nPC4Bok9OMiZhf5DRr5pA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyNTU4ODc1LDMzNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zZXVmaW5hbmNpYW1lbnRvLjk5Y2Fyc2ZvcnNhbGUuY29tLyIsbnVsbCxbWzgsInd1UnJjZllsWWh3Il0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.wuRrcfYlYhw.es5.O/am=wA/d=1/rs=AJlcJMyq4j3elD76bCvqI3Q9g6iUxioeVA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e75f88d23a7114a1c18fafbda05d937826a94102cc62ec4667bcddb7c78c5106
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-UIOa3vW5dDSGRA-CEyNRcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:15 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-UIOa3vW5dDSGRA-CEyNRcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 21:54:37 GMT
content-encoding
gzip
via
1.1 1631ac35bac9cbaaa7c65e1bf3666d7a.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
54399
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
Iwjh_Ee_nYzDg2u_-d2NnVEz-8NOc7rn_V08HNJDEpeNcaCKht85XQ==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 20:42:18 GMT
content-encoding
gzip
age
2391537
x-guploader-uploadid
ABPtcPr2kA2d-fYqLPDbhucoF7_ixeHY7rGNGpdOq9ykE_YHttTfXjDZyw4aEfaiKXAZccHy23pGGl7aDzBK81m_f02cLULP0BUi
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Fri, 15 Nov 2024 20:42:18 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-aa2f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Dec 2023 13:01:15 GMT
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:15 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
10883
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8356a26baacc3773-YYZ
expires
Sun, 17 Dec 2023 13:01:15 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		56 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=396912672098581&correlator=1343648152855600&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&gdpr=0&iu_parts=92206805%2C99carsforsale.com%2Canchor&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=2&sc=1&cookie_enabled=1&abxe=1&dt=1702558875381&lmt=1702558875&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fseufinanciamento.99carsforsale.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=844009142.1702558875&ga_sid=1702558875&ga_hid=93955912&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY8f2qw8YxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjx_arDxjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y8f2qw8YxSABSAghkEhQKBW9wZW54GPH9qsPGMUgAUgIIZA..&dlt=1702558874331&idt=658&prev_scp=ym_track%3Dnull%26tier%3Dnull%26utm_source%3Dnull%26utm_campaign%3Dnull%26utm_content%3Dnull%26utm_term%3Dnull%26utm_medium%3Dnull&adks=2160815290&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6aef2146afb096d0893ba0f998ed101ec550d0d57666205dda86bfe4252007d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14107
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://seufinanciamento.99carsforsale.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		82 KB
25 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=396912672098581&correlator=1343648152855600&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&gdpr=0&iu_parts=92206805%2C99carsforsale.com%2Cinterstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1702558875395&lmt=1702558875&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fseufinanciamento.99carsforsale.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=844009142.1702558875&ga_sid=1702558875&ga_hid=93955912&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY8f2qw8YxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjx_arDxjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y8f2qw8YxSABSAghkEhQKBW9wZW54GPH9qsPGMUgAUgIIZA..&dlt=1702558874331&idt=658&prev_scp=ym_track%3Dnull%26tier%3Dnull%26utm_source%3Dnull%26utm_campaign%3Dnull%26utm_content%3Dnull%26utm_term%3Dnull%26utm_medium%3Dnull&adks=2956149727&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a80fbc70183ff8cc4638371b81515c18c2f7d839af151f1c5cf51d78cdc872df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25887
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://seufinanciamento.99carsforsale.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 72BB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://seufinanciamento.99carsforsale.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 13:01:15 GMT
expires
Fri, 13 Dec 2024 13:01:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04d549a4f168546afdc3608bc6ef4ad67a16a2bf2baf8c6770f88f524c924d11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 05:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
26344
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13835
x-xss-protection
0
server
cafe
etag
9174524701941205614
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 13 Dec 2024 05:42:11 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		62 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=396912672098581&correlator=1343648152855600&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&gdpr=0&iu_parts=92206805%2C99carsforsale.com%2Cb2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C336x280&fluid=height&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702558875410&lmt=1702558875&adxs=300&adys=777&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fseufinanciamento.99carsforsale.com%2F&vis=1&psz=1000x1284&msz=1000x0&fws=0&ohw=0&ga_vid=844009142.1702558875&ga_sid=1702558875&ga_hid=93955912&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY8f2qw8YxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjx_arDxjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y8f2qw8YxSABSAghkEhQKBW9wZW54GPH9qsPGMUgAUgIIZA..&dlt=1702558874331&idt=658&prev_scp=ym_track%3Dnull%26tier%3Dnull%26utm_source%3Dnull%26utm_campaign%3Dnull%26utm_content%3Dnull%26utm_term%3Dnull%26utm_medium%3Dnull&adks=3455037098&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8e85fcc74853acfd1e3667ce582bff9aa13e8495474415739b17636a8da2386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14442
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://seufinanciamento.99carsforsale.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=396912672098581&correlator=1343648152855600&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&gdpr=0&iu_parts=92206805%2C99carsforsale.com%2Cb1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C336x280&fluid=height&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702558875417&lmt=1702558875&adxs=300&adys=306&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fseufinanciamento.99carsforsale.com%2F&vis=1&psz=1000x1284&msz=1000x0&fws=0&ohw=0&ga_vid=844009142.1702558875&ga_sid=1702558875&ga_hid=93955912&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY8f2qw8YxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjx_arDxjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y8f2qw8YxSABSAghkEhQKBW9wZW54GPH9qsPGMUgAUgIIZA..&dlt=1702558874331&idt=658&prev_scp=ym_track%3Dnull%26tier%3Dnull%26utm_source%3Dnull%26utm_campaign%3Dnull%26utm_content%3Dnull%26utm_term%3Dnull%26utm_medium%3Dnull&adks=73542141&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
907efa73424cc1d827d3e5f6b2f6abef6ccc4c28098ed9fb53bc9d7ed463f955
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:17 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19923
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://seufinanciamento.99carsforsale.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxU0vcYVw92fMjV9kTmohT1FCksMztohkbKEr9Q-BS79vvyayLR_9fImFaf81G__O8xvMdOTYsKk_bFyrBjiwyj7D14P9kvw1s2cUFJxF4gVNlE446EQ03ao4dJwBmc88GrpHgJbRw==
fundingchoicesmessages.google.com/f/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU0vcYVw92fMjV9kTmohT1FCksMztohkbKEr9Q-BS79vvyayLR_9fImFaf81G__O8xvMdOTYsKk_bFyrBjiwyj7D14P9kvw1s2cUFJxF4gVNlE446EQ03ao4dJwBmc88GrpHgJbRw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyNTU4ODc1LDQzMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyXSwiaHR0cHM6Ly9zZXVmaW5hbmNpYW1lbnRvLjk5Y2Fyc2ZvcnNhbGUuY29tLyIsbnVsbCxbWzgsInd1UnJjZllsWWh3Il0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.wuRrcfYlYhw.es5.O/am=wA/d=1/rs=AJlcJMyq4j3elD76bCvqI3Q9g6iUxioeVA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
336b83b6821ec62bf8bd1b267f4a28af5dafe30d52340bd6b0e812d188317752
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vkFXqCA-HUlBD6ir1WrNHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:15 GMT
content-security-policy
script-src 'report-sample' 'nonce-vkFXqCA-HUlBD6ir1WrNHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fseufinanciamento.99carsforsale.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fseufinanciamento.99carsforsale.com%2F&rid=esp&cc=1
85 B
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fseufinanciamento.99carsforsale.com%2F&rid=esp&cc=1
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
5c2fba2d7412f1de1267dd5d2a7cf51c12ddb66f331c0d0650b6522051f00e71

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:15 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-tWeVf5Y/UfzPHEssQrCA3Utd214"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://seufinanciamento.99carsforsale.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 14 Dec 2023 13:01:15 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://seufinanciamento.99carsforsale.com
location
/esp?url=https%3A%2F%2Fseufinanciamento.99carsforsale.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
map
bcp.crwdcntrl.net/6/ 		156 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.88.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-88-64.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
f27469d16bc671ff448fa2970a097a12f0b4ea03629edd7c95245b54b19a29cd

Request headers

Referer
https://seufinanciamento.99carsforsale.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:15 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://seufinanciamento.99carsforsale.com
cache-control
no-cache
x-server
10.40.10.110
access-control-allow-credentials
true
content-length
156
expires
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb679eef978598a07c0e39e3bdb2ca9b1f7a4346dc3bcddbfa78e149572b2977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12278
x-xss-protection
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 03BD 		594 B
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f91dcfa378602e00e832b51a10309da918a4f8ce5900cc55e04be598d779f498

Request headers

Referer
https://seufinanciamento.99carsforsale.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
385
content-type
text/html
date
Thu, 14 Dec 2023 13:01:15 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 13:01:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8CFC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://seufinanciamento.99carsforsale.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
23059
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 06:36:56 GMT
expires
Fri, 13 Dec 2024 06:36:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DA5F 		829 B
979 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
573b4a00fed1e3794d70b07a1975ac23f461da32cfc380cbd54f360705c5e135
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jEN0eSwLZdvemzbyrIQGfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://seufinanciamento.99carsforsale.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-jEN0eSwLZdvemzbyrIQGfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 13:01:15 GMT
expires
Thu, 14 Dec 2023 13:01:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
767d6a76-5ed7-e1ef-c99a-42b2d6e919cb
pr-bh.ybp.yahoo.com/sync/openx/ Frame 03BD 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/767d6a76-5ed7-e1ef-c99a-42b2d6e919cb?gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:d4c8:9f2:5a1a:543f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 03BD
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ba6c704f-d2d1-c85c-3843-d6d0418d1f62
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ba6c704f-d2d1-c85c-3843-d6d0418d1f62&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ba6c704f-d2d1-c85c-3843-d6d0418d1f62&dcc=t
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:01:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KHXWEVFMG8MDCDNQPGA9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:01:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7Q8QCWPG75JT5FYNXNWH
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ba6c704f-d2d1-c85c-3843-d6d0418d1f62&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 03BD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=e2ba0c32-ce7b-73a6-f84d-544729bed482&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=e2ba0c32-ce7b-73a6-f84d-544729bed482&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=e49ecee8-9022-46aa-9731-ff577ddf19c1&ttd_puid=e2ba0c32-ce7b-73a6-f84d-544729bed482&gdpr=0&gdpr_consent=
43 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e49ecee8-9022-46aa-9731-ff577ddf19c1&ttd_puid=e2ba0c32-ce7b-73a6-f84d-544729bed482&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e49ecee8-9022-46aa-9731-ff577ddf19c1&ttd_puid=e2ba0c32-ce7b-73a6-f84d-544729bed482&gdpr=0&gdpr_consent=
date
Thu, 14 Dec 2023 13:01:15 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 03BD 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2VkNWRmZjgtMDcwYy0yZDAyLWVkYWQtMGVmZWUzNWMxYWUy
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 03BD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPeWTofLopBp7DZ7JNxvvL4&google_cver=1
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPeWTofLopBp7DZ7JNxvvL4&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPeWTofLopBp7DZ7JNxvvL4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 8CFC 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 11:21:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
5985
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Dec 2024 11:21:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DA5F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=396912672098581&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 8CFC 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4zuLzQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:15 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 2540 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Dec 2023 09:09:47 GMT
age
100289
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 12 Dec 2024 09:09:47 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 2540 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Dec 2023 09:34:33 GMT
age
98803
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 12 Dec 2024 09:34:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 2540 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Dec 2023 09:34:08 GMT
age
98828
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 12 Dec 2024 09:34:08 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 2540 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Dec 2023 09:07:17 GMT
age
100439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 12 Dec 2024 09:07:17 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 2540 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Dec 2023 15:28:05 GMT
age
77591
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 12 Dec 2024 15:28:05 GMT
css
fonts.googleapis.com/ Frame 2540 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 14 Dec 2023 13:01:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 12:24:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Dec 2023 13:01:16 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2540 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 14:47:41 GMT
x-content-type-options
nosniff
server
cafe
age
80015
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2886
x-xss-protection
0
expires
Thu, 14 Dec 2023 14:47:41 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2540 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 02:42:36 GMT
x-content-type-options
nosniff
server
cafe
age
37120
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 15 Dec 2023 02:42:36 GMT
l
www.google.com/ads/measurement/ Frame 2540 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSwwlrxAgPOwvufpSKCxzyhBYybQMSat1kDODaQXGTrTho35DePYdsmxBaGV9UB8xcqzWGdgUCKR8F9qVjSiGunHiR4tg
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=396912672098581&bg=!VlWlVRrNAAY3kmNgF5I7ADQBe5WfOBUT-2iNQ5olYuifpFsORpSFSroBSv1Voa6dpAxMPSjeeUO-tp_kzGsSw3c5eJoiAgAAAFJSAAAAAmgBB5kDH2NuZqBc9yd0CiumtXQdCJM1csyGqy8V7MVPtoUIQz2jvMMkIOatkzAxFl7zhDVt8h1-2kfYva8xTM_JK7UrpNYFsiuPoXwTo5jJ-nY1-SpqAk8I0npO3QI4reU6ML2Dmdp1IGWVXvXV1XiJD_smSnTkMgRHKRX-bECeBgfyqYA4kDtX0MKC9mbD9SCCnx1gKfEgSaIdvWrac8VdOO2TmBCky7EAcg215bdEPC6TCqd29S364l6RNW75utsb4GyO_bM_CRSzzQo_ntNMCFjC0zq9CQhmaZXYxcb-g4elLs32kNbdcv9BhjRxHnPbJnlCe4DasrYJw4Kc_1nt5jEO89o0CmJEu3pigWljKopoF2vtzju0ozXQNTQXX8Adwb97H8PvwO1P8uW9C6JleT_1TwpTFUSP27zJ3hW2BCPbAsSoavS6P9nhHF3RmAE4IIUwBvB7X3SF4FGLmn3jNLQBQwdw-8rEnE_T1j01_OyJmhNm2MNLnFUEZO4jmMaIvfo0O-Z-RbxaZmPJIb-8r1iYO_QxjdF5jVy7UldYYBVetSxrvxV19Z_J5TyfCr4UUAqk-kDFqE9WnMlZDsW-EkOVrpur6Bcc2aSw5eQhYBygU70A8oQtQrhljxIMDGCPAU79-Djah2E_vhIJFjeBa0AUWsfczeZa4L6vgU3m8dXF5V-9e2ijK21rlBSW3mT8ymOIAssoNl21U1Dw4Godel7FwVSUvZrNC2oe5yOSa3EFGfDT1OT8QGCdK0G8mTKUiliVn1g69L2J7qceByUcZ7XqUCeK-HXPHprq_bu1USlnfcHjnhQ7Rm86zL8iVJ6UPeMcCSMCfakvXLN4o_P33VDvzZ0yUyXnfunwW8s7UmkuJL_BPs4SnXQtY8y8FmJqIEGW3pYE114dEKZUeCUYADM3zIurIQ_totctdD4ouJvlLtIrAnBTAa2AcyrxVgkx7XD0s6BXgfgAgz6TanUvmoEFvsbE0gW9JUYb3TP-cf2MoqvWuBQuwt6ZzSvgOo3hwexX5D9Ld5ekwzyj7aFZwXkEeSmgdm3rkXLgjThzlBUOtjU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=1.552034953258487
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bDUj8vBYnfWoekNL7c8ucg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-bDUj8vBYnfWoekNL7c8ucg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=0.7725509902678771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KdANA8G59XYwezpqTIJI9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-KdANA8G59XYwezpqTIJI9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2540
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H2
Server
2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date
Thu, 14 Dec 2023 13:01:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
AGSKWxWm64abqzIxCjgcPM3Od1x0Uh8qZC5W_DbmpoDMdX0cTzXGrDs3FpQSp40MQQIGeBB3XgpmdDHuslANkDhB-98a4OQvl_MBy7Qx8-GSAFAf2Zo1h32itWEAwuMYPfaV4GSjNlU3aQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWm64abqzIxCjgcPM3Od1x0Uh8qZC5W_DbmpoDMdX0cTzXGrDs3FpQSp40MQQIGeBB3XgpmdDHuslANkDhB-98a4OQvl_MBy7Qx8-GSAFAf2Zo1h32itWEAwuMYPfaV4GSjNlU3aQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.wuRrcfYlYhw.es5.O/am=wA/d=1/rs=AJlcJMyq4j3elD76bCvqI3Q9g6iUxioeVA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9DRTbMeX2r183L5-25gLMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://seufinanciamento.99carsforsale.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Dec 2023 13:01:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-9DRTbMeX2r183L5-25gLMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://seufinanciamento.99carsforsale.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
container.html
37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7414 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://seufinanciamento.99carsforsale.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 13:01:16 GMT
expires
Fri, 13 Dec 2024 13:01:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 7414 		4 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 14 Dec 2023 13:01:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 12:15:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Dec 2023 13:01:16 GMT
nmedianet.js
contextual.media.net/ Frame 33D5 		100 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.112.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-112-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7712878f8dfe04a0cf32b22e2513d87e115593b5826a4700cfb1ccb80797d397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-mnt-h
22-s1v0
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 14 Dec 2023 13:01:16 GMT
server
Apache
etag
"b69e4a374ef43ff78878c78e297fa4c9"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-5h9m
timing-allow-origin
*
content-length
38720
expires
Thu, 14 Dec 2023 13:06:16 GMT
release-20231121-135-adperformance.js
warp.media.net/rtb/resources/ Frame 33D5 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.200.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-200-28.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Thu, 14 Dec 2023 13:01:16 GMT
x-guploader-uploadid
ABPtcPo5Vei9sOmLBvFL0QA5JkYOIs0tPNaY2-23OajAozrU4-eg8mIO0T8S57pTPcV0tQ1h8nY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25147
server
UploadServer
etag
"841dabce0b477a93d9cf7379b9eb1368"
vary
Accept-Encoding
x-goog-hash
md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type
application/javascript
x-goog-generation
1700562102250666
cache-control
max-age=3600
x-goog-stored-content-length
73447
expires
Thu, 14 Dec 2023 14:01:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 33D5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 15:10:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
78645
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 15:10:31 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 33D5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 15:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
78647
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 15:10:29 GMT
l
www.google.com/ads/measurement/ Frame 33D5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRCAclDkeZtGxrlRCakfbgrJCe6SyhZdEDjrutKOK7gvbigVVtfyP4VKiqg7wbMFEwFFjelvWWiD2ozipkQ7qAYRQ42kg
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 33D5 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 21:07:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
143610
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 11 Dec 2024 21:07:46 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 33D5 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 13:01:18 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 7414 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 14:46:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
80115
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9210
x-xss-protection
0
server
cafe
etag
13914886398874665762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 14:46:01 GMT
browserfp.min.js
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 33D5 		131 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.46.150.66 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-46-150-66.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
9e5f93f14d46d083005f3807479570e6c957c151f77dcf18dd89cd6156105275

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 13:01:17 GMT
Content-Encoding
gzip
x-powered-by
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Access-Control-Max-Age
1800
Connection
keep-alive, Transfer-Encoding
Transfer-Encoding
chunked
Expires
Thu, 14 Dec 2023 13:06:17 GMT
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame D2B9 		103 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3195&&kkdd=*u%7Cu%7CnH9*A3&87=RHXbzzeeH.eAXX.be.4&VImZ=X&Scmp=X&-I8=RR4X&Uc-W=04AH&-7I=eDOH!HHRY&-m-I=!-LVty1hNPY1ERNN5ZZP-f%3D%3D&-Z7I=HH4.eHARA&c7vW=RXbAyH.e&--=Oq&c-=g0&-2sS=cSSNS7VZpU7tsNUWcU&m7I=ei_*Al)H(&Um7I=9PzA.qQ&2UUmc=R&ZZZ=Uv*520-J505HYIa3fAqPNxP-*lBX)t35!02)tItaDh4FnPt-_FSDA6mZ9X(Of.!l&dfZx=2UUmc%3A%2F%2FcWhx7sps-7pSWsUtuQQ-pZcxtZcpJWu-tS&WdfZx=fHHY!%3Aqq!PydevRv(eRkPvHSu77(R0!dS0!RaPu(Sk&scW=z&Jf=R&hVI=A&pIUR=eDOOQPMer&pIUb=RR.bRRXQR&nIpUp=cIb%3DshJJj7hZJNJ%3DRXjtVWZmS%3Dbub.jItSNn%3DXuz4jc-I%3DsEjZpW%3DX%2CXjItSNJ%3DbXj8JbZNcI%3DbXb4RbRAX4j7hZJNn%3DH4zuAzjhZJNUd-%3DXjhZJNZbpNn%3DXjcUI%3DbQz.RAQHbHjSsNnW2NnttcU%3DXuQjZpU%3DXuXXX%2CXj7m%3DRQPA9ipnmDda7R8DgnOzvbjxnn%3DRzjn2N7S%3D4ejZ77mhp%3DzH%2CzHjZ-%3DRjZ7ch7I%3DX%2CXjZmcNcI%3DbXb4RbRAX.jZpI8%3DXuXXX%2CXjhZJNn%3DRu4.j8JbZNhZJNn%3DXjcSSNfZ%3D44ueQAejhZJNJ%3DRXjcJ8%3Db4u.bjV-pU%3D5RXjnn%3DRQ.jcSSNShJ%3DXu.jWZmS%3Dbub.j8JbZNhZJNd-%3DXYXjmc7N-%3De%2C4%2CX%2CX%2CX%2CX%2CX%2CXjnS%3DRjmc7NI%3DAQQbjZdW%3DX%2CXjp4mNn%3DR44uQ%2CeAuX4jcI%3DRjh7I%3Dbgp6JxDY0s2_OfP7FEj-8JbZNn%3DRAbueQjnUI%3Dbb4QeR44.AQ4A4XRXeXe..eAA.44HbX4bzeQRRbbz.RQ4H.R.XebXAb..QzQeX.Qeeeb4XAzRAzAA.bHHQQ44XAA.HR.z4RQR.Rez.Xjh7S%3DXjZdU%3DXuXXX%2CXjtVIbmNn%3DXuQejcc%3D(Tj--%3DOqjdnNIJ%3DmUjh7f%3D5Rj-W%3DXjZ-8%3DARuHRjDg%3D4X.RjdnNh-%3DRjsUc%3DRHjdnNhJ%3DmUjdnN--dc%3DXj-U%3DnhxxpJtjnccNB9)%3D(T%2C(Tjnpc7cb%3DRQ.jnpc7cR%3DRQ.jdnNUU%3DXjn2NcI%3DbXb4RbRAXRjI-%3Dej8JbZNn%3DR44uQjUU%3DAQQRj8fNWy-%3DXuQAjcSSNn7I%3DRu4.j87cNcI%3D44QjhZJNZmcNn%3DRAuRRjn2N-t%3DXjctna%3DbXAuzbjI-b%3DRj8Npcs%3DbXbHej3i%3DuCcpJWuCjJpcU%3Dj-8tV%3DRAbueQj87cNhZJNn%3DXuzj8JbZN7NcI%3DbXb4RbR4b4j87cNhZJNJ%3DXjWU%3D4bj8JbZN7Nn%3DXuAzj87cNn%3DbXRu4j8JbZNhZJN87%3DRY5R.jhZJNU87%3DXj88%3DXj-8JbZNcI%3D44QjZx8%3DARuHRjJbZNn%3DRXXXjfZNn%3DRbQ%2CXjcSSNcI%3DbXb4RbRAXRjZpIm%3DXuXXX%2CXjc7I%3DHH4.eHARAjhZJNZmcNd-%3DXjdnNcZ-%3Ddnnj8fh%3DXuQAjIbmNJ%3DRXj-8Jb%3DRAbueQj4m-x%3DQQQuQbjtVNSc2%3DRu4HjISSNcUZV%3DcSSNS7VZpU7tsNUWcUjIbmNn%3DXuQQjZmcNn%3DeAuX4jhZJNcZmcNn%3DRAuRjZdfm%3DXuXXX%2CXj3ib%3DuCcpJWuCjZdfI%3DXuXXX%2CXj7c*Wx%3DXjiM%3DXj7c7x%3DXjhZJNZm-Nn%3DXjn7I%3DRu4.jdnNmU%3DTZU7-JWjhZJNZmcNZ8%3DXj-nIm%3DRu4.XjcI%3DRj7UEmWN7I%3DRHjcWJJWZNUpVN7I%3DbQz.RAQHbHjchmmJENUpVN7I%3DjIWUW-UWINUpVN7I%3Dj87Wfpn7J7UE%3DXuQAjmtc%3DRjp-NUEmW%3DRjpInJd%3DbQz.RAQHbHjpSm%3DRjtVn7I%3Dbub.XjnxJZ%3DXuXRXjch7I%3DDTYqY6I7P5TkPovqvknS!QsVHitjIU-%3DWpcUNc-jISSNWZmS%3DxpJcWjISS%3DcSSNS7VZpU7tsNUWcUjnIm-pmI%3DXjIpJV%3DcSSj7scJ%3DRjctnm%3Djy7I%3DTwo5mhn5bQ.H.4z.Ae..QQHRj2USJ%3DRjcSSNpm7%3D8Rj7n-%3DRjscv%3DRHjUVc%3DbzXybzX%7C4XXybzX%7C4XXy.XX%7C4XXyRXzX%7C4bXyAXX%7C4bXyAeX%7C44.ybeX%7CARAyH4.%7CAeXy4bX%7CzeXyAXX%7CH4.yARA%7CHzXybXX%7CHzXy4XX%7CH.eyRXbA%7CQ4XyReX%7CQHXybzX%7CRXbAyH.ejncn%3DXjncm%3DXjUSy%3Db4.&sU8=X&SSS=.U)5r(hyz7O%3D&7f=X&7sgxZ=R&nIZgI=A.X&n7I=4AQQbR&S-x=H.zQb&EIcmZ=R&npW=1yWVvvp(yA&dpUmZW=R&-pItSp7s=Uv*520-J505rq2(Ab5hhxIsz_o2b7DX(.LI4bEAgq-al_raNdEatvV%3D%3D&EmJm=R&7c7I=z&pI8=gs8WcUtZ%20Mt-hc&ccS-ZN8WZ=z&mV7I=mXRQzzbAHRAzUbXb4RbRAR4XR&ccJI=%7B%22cc7m%22%3A%22b.Xb%3Axx-e%3AXXXb%3AXXXX%3AXXXX%3AXXXX%3AXXXX%3AXXXX%22%2C%22cc--%22%3A%22Oq%22%2C%22ccc-%22%3A%22(k%22%2C%22cc-UE%22%3A%22nhxxpJt%22%7D&2USJcZ-=R&sflct=8451290&U-xN-Sm=R&ure=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.112.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-112-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e58210f82e88fae38dcf2785ef1ffe20ef9e6feea15980b17f1d5774e507e6f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-type
text/html
date
Thu, 14 Dec 2023 13:01:17 GMT
expires
Thu, 14 Dec 2023 13:01:17 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-6vmg
bping.php
lg3.media.net/ Frame 33D5 		35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=2914&&vgd_cdv=1130&vgd_cage=1&vgd_tsce=L347&vgd_mcf=76592&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=773687414&vi=1702558876840062863&ugd=4&lf=6&kwrf=https%3A%2F%2Fseufinanciamento.99carsforsale.com&cc=US&sc=IL&lper=100&wsip=170785052&r=1702558876933&rrr=tzR-hLcl-L-7EdjMw4SJ_fJcRVK0WoM-QLhWodojCu3ZbJocOZmC4GprT0NUw6QV&requrl=https%3A%2F%2Fseufinanciamento.99carsforsale.com%2F&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYvf.fF~OmYMGv9.XA~QNOvz5~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fAufuH9A~8xLjMGvhAX.HX~xLjM7UNv9~xLjMLf1MGv9~Q7OvfiXFuHihfh~YzMGJwMGmmQ7v9.i~L17v9.999%2C9~8Evui6H_01GE%3DUd8ue%3DVGPXlf~kGGvuX~GwM8YvAW~L88Ex1vXh%2CXh~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fAufuH9F~L1Oev9.999%2C9~xLjMGvu.AF~ejfLMxLjMGv9~QYYMBLvAA.WiHW~xLjMjvu9~QjevfA.Ff~yN17vou9~GGvuiF~QYYMYxjv9.F~JLEYvf.fF~ejfLMxLjMUNv949~EQ8MNvW%2CA%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOvHiif~LUJv9%2C9~1AEMGvuAA.i%2CWH.9A~QOvu~x8OvfV1Zjk%3D4TzwaPB6825~NejfLMGvuHf.Wi~G7OvffAiWuAAFHiAHA9u9W9WFFWHHFAAhf9AfXWiuuffXFuiAhFuF9Wf9HfFFiXiW9FiWWWfA9HXuHXHHFfhhiiAA9HHFhuFXAuiuFuWXF9~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~UGMOjvE7~x8Bvou~NJv9~LNevHu.hu~%3DVvA9Fu~UGMxNvu~z7Qvuh~UGMxjvE7~UGMNNUQv9~N7vGxkk1jm~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~UGM77v9~GwMQOvf9fAufuH9u~ONvW~ejfLMGvuAA.i~77vHiiu~eBMJ-Nv9.iH~QYYMG8Ovu.AF~e8QMQOvAAi~xLjMLEQMGvuH.uu~GwMNmv9~QmGdvf9H.Xf~ONfvu~eM1Qzvf9fhW~c0v.*Q1jJ.*~j1Q7v~NemyvuHf.Wi~e8QMxLjMGv9.X~ejfLM8MQOvf9fAufuAfA~e8QMxLjMjv9~J7vAf~ejfLM8MGv9.HX~e8QMGvf9u.A~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvAAi~LkevHu.hu~jfLMGvu999~BLMGvufi%2C9~QYYMQOvf9fAufuH9u~L1OEv9.999%2C9~Q8OvhhAFWhHuH~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.iH~OfEMjvu9~NejfvuHf.Wi~AENkviii.if~myMYQwvu.Ah~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.ii~LEQMGvWH.9A~xLjMQLEQMGvuH.u~LUBEv9.999%2C9~c0fv.*Q1jJ.*~LUBOv9.999%2C9~8QDJkv9~0sv9~8Q8kv9~xLjMLENMGv9~G8Ovu.AF~UGME7vKL78NjJ~xLjMLEQMLev9~NGOEvu.AF9~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvfiXFuHihfh~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.iH~EmQvu~1NM75EJvu~1OGjUvfiXFuHihfh~1YEvu~myG8Ovf.fF9~GkjLv9.9u9~Qx8Ov%3DK4b4ZO86oK36tlbl3GYgizyh0m~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~8zQjvu~QmGEv~-8OvKrtoExGofiFhFAXFHWFFiihu~w7Yjvu~QYYM1E8veu~8GNvu~zQlvuh~7yQvfX9-fX9%7CA99-fX9%7CA99-F99%7CA99-u9X9%7CAf9-H99%7CAf9-HW9%7CAAF-fW9%7CHuH-hAF%7CHW9-Af9%7CXW9-H99%7ChAF-HuH%7ChX9-f99%7ChX9-A99%7ChFW-u9fH%7CiA9-uW9%7Cih9-fX9%7Cu9fH-hFW~GQGv9~GQEv9~7Y-vfAF&ssld=%7B%22QQ8E%22%3A%22fF9f%3AkkNW%3A999f%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22I3%22%2C%22QQN75%22%3A%22Gxkk1jm%22%7D&vgd_bid=349921&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=20278&vgd_rakh=1702558876134308351&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_pgid=p01955247145t202312141301&vgd_pgids=1&vgd_uspa=0&vgda_l1btm=%5B%22SPAMPXL%22%5D&hvsid=00001702558876928016112663383898&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=2
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.200.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-200-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 14 Dec 2023 13:01:16 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 14 Dec 2023 13:01:16 GMT
checksync.php
contextual.media.net/ Frame 81E1 		27 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.112.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-112-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8d76a6d198239cff30bb1bdb6e410a19e3170189ba9ec8e7eb79a70cfbf05bdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9627
content-type
text/html; charset=UTF-8
date
Thu, 14 Dec 2023 13:01:16 GMT
expires
Sat, 16 Dec 2023 13:01:16 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 33D5 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?pixel_len_bucket=6666&logid=awlog&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CUU9JF8H&reqid=qfdwkvQZJMibA-PnKG4dwQ&vid=qfdwkvQZJMibA-PnKG4dwQ&dn=seufinanciamento.99carsforsale.com&rawDn=seufinanciamento.99carsforsale.com&requrl_dn=seufinanciamento.99carsforsale.com&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Fseufinanciamento.99carsforsale.com&cliIPV6=2602%3Affc8%3A0002%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=NY&ct=buffalo&zip=14202&pubid=pub-ADX-116310109131&tgtval=pub-ADX-116310109131&csip=rtb-appnexus-7dc74fbddc-spv6c.SC&dtc=east_sc&zone=d&sd=1&ptype=23&tmax=300&xtmax=300&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&asn=20278&surl=https%3A%2F%2Fseufinanciamento.99carsforsale.com&sckfl=1&suid=CAESEGdiJ-AYJXzSzYbmQ9ng7Po&sckfl2=0&smbrid=adx-1&usp_status=0&usp_enf=1&mspa_enforced=true&gqid=AD8Fdm6tezuwQ0NIN3TmtrU5MUDThsCa89xURI8HTdjuJEU3CA6bUPP4mcCR0tmSBso7RW9S&pexid=ADX-pub-2967635648669971&geoll=false&is_ortb=false&commit_id=6c817f9f&ocurr=USD&omul=1.0&currsrc=NEXUS&currsrc_date=2023-12-13+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&is_msnnative_src=false&proxy=envoy&rtttime=127&req_tid_present=false&pvid=460&prvAccId=773687414&prvApiId=8CU7Q771E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=116211091&prspt=headerBid&prvReqId=67151273262104_165231847_1162110914601&size=1024x768&chnl=smm_migration_test&bdp=2.260&bid_uuid=a3417984c6d2966d06aa99ee768ac34c&cbdp=1.36&og_cbdp=2.260&ogbdp=2.26&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Frelated.investorfocus.net&dfpBd=1.36&dsrc=-2&dp=0&dbf=1&epc=773687414&s=1&snm=SUCCESS&pcrid=8CU7Q771E-773687414-50-3&tpbTkn=false&exid=218&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=94&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1702558876453&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=2.26&dmm_erpm=false&dmm_ogerpm=false&bcrid=1700080807684001024076800059500&strg=smm_migration_test&vls=0&scrid=1700080807684001024076800059500&mang=1&pvdTmax=236&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sdr=false&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CU7Q771E&mx_SPRIG=2&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUU9JF8H&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=17&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=250x250%7C300x250%7C300x600%7C300x1050%7C320x400%7C320x480%7C336x280%7C414x736%7C480x320%7C580x400%7C736x414%7C750x200%7C750x300%7C768x1024%7C930x180%7C970x250%7C1024x768&mx_bsProfileRa=0&mx_IAB2=2&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=e647832764&mx_exp_tokens%3C%3E=IPBLOCK_DM%3AGCS%23%23ctx_canonical_exp%3Atrue%23%23NedCkflWithData%3ADEFAULT%23%23launchexp%3Atoken2%23%23bsNed%3AvalidBid%23%23prll_req%3Atrue%23%23NedCkfl%3ADEFAULT%23%23BssTgtMig%3ADEFAULT&acid=eb4fe88d50db1a6b372c4df9d1d44b3d&rtime=91.0&wsip=mowx-lite-64f849678b-r9spx&ltime=105.0&act=headerBid&abs=0%7C0%7Cxtmax%3D300%7Cbrr%3D1&adtypes=0&adblk=2956149727&impId=1&reftime=0&reftype=0&psrc=fail&insl=1&mowxReqId=eb4fe88d50db1a6b372c4df9d1d44b3d_1&policy_enf=2&pub_blk_enf=1&req_size=1024x768%7C300x250%7C320x400%7C930x180%7C480x320%7C414x736%7C320x480%7C336x280%7C750x200%7C970x250%7C580x400%7C250x250%7C300x1050%7C768x1024%7C750x300%7C300x600%7C736x414&renderer=1&ifst=0&iframingState=0&ifdp=0&slotVisibility=1&adpos=1&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&feedback_id=qfdwkvQZJMibA-PnKG4dwQ_1&supplyTagId=2956149727&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&debug_ts=2023-12-14+13%3A01%3A16&__expireat=1702559476706&mview=1&lo_pvid=%5B460%5D&lo_dp=0&lo_bdp=2.260&lo_cbdp=1.36&actltime=107&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D2.26~dom_b%3D0.53~scd%3Dny~rae%3D0%2C0~dom_l%3D20~vl2r_sd%3D2023121403~iurl_b%3D735.45~url_tkc%3D0~url_r2a_b%3D0~std%3D2956149727~mn_beh_boost%3D0.9~rat%3D0.000%2C0~ip%3D19J4TPabpCkji1vCIbU5z2~fbb%3D15~bh_im%3D38~riipua%3D57%2C57~rc%3D1~risuid%3D0%2C0~rps_sd%3D2023121406~radv%3D0.000%2C0~url_b%3D1.36~vl2r_url_b%3D0~smm_wr%3D33.8948~url_l%3D10~slv%3D23.62~gcat%3D-10~bb%3D196~smm_mul%3D0.6~erpm%3D2.26~vl2r_url_kc%3D0E0~psi_c%3D8%2C3%2C0%2C0%2C0%2C0%2C0%2C0~bm%3D1~psi_d%3D4992~rke%3D0%2C0~a3p_b%3D133.9%2C84.03~sd%3D1~uid%3D2IaGlfCELnhOUwJiZy~cvl2r_b%3D142.89~btd%3D2239813364934301080866844633720325891122561937616082042669598069888230451454462779933044671653191618560~uim%3D0~rkt%3D0.000%2C0~ogd2p_b%3D0.98~ss%3DNA~cc%3DUS~kb_dl%3Dpt~uiw%3D-1~ce%3D0~rcv%3D41.71~CI%3D3061~kb_uc%3D1~nts%3D17~kb_ul%3Dpt~kb_ccks%3D0~ct%3Dbuffalo~bss_KTW%3DNA%2CNA~basis2%3D196~basis1%3D196~kb_tt%3D0~bh_sd%3D2023121401~dc%3D8~vl2r_b%3D133.9~tt%3D4991~vw_exc%3D0.94~smm_bid%3D1.36~vis_sd%3D339~url_rps_b%3D14.11~bh_co%3D0~sobj%3D204.52~dc2%3D1~v_asn%3D20278~MP%3D.*sale.*~last%3D~cvog%3D142.89~vis_url_b%3D0.5~vl2r_i_sd%3D2023121323~vis_url_l%3D0~et%3D32~vl2r_i_b%3D0.45~vis_b%3D201.3~vl2r_url_vi%3D1E-16~url_tvi%3D0~vv%3D0~cvl2r_sd%3D339~rfv%3D41.71~l2r_b%3D1000~wr_b%3D129%2C0~smm_sd%3D2023121401~radp%3D0.000%2C0~sid%3D773687414~url_rps_kc%3D0~kb_src%3Dkbb~vwu%3D0.94~d2p_l%3D10~cvl2%3D142.89~3pcf%3D999.92~og_msh%3D1.37~dmm_strg%3Dsmm_migration_test~d2p_b%3D0.99~rps_b%3D84.03~url_srps_b%3D14.1~rkwp%3D0.000%2C0~MP2%3D.*sale.*~rkwd%3D0.000%2C0~isRef%3D0~PF%3D0~isif%3D0~url_rpc_b%3D0~bid%3D1.36~kb_pt%3DArticle~url_rps_rv%3D0~cbdp%3D1.360%7Esd%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D2956149727%7Esupply_tag_id%3D%7Edetected_tag_id%3D%7Eviewability%3D0.94%7Epos%3D1%7Eac_type%3D1%7Eadblk%3D2956149727%7Eamp%3D1%7Eogbid%3D2.260%7Ebflr%3D0.010%7Esuid%3DCAESEGdiJ-AYJXzSzYbmQ9ng7Po%7Edtc%3Deast_sc%7Edmm_erpm%3Dfalse%7Edmm%3Dsmm_migration_test%7Ebdpcapd%3D0%7Edalg%3Dsmm%7Einsl%3D1%7Esobp%3D%7Exid%3DADX-pub-2967635648669971%7Ehtml%3D1%7Esmm_api%3Dv1~ibc%3D1~nsz%3D17~tgs%3D250x250%7C300x250%7C300x600%7C300x1050%7C320x400%7C320x480%7C336x280%7C414x736%7C480x320%7C580x400%7C736x414%7C750x200%7C750x300%7C768x1024%7C930x180%7C970x250%7C1024x768~bsb%3D0~bsp%3D0~tmx%3D236&utime=492&sf=0&cpr=0.6078333983863089
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.36.23 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-36-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:17 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 14 Dec 2023 13:01:17 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BBA9 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
74390
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 16:21:26 GMT
etag
48472445140208031
expires
Thu, 14 Dec 2023 16:21:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame BBA9
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEF1c0x6xNzg1nTvFxzzM-nU&google_cver=1&google_push=AXcoOmSpo8YN-UgCUk4t_UpDJP2Pqj0pS9wPP3KYnM0kdrEvA7regci...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=3ce21414153e11fa&is_secure=true&networkId=14000&version=1&google_gid=CAESEF1c0x6xNzg1nTvFxzzM-nU&google_cver=1&google_push=AXcoOmSpo8YN...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGV0LQv3tfWwM06zElAAAAAAA&expiration=1702645277&google_cver=1&is_secure=true&google_gid=CAESEF1c0x6xNzg1nTvFxzzM-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGV0LQv3tfWwM06zElAAAAAAA&expiration=1702645277&google_cver=1&is_secure=true&google_gid=CAESEF1c0x6xNzg1nTvFxzzM-nU&google_push=AXcoOmSpo8YN-UgCUk4t_UpDJP2Pqj0pS9wPP3KYnM0kdrEvA7regciRgfeM6oMLs16a4EvfkYjSjqMF2ozlBjuP0rT0MTZVT0y7kQ
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:17 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGV0LQv3tfWwM06zElAAAAAAA&expiration=1702645277&google_cver=1&is_secure=true&google_gid=CAESEF1c0x6xNzg1nTvFxzzM-nU&google_push=AXcoOmSpo8YN-UgCUk4t_UpDJP2Pqj0pS9wPP3KYnM0kdrEvA7regciRgfeM6oMLs16a4EvfkYjSjqMF2ozlBjuP0rT0MTZVT0y7kQ
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
usersync.aspx
dis.criteo.com/dis/ Frame BBA9 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTky2yC2Zib_v3X4etjYj0vmveNez2GNzq09qIft0CHfqf1c8im8JXw-_9AhFDl9n6190SiP9Scram0Cvr1-fbspMjCQVZk&google_gid=CAESED8RfBOfcfIDRI42cUjz7TM&google_cver=1
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:16 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
491082
expires
Thu, 14 Dec 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BBA9
Redirect Chain
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEM5Bc0uMQxj79Z7RYJek3lE&google_cver=1&google_push=AXcoOmROvwqSn621L4qS6LzyiKYxExYZEeETXzA66A2xqn3Xft8J3Kn9gXwSTcjZE8Z4uuTSu_a9XJumjNOxWO5uen-6SGL...
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=MTljZDhjZWY0NjAwNGQzMGE4NjZlMDIxNjMxYzVhYzY%3D&UIDF=CAESEM5Bc0uMQxj79Z7RYJek3lE&google_cver=1&google_push=AXcoOmROvwqSn621L4qS6LzyiKYx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=MTljZDhjZWY0NjAwNGQzMGE4NjZlMDIxNjMxYzVhYzY%3D&UIDF=CAESEM5Bc0uMQxj79Z7RYJek3lE&google_cver=1&google_push=AXcoOmROvwqSn621L4qS6LzyiKYxExYZEeETXzA66A2xqn3Xft8J3Kn9gXwSTcjZE8Z4uuTSu_a9XJumjNOxWO5uen-6SGLC9qGraA
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=MTljZDhjZWY0NjAwNGQzMGE4NjZlMDIxNjMxYzVhYzY%3D&UIDF=CAESEM5Bc0uMQxj79Z7RYJek3lE&google_cver=1&google_push=AXcoOmROvwqSn621L4qS6LzyiKYxExYZEeETXzA66A2xqn3Xft8J3Kn9gXwSTcjZE8Z4uuTSu_a9XJumjNOxWO5uen-6SGLC9qGraA
date
Thu, 14 Dec 2023 13:01:17 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
pixel
cm.g.doubleclick.net/ Frame BBA9
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEIuRLMWqBSkETosnIDtEwL8&google_cver=1&google_push=AXcoOmS9XXxFqU9Kn02kWx_whp_J6YdqJzDkbjGIGZDrSjH45b_YinnDzq-8QCh90ONqrXIle0KrMMp32_ssPURx-ZWOlO...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEIuRLMWqBSkETosnIDtEwL8&google_cver=1&google_push=AXcoOmS9XXxFqU9Kn02kWx_whp_J6YdqJzDkbjGIGZDrSjH45b_YinnDzq-8QCh90ONqrXIle0KrMMp32_ssPURx...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PJVPndSmRxGN52DQUikIZg&google_push=AXcoOmS9XXxFqU9Kn02kWx_whp_J6YdqJzDkbjGIGZDrSjH45b_YinnDzq-8QCh90ONqrXIle0KrMMp32_ssPUR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PJVPndSmRxGN52DQUikIZg&google_push=AXcoOmS9XXxFqU9Kn02kWx_whp_J6YdqJzDkbjGIGZDrSjH45b_YinnDzq-8QCh90ONqrXIle0KrMMp32_ssPURx-ZWOlOeEpCWb
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PJVPndSmRxGN52DQUikIZg&google_push=AXcoOmS9XXxFqU9Kn02kWx_whp_J6YdqJzDkbjGIGZDrSjH45b_YinnDzq-8QCh90ONqrXIle0KrMMp32_ssPURx-ZWOlOeEpCWb
access-control-allow-origin
*
date
Thu, 14 Dec 2023 13:01:17 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
onetag-sys.com/match/ Frame BBA9
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELUfGIKArw0aWhynTQF0RPc&google_cver=1&google_push=AXcoOmSJokjyPc3O0LB3HwDt77WkL3gWP_g0ZT_raeXZhgRb6g5ShlShqsnLAM6q5utphkz97uw2K1qo7s5...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSJokjyPc3O0LB3HwDt77WkL3gWP_g0ZT_raeXZhgRb6g5ShlShqsnLAM6q5utphkz97uw2K1qo7s5Jw1JHpQgbbzJxVO2eGM4
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BBA9
Redirect Chain
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEEQsVdWAdSIu8qqiroQJ4lo&google_cver=1&google_push=AXcoOmQbM7DC19sca5qWCAP0d5NB_d2WQbVwBf75OhYrbyraPbHnEQ6OiCfw9HqHJUBODzfFmIrAmIp839OMRoL486zjZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQbM7DC19sca5qWCAP0d5NB_d2WQbVwBf75OhYrbyraPbHnEQ6OiCfw9HqHJUBODzfFmIrAmIp839OMRoL486zjZFhZcLhDZA&google_hm=f5ef61ca7007...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQbM7DC19sca5qWCAP0d5NB_d2WQbVwBf75OhYrbyraPbHnEQ6OiCfw9HqHJUBODzfFmIrAmIp839OMRoL486zjZFhZcLhDZA&google_hm=f5ef61ca70076ecf288nbv00lq57lha2
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 14 Dec 2023 13:01:17 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQbM7DC19sca5qWCAP0d5NB_d2WQbVwBf75OhYrbyraPbHnEQ6OiCfw9HqHJUBODzfFmIrAmIp839OMRoL486zjZFhZcLhDZA&google_hm=f5ef61ca70076ecf288nbv00lq57lha2
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame BBA9
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEMQSxY26W63n0zzIlVXLR_Q&google_cver=1&google_push=AXcoOmRxWcMeHMdYw...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEMQSxY26W63n0zzIlVXLR_Q%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjI1ODgzNTQ1NDM1MjA5MjU3Ng%3D%3D&google_gid=CAESEMQSxY26W63n0zzIlVXLR_Q&google_cver=1&google_push=AXcoOmRxWcMeHMdYwsflcd4YDI0PcxLime...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjI1ODgzNTQ1NDM1MjA5MjU3Ng%3D%3D&google_gid=CAESEMQSxY26W63n0zzIlVXLR_Q&google_cver=1&google_push=AXcoOmRxWcMeHMdYwsflcd4YDI0PcxLime-SYcaTkd9HuAcv847jXClPkayFTJ-PaoXLBqDHU9A-e7CaZeLt1FC8T1Loq_RBsF2NNBM
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:17 GMT
an-x-request-uuid
3809c5fd-29ae-40e4-9647-882890d52992
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjI1ODgzNTQ1NDM1MjA5MjU3Ng%3D%3D&google_gid=CAESEMQSxY26W63n0zzIlVXLR_Q&google_cver=1&google_push=AXcoOmRxWcMeHMdYwsflcd4YDI0PcxLime-SYcaTkd9HuAcv847jXClPkayFTJ-PaoXLBqDHU9A-e7CaZeLt1FC8T1Loq_RBsF2NNBM
x-proxy-origin
96.9.249.34; 96.9.249.34; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame BBA9 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LyaNDdxgpgOeSsS0bzzUJpsMeGfJsov8qBDKGKSKv5URdZ19d7oyx_8PmYjkrbFlW7jqPOk4Gi
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cksync
cs.media.net/ Frame 81E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ1NTYwNDc2NjYzMzg0MzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEPK-jXUsMNYhKT1rLY4--aE&google_cver=1
53 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEPK-jXUsMNYhKT1rLY4--aE&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.24.36.23 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-36-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:17 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 14 Dec 2023 13:01:17 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEPK-jXUsMNYhKT1rLY4--aE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 7438 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Dec 2023 09:09:47 GMT
age
100290
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 12 Dec 2024 09:09:47 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7438 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Dec 2023 09:34:33 GMT
age
98804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 12 Dec 2024 09:34:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7438 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Dec 2023 09:34:08 GMT
age
98829
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 12 Dec 2024 09:34:08 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7438 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Dec 2023 09:07:17 GMT
age
100440
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 12 Dec 2024 09:07:17 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7438 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Dec 2023 15:28:05 GMT
age
77592
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 12 Dec 2024 15:28:05 GMT
css
fonts.googleapis.com/ Frame 7438 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 14 Dec 2023 13:01:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 11:40:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Dec 2023 13:01:17 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7438 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 14:47:41 GMT
x-content-type-options
nosniff
server
cafe
age
80016
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2886
x-xss-protection
0
expires
Thu, 14 Dec 2023 14:47:41 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7438 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 02:42:36 GMT
x-content-type-options
nosniff
server
cafe
age
37121
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 15 Dec 2023 02:42:36 GMT
l
www.google.com/ads/measurement/ Frame 7438 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ6h4HiwnPdKHcFylPq1ORjpSEeF7W5mbvD8hLx03e6fs2ACffKoVh-W7Q6xoRsWjGN6MErRBzPMsL8JKElOwCBlLgWiw
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
14763004658117789537
tpc.googlesyndication.com/simgad/2910521599688291773/ Frame 7438 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2910521599688291773/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c11bd8b40121ede8f319c93a3d2c05e8734e5727005b5cf0f56415ba7f2e2af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 14:59:10 GMT
x-content-type-options
nosniff
age
511327
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1673
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 12:05:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 14:59:10 GMT
truncated
/ Frame 7438 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
70497ea3c36a2d29569f8853a6211684f3e63cc821f72ee7e1bead6c0b811a75

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7438 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://seufinanciamento.99carsforsale.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:27:28 GMT
x-content-type-options
nosniff
age
585229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 18:27:28 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7438
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H3
Server
2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date
Thu, 14 Dec 2023 13:01:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 7438 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CYVBVnPx6Zd3iIqnLo9kPtcODmA6WkvmgdIzyu-yFEqSIhZ4LEAEgten5SmDJ7o6LwKSMEKABqsDC7inIAQHgAgCoAwHIAwqqBJsCT9AmQNgLp8hP9edmJJ5PK5qfdzsiTghVEULL7YoglZKXQyNIWxxywGTACyYRfLkARIiwvQev20TJZAIQ9i6gVnDEc9fRvkL_LgDa8mXYwr0vS1aJ6NdwGfEMHDtatRWOpxe8GanvharIif3kzhd3gTEFBA-9JXkkILd_vOFaq-87CacZe2kxSbVegKV5D7NSd6ylNVEN1ICAcc5yhaGOvKYdG_Jcx0TcwQsUhcKZlFy3W6yydAQvo7tMQV7qg5ZZePh3Oou6LI5CIfJDzAghr7K6Coq9SAoybEpe-WTrNpralyrh1VvsD52cjpwjqazE-0bLCUZVNAQfOAaKnFZRrf48kJJbLmxMgM9amchsfVCkk6pBeE8r9LzRG8AEzbWj2L0E4AQBiAWE8fWuTZIFBAgEGAGSBQQIBRgEgAeHvKSXA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEK6sLNIIHwiAYRABGB0yAooCOgSAQIBASL39wTpY_KPrh_6OgwOaCeoDaHR0cHM6Ly9vcHRpb25pc2guY29tL2FydGljbGUvdW5sb2NraW5nLXRoZS1wb3dlci1vZi1nb29nbGUtYWR2ZXJ0aXNpbmctc2VydmljZS1hZHMtYS1jb21wcmVoZW5zaXZlLWd1aWRlP3F1ZXJ5PXNldHVwK0dvb2dsZStBZHZlcnRpc2luZytTZXJ2aWNlK0FkcyZ1dG1fc291cmNlPWdvb2dsZXMmcF9pZD02MzQ0JmNfaWQ9MjA3Njc5MzA1MDAmYV9pZD0xNTM5OTg2NDU5NjUmdXRtX2NvbnRlbnQ9c2V0dXArR29vZ2xlK0FkdmVydGlzaW5nK1NlcnZpY2UrQWRzJnBsPTkwMDU1MzImdXRtX3Rlcm09U2V0dXArR29vZ2xlK0FkdmVydGlzaW5nK1NlcnZpY2UrQWRzLEdvb2dsZStQcm9mZXNzaW9uYWwrQWRzK1NlcnZpY2VzLEdvb2dsZStQUEMrQ2FtcGFpZ24rTWFuYWdlbWVudCtTZXJ2aWNlcyxHb29nbGUrUHJvZmVzc2lvbmFsK0Fkd29yZHMrQWR2ZXJ0aXNpbmcrU2VydmljZXMsTXVzdC10cnkrUHJvZmVzc2lvbmFsK0dvb2dsZStBZHMrU2VydmljZStTdHJhdGVneYAKA8gLAaIMFCoSChDktLEC7rWxArW4sQKsurEC2gwQCgoQkICVlIfTw4lUEgIBA-INEwj51euH_o6DAxWp5SgFHbXhAOPYEwyIFAPQFQGAFwGyFx4KHAgAEhRwdWItOTQzOTEwNjIwNTU4Nzk3Nhjel2k&sigh=na8yhmRKIv0&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSOwAvHhf_0G9KTMQOP-rDp_Fqqkd6i7DMSMrXBZBv5dQwsUrB-SLhiu5_GTGZym4mXWFZ97HHNtfY8hXEGAE&template_id=5001&cbvp=2
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ads.
fundingchoicesmessages.google.com/f/AGSKWxVTtTcUqQLMXBqnSlqmswuGjeHfTawkdxSGPAJhQ9hrr51rhA8XsUtmLaENzv8rmG_xJnFyQt4TriS8HtQR2C9gyXTa-chXx5biZFiPJJdEQYYcjM9pAEx54RJ82LC4ovUEoltkms_inmLbImrbfMH473Tcp... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVTtTcUqQLMXBqnSlqmswuGjeHfTawkdxSGPAJhQ9hrr51rhA8XsUtmLaENzv8rmG_xJnFyQt4TriS8HtQR2C9gyXTa-chXx5biZFiPJJdEQYYcjM9pAEx54RJ82LC4ovUEoltkms_inmLbImrbfMH473TcpHrTwI8qM5UcdyRUUC1kZawm-lDwTdeZ/__ad_zone__120x240_/468x280..net/vghd_/geo/ads.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.wuRrcfYlYhw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyNreoDFLSym4fIlcqYY32kVmLO6g/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cb962fd24d9d425933477085177610c42bc87a45c16d83119013e7f989d77544
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SaXX9hMhpFevZbq8ADn9iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:17 GMT
content-security-policy
script-src 'report-sample' 'nonce-SaXX9hMhpFevZbq8ADn9iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.wuRrcfYlYhw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyNreoDFLSym4fIlcqYY32kVmLO6g/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61fccfdc6707e6432998da73d67d285fad858d68d59c9eb2657930772fb2cbd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:07:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
3214
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24502
x-xss-protection
0
server
cafe
etag
8172479049841164170
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 13:07:43 GMT
AGSKWxWm64abqzIxCjgcPM3Od1x0Uh8qZC5W_DbmpoDMdX0cTzXGrDs3FpQSp40MQQIGeBB3XgpmdDHuslANkDhB-98a4OQvl_MBy7Qx8-GSAFAf2Zo1h32itWEAwuMYPfaV4GSjNlU3aQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWm64abqzIxCjgcPM3Od1x0Uh8qZC5W_DbmpoDMdX0cTzXGrDs3FpQSp40MQQIGeBB3XgpmdDHuslANkDhB-98a4OQvl_MBy7Qx8-GSAFAf2Zo1h32itWEAwuMYPfaV4GSjNlU3aQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.wuRrcfYlYhw.es5.O/am=wA/d=1/rs=AJlcJMyq4j3elD76bCvqI3Q9g6iUxioeVA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lQuQRkjmX-iZLW1QpKbk7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://seufinanciamento.99carsforsale.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Dec 2023 13:01:17 GMT
content-security-policy
script-src 'report-sample' 'nonce-lQuQRkjmX-iZLW1QpKbk7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://seufinanciamento.99carsforsale.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWm64abqzIxCjgcPM3Od1x0Uh8qZC5W_DbmpoDMdX0cTzXGrDs3FpQSp40MQQIGeBB3XgpmdDHuslANkDhB-98a4OQvl_MBy7Qx8-GSAFAf2Zo1h32itWEAwuMYPfaV4GSjNlU3aQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWm64abqzIxCjgcPM3Od1x0Uh8qZC5W_DbmpoDMdX0cTzXGrDs3FpQSp40MQQIGeBB3XgpmdDHuslANkDhB-98a4OQvl_MBy7Qx8-GSAFAf2Zo1h32itWEAwuMYPfaV4GSjNlU3aQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.wuRrcfYlYhw.es5.O/am=wA/d=1/rs=AJlcJMyq4j3elD76bCvqI3Q9g6iUxioeVA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3k2s8gPf-e-o6YWWf9gA5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://seufinanciamento.99carsforsale.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Dec 2023 13:01:17 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3k2s8gPf-e-o6YWWf9gA5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://seufinanciamento.99carsforsale.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lq57lheo&ctx=0&met.9=1.qg~2.ub
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c10::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:17 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxWm64abqzIxCjgcPM3Od1x0Uh8qZC5W_DbmpoDMdX0cTzXGrDs3FpQSp40MQQIGeBB3XgpmdDHuslANkDhB-98a4OQvl_MBy7Qx8-GSAFAf2Zo1h32itWEAwuMYPfaV4GSjNlU3aQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWm64abqzIxCjgcPM3Od1x0Uh8qZC5W_DbmpoDMdX0cTzXGrDs3FpQSp40MQQIGeBB3XgpmdDHuslANkDhB-98a4OQvl_MBy7Qx8-GSAFAf2Zo1h32itWEAwuMYPfaV4GSjNlU3aQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.wuRrcfYlYhw.es5.O/am=wA/d=1/rs=AJlcJMyq4j3elD76bCvqI3Q9g6iUxioeVA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cjyN9DGzJBeTFbQ2-EW22A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://seufinanciamento.99carsforsale.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Dec 2023 13:01:17 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cjyN9DGzJBeTFbQ2-EW22A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://seufinanciamento.99carsforsale.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWm64abqzIxCjgcPM3Od1x0Uh8qZC5W_DbmpoDMdX0cTzXGrDs3FpQSp40MQQIGeBB3XgpmdDHuslANkDhB-98a4OQvl_MBy7Qx8-GSAFAf2Zo1h32itWEAwuMYPfaV4GSjNlU3aQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWm64abqzIxCjgcPM3Od1x0Uh8qZC5W_DbmpoDMdX0cTzXGrDs3FpQSp40MQQIGeBB3XgpmdDHuslANkDhB-98a4OQvl_MBy7Qx8-GSAFAf2Zo1h32itWEAwuMYPfaV4GSjNlU3aQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.wuRrcfYlYhw.es5.O/am=wA/d=1/rs=AJlcJMyq4j3elD76bCvqI3Q9g6iUxioeVA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--fCnKZT4fPbvR1a5yTpqcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://seufinanciamento.99carsforsale.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Dec 2023 13:01:17 GMT
content-security-policy
script-src 'report-sample' 'nonce--fCnKZT4fPbvR1a5yTpqcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://seufinanciamento.99carsforsale.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWh_76FWnX8D5eNHawpDwkwmPeeE9KN_5WlWSpic-omCHHtUtF4FbNqePiWdcqzcZy_zi_VsUE0dSivGCyH-oHYBiPM1oHM6h0ZeJ_DEICoM5tU1JAbvvpRsKCd87M81N5KS0I8dQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWh_76FWnX8D5eNHawpDwkwmPeeE9KN_5WlWSpic-omCHHtUtF4FbNqePiWdcqzcZy_zi_VsUE0dSivGCyH-oHYBiPM1oHM6h0ZeJ_DEICoM5tU1JAbvvpRsKCd87M81N5KS0I8dQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyNTU4ODc3LDI5NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9zZXVmaW5hbmNpYW1lbnRvLjk5Y2Fyc2ZvcnNhbGUuY29tLyIsbnVsbCxbWzgsInd1UnJjZllsWWh3Il0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.wuRrcfYlYhw.es5.O/am=wA/d=1/rs=AJlcJMyq4j3elD76bCvqI3Q9g6iUxioeVA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51cab93ff5c15ff7c9650306e559fb19ea47d39cc3b29a00179ac284435890e1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-opc_xz32a4Bb0_6VqUBayQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:17 GMT
content-security-policy
script-src 'report-sample' 'nonce-opc_xz32a4Bb0_6VqUBayQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUgxSCyidDbCMVpQREyBsLHEEpA1MXe8vIe3HYmbeNVsID5WGaCEBezbQc0TQaMOCvyqC3ku787-axCZUok1xOxYv4Q4VhePHJ9pd26kqEftzC9P-RC50u7XIILQAIWAv-kj8bTCQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUgxSCyidDbCMVpQREyBsLHEEpA1MXe8vIe3HYmbeNVsID5WGaCEBezbQc0TQaMOCvyqC3ku787-axCZUok1xOxYv4Q4VhePHJ9pd26kqEftzC9P-RC50u7XIILQAIWAv-kj8bTCQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.wuRrcfYlYhw.es5.O/am=wA/d=1/rs=AJlcJMyq4j3elD76bCvqI3Q9g6iUxioeVA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ccOZ6k5j92H0qbGQL1XX9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://seufinanciamento.99carsforsale.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Dec 2023 13:01:17 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ccOZ6k5j92H0qbGQL1XX9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://seufinanciamento.99carsforsale.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
bql.php
akl-navvy.media.net/ Frame D2B9 		15 B
297 B 		Script
General
Check archive.org
Download Go to
Full URL
https://akl-navvy.media.net/bql.php?vgd_len=10121&&vgd_canary=0&vgd_l2type=scs_newfl&fp=Zn43mmkFKe9MhXr9cozCkx5wqrNx5k5UaujjqeRezD4_HOMjdjkJ2TUWQn2K2tYET9CMvmQzqaFnEPC-TKbblmSURMI_SeW7jxJxk3sihavXYbCIdN1Sl1_AA62dWnhy1Qgm5Q17RLY_VxsQFb3IBaqigcdjBEG0pKLpgjO0w4U%3D&cme=J1stAVunSJpkR4A1uh0gpCweAMDI2cMQWtS-npWZJ-EJ9W0q6MwUoZ1hmNhPmAuLSigShIJ8stO8hUEXM_-BTzJpSsLTjQUbd24PcJJvbI1wcHM-WHTq0xfCpGGnog7Pzzx7cMNdoDn5oIMeA4vInTOLy9_SqCIIRbMYqqYV5OhK3JMHv4ST2bDP4T-mPCqXfop3EMl4de-it64NkIXphuiv47ohKYSuNmO85uAhYm3596L1kcKHew%3D%3D%7C%7Ca0AmFUYXmD7Wy4ZhdQDhnd3MSpHciquNEUvtQX6xuk9HtwKr231Tt7v2aEXyA8B5RgwgBZkz7-M%3D%7Cxrl5Md8q4-_kAdi3Dp6CqadFGFVKMiswtoSAACIJ-4yC6CcAZUuRU7e3_J7PCAfVg-j9ddNiaYw%3D%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7CtW5S0FaBYxW9v1FtYWO8gLu5P02Rz7l1Utjya6MfxYUeL4WbkZ8RIM8701q5u2isVDO60pwizf78OYX26qjvHI3-wtOTzfckGkUIFrJw3QF44A3LZSP2ClkMdummNl6iYlRQmD0ajmrrCSGF5Brk76YbXkECXMnKs4MGlaONXRI28p02WC0-mtjuUZE0HUbqCxC34SCACGuh00M8wr5ae_cBb8rYvtEblv2-rUx33CnbOPdyZOdHVu5VdCi3PbovApXRKeBWd2djnI0kJWjh35FGCscDqKhxTqTKiHT_bfALDTbTK1DoZoRA6oxtpYsZ%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CJwgYdc1KQkFA0AkMtcoUY9olDV92JfOo%7CWGV0YFlErcpuo3Pma1EBA706uXx3IZ3_s1njI9zvr5U%3D%7C&subBdr=196&bdrid=460&ksu=224&fdkt=475&vgde_kbbh=ffoyxQJuO&kwd[]=Cars+for+%241500+Near+Me&kwt[]=475&kbc[]=a8c108effc9a3a91a640caceff019e2b.d2s&kwp[]=1&kid[]=329961520&kbc2[]=eset%3D1%7Ce_st%3D37%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0004%7C8%3D121323%7C13%3D0.2044%7C14%3D121408%7Cokt%3D475%7Cbdkt%3D475%7Cir%3D1%7Ciid%3D13923570%7Cps%3D0.888%7C1%3D4.81%7C2%3D9.59&ktd[]=275431952640&kwd[]=%24900+Cars+for+Sale&kwt[]=475&kbc[]=a8c108effc9a3a91a640caceff019e2b.d2s&kwp[]=2&kid[]=329969988&kbc2[]=eset%3D1%7Ce_st%3D37%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0005%7C8%3D121323%7C13%3D0.1487%7C14%3D121408%7Cokt%3D475%7Cbdkt%3D475%7Cir%3D1%7Ciid%3D3157469%7Cps%3D0.888%7C1%3D2.56%7C2%3D6.64&ktd[]=275700388096&kwd[]=Impounded+Cars+for+Sale&kwt[]=475&kbc[]=a8c108effc9a3a91a640caceff019e2b.d2s&kwp[]=3&kid[]=14831061&kbc2[]=eset%3D1%7Ce_st%3D37%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0005%7C8%3D121323%7C13%3D0.1333%7C14%3D121408%7Cokt%3D475%7Cbdkt%3D475%7Cir%3D1%7Ciid%3D1723679%7Cps%3D0.888%7C1%3D2.69%7C2%3D5.13&ktd[]=278921613568&kwd[]=2023+Chevrolet+Camaro+ZL1&kwt[]=381&kbc[]=1202591714&kwp[]=4&kid[]=329728983&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0008%7C8%3D121323%7C13%3D0.0832%7C14%3D121408%7Cokt%3D381%7Cbdkt%3D381%7Cir%3D1%7Ciid%3D1693501%7Cps%3D0.427%7C1%3D2.09%7C2%3D3.90&ktd[]=4504425083371776&kwd[]=Cheap+Cars+for+Sale+Near+Me&kwt[]=475&kbc[]=a8c108effc9a3a91a640caceff019e2b.d2s&kwp[]=5&kid[]=326686791&kbc2[]=eset%3D1%7Ce_st%3D37%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0006%7C8%3D121323%7C13%3D0.0896%7C14%3D121408%7Cokt%3D475%7Cbdkt%3D475%7Cir%3D1%7Ciid%3D2567290%7Cps%3D0.888%7C1%3D2.14%7C2%3D5.45&ktd[]=275700388096&kwd[]=List+of+SUV+Cars&kwt[]=381&kbc[]=1202591714&kwp[]=6&kid[]=329486504&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0006%7C8%3D121323%7C13%3D0.0872%7C14%3D121408%7Cokt%3D381%7Cbdkt%3D381%7Cir%3D1%7Ciid%3D1992468%7Cps%3D0.427%7C1%3D1.10%7C2%3D2.56&ktd[]=4504425083371776&kwd[]=Deals+on+Rental+Cars&kwt[]=381&kbc[]=1202591714&kwp[]=7&kid[]=7880527&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0007%7C8%3D121323%7C13%3D0.0839%7C14%3D121408%7Cokt%3D381%7Cbdkt%3D381%7Cir%3D1%7Ciid%3D2539686%7Cps%3D0.427%7C1%3D1.48%7C2%3D2.77&ktd[]=4503878548783360&kwd[]=Affordable+SUV+Cars+to+Lease&kwt[]=381&kbc[]=1202591714&kwp[]=8&kid[]=329698779&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0005%7C8%3D121323%7C13%3D0.0940%7C14%3D121408%7Cokt%3D381%7Cbdkt%3D381%7Cir%3D1%7Ciid%3D1699249%7Cps%3D0.427%7C1%3D2.11%7C2%3D3.60&ktd[]=4503875327557888&kwd[]=2023+Chevrolet+Corvette&kwt[]=381&kbc[]=1202591714&kwp[]=9&kid[]=326811950&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0008%7C8%3D121323%7C13%3D0.0790%7C14%3D121408%7Cokt%3D381%7Cbdkt%3D381%7Cir%3D1%7Ciid%3D8925803%7Cps%3D0.427%7C1%3D2.03%7C2%3D4.02&ktd[]=4503875327557888&kwd[]=Best+SUVs+2023&kwt[]=381&kbc[]=1202591714&kwp[]=10&kid[]=329895016&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0005%7C8%3D121323%7C13%3D0.0986%7C14%3D121408%7Cokt%3D381%7Cbdkt%3D381%7Cir%3D1%7Ciid%3D1690744%7Cps%3D0.427%7C1%3D1.87%7C2%3D3.60&ktd[]=4503875327557888&kwd[]=Cars+for+Sale+Under+%243000&kwt[]=475&kbc[]=a8c108effc9a3a91a640caceff019e2b.d2s&kwp[]=11&kid[]=329945740&kbc2[]=eset%3D1%7Ce_st%3D37%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0006%7C8%3D121323%7C13%3D0.0883%7C14%3D121408%7Cokt%3D475%7Cbdkt%3D475%7Cir%3D1%7Ciid%3D12792843%7Cps%3D0.888%7C1%3D2.70%7C2%3D4.23&ktd[]=275700388096&kwd[]=Used+Car+Deals&kwt[]=381&kbc[]=1202591714&kwp[]=12&kid[]=29521019&kbc2[]=3%3D0.35%7C4%3D2.95%7Cpmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0006%7C8%3D121323%7C13%3D0.0845%7C14%3D121408%7Cokt%3D381%7Cbdkt%3D381%7Cir%3D1%7Ciid%3D1693290%7Cps%3D0.427%7C1%3D1.90%7C2%3D3.89&ktd[]=22518273853751552&kwd[]=Repo+Cars+for+Sale&kwt[]=475&kbc[]=a8c108effc9a3a91a640caceff019e2b.d2s&kwp[]=13&kid[]=24266835&kbc2[]=eset%3D1%7Ce_st%3D37%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0005%7C8%3D121323%7C13%3D0.0903%7C14%3D121408%7Cokt%3D475%7Cbdkt%3D475%7Cir%3D1%7Ciid%3D2304036%7Cps%3D0.888%7C1%3D2.10%7C2%3D4.09&ktd[]=275717165312&kwd[]=Best+Cars+to+Rent&kwt[]=381&kbc[]=1202591714&kwp[]=14&kid[]=329486479&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0005%7C8%3D121323%7C13%3D0.0829%7C14%3D121408%7Cokt%3D381%7Cbdkt%3D381%7Cir%3D2%7Ciid%3D3958894%7Cps%3D0.427%7C1%3D1.44%7C2%3D2.77&ktd[]=4504425083371776&kwd[]=Which+Is+Best+SUV+to+Buy&kwt[]=381&kbc[]=1202591714&kwp[]=15&kid[]=329486510&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0006%7C8%3D121323%7C13%3D0.0754%7C14%3D121408%7Cokt%3D381%7Cbdkt%3D381%7Cir%3D1%7Ciid%3D3674291%7Cps%3D0.427%7C1%3D1.29%7C2%3D2.44&ktd[]=4503875327557888&kwd[]=Best+Used+Cars+to+Buy&kwt[]=381&kbc[]=1202591714&kwp[]=16&kid[]=3493398&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0005%7C8%3D121323%7C13%3D0.0813%7C14%3D121408%7Cokt%3D381%7Cbdkt%3D381%7Cir%3D1%7Ciid%3D2669782%7Cps%3D0.427%7C1%3D1.69%7C2%3D3.14&ktd[]=4503875344335104&v=1&geo=43.12%7C-77.56&dlper=20&lper=100&lpid=&tsid=1886&hint=&cc=US&wsip=170774562&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%22Gxkk1jm%22%2C%22QQ8E%22%3A%22fF9f%3AkkNW%3A999f%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQQN%22%3A%22I3%22%7D&cid=8CU7Q771E&vi=1702558876840062863&vsid=3455604766633856&tdAdd[]=asnum%3D20278&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0100&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=0&vgd_tsce=L347-S347&vgd_imdtl=1&vgd_l3_sc=IL&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_refdomain=99carsforsale.com&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=3000ca6a&vgd_nrrsf=scrr&vgd_cty=rochester&vgd_ifrmode=14&sttm=1702558876928&upk=1702558877.26051&hvsid=00001702558876928016112663383898&verid=3111299&sbdrId=196&tsrc=entity&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_l1rakh=1702558876134308351&vgd_ecrid=1700080807684001024076800059500&vgd_isiolc=1&kbbq=%26asn%3D20278&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=76592&vgd_vstrid=3455604766633856&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYvf.fF~OmYMGv9.XA~QNOvz5~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fAufuH9A~8xLjMGvhAX.HX~xLjM7UNv9~xLjMLf1MGv9~Q7OvfiXFuHihfh~YzMGJwMGmmQ7v9.i~L17v9.999%2C9~8Evui6H_01GE%3DUd8ue%3DVGPXlf~kGGvuX~GwM8YvAW~L88Ex1vXh%2CXh~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fAufuH9F~L1Oev9.999%2C9~xLjMGvu.AF~ejfLMxLjMGv9~QYYMBLvAA.WiHW~xLjMjvu9~QjevfA.Ff~yN17vou9~GGvuiF~QYYMYxjv9.F~JLEYvf.fF~ejfLMxLjMUNv949~EQ8MNvW%2CA%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOvHiif~LUJv9%2C9~1AEMGvuAA.i%2CWH.9A~QOvu~x8OvfV1Zjk%3D4TzwaPB6825~NejfLMGvuHf.Wi~G7OvffAiWuAAFHiAHA9u9W9WFFWHHFAAhf9AfXWiuuffXFuiAhFuF9Wf9HfFFiXiW9FiWWWfA9HXuHXHHFfhhiiAA9HHFhuFXAuiuFuWXF9~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~UGMOjvE7~x8Bvou~NJv9~LNevHu.hu~%3DVvA9Fu~UGMxNvu~z7Qvuh~UGMxjvE7~UGMNNUQv9~N7vGxkk1jm~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~UGM77v9~GwMQOvf9fAufuH9u~ONvW~ejfLMGvuAA.i~77vHiiu~eBMJ-Nv9.iH~QYYMG8Ovu.AF~e8QMQOvAAi~xLjMLEQMGvuH.uu~GwMNmv9~QmGdvf9H.Xf~ONfvu~eM1Qzvf9fhW~c0v.*Q1jJ.*~j1Q7v~NemyvuHf.Wi~e8QMxLjMGv9.X~ejfLM8MQOvf9fAufuAfA~e8QMxLjMjv9~J7vAf~ejfLM8MGv9.HX~e8QMGvf9u.A~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvAAi~LkevHu.hu~jfLMGvu999~BLMGvufi%2C9~QYYMQOvf9fAufuH9u~L1OEv9.999%2C9~Q8OvhhAFWhHuH~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.iH~OfEMjvu9~NejfvuHf.Wi~AENkviii.if~myMYQwvu.Ah~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.ii~LEQMGvWH.9A~xLjMQLEQMGvuH.u~LUBEv9.999%2C9~c0fv.*Q1jJ.*~LUBOv9.999%2C9~8QDJkv9~0sv9~8Q8kv9~xLjMLENMGv9~G8Ovu.AF~UGME7vKL78NjJ~xLjMLEQMLev9~NGOEvu.AF9~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvfiXFuHihfh~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.iH~EmQvu~1NM75EJvu~1OGjUvfiXFuHihfh~1YEvu~myG8Ovf.fF9~GkjLv9.9u9~Qx8Ov%3DK4b4ZO86oK36tlbl3GYgizyh0m~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~8zQjvu~QmGEv~-8OvKrtoExGofiFhFAXFHWFFiihu~w7Yjvu~QYYM1E8veu~8GNvu~zQlvuh~7yQvfX9-fX9%7CA99-fX9%7CA99-F99%7CA99-u9X9%7CAf9-H99%7CAf9-HW9%7CAAF-fW9%7CHuH-hAF%7CHW9-Af9%7CXW9-H99%7ChAF-HuH%7ChX9-f99%7ChX9-A99%7ChFW-u9fH%7CiA9-uW9%7Cih9-fX9%7Cu9fH-hFW~GQGv9~GQEv9~7Y-vfAF&vgd_bhv_kbb=1&vgd_cfud=230612&vgd_scsver=296&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=0_0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=602&vgd_ect=4g&vgde_ydata=18%25ArNz~duh%25Aru&vgd_l1cdv=1130&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=1000&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D&vgd_uspa=0&vgd_sc=IL&vgd_l1rhst=contextual.media.net&hvsid=00001702558876928016112663383898&rc=0&rand=1702558877450&acid=eb4fe88d50db1a6b372c4df9d1d44b3d&matm=1702558877450&vgd_ltimesrc=1&vgd_ltime=778&vgd_rtime=776&vgd_etm=13&vgd_l1hcsd=Ss1v0%7C8298&vgd_tcf_cmp=1&vgda_l1btm=%5B%22SPAMPXL%22%5D&vgd_l1ch=1&vgd_lhl=6582&vgd_pgid=p01955247145t202312141301&vgd_csip=rtb-appnexus-7dc74fbddc-spv6c.SC&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=SL%7CDIV-creative%7CDIV-card%7CDIV-ad_position_box%7CBODY&vgd_crefurl=https%3A%2F%2Fseufinanciamento.99carsforsale.com%2F&vgd_eadm=1&vgd_matchstr=hr%3D1%7C&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3195&&kkdd=*u%7Cu%7CnH9*A3&87=RHXbzzeeH.eAXX.be.4&VImZ=X&Scmp=X&-I8=RR4X&Uc-W=04AH&-7I=eDOH!HHRY&-m-I=!-LVty1hNPY1ERNN5ZZP-f%3D%3D&-Z7I=HH4.eHARA&c7vW=RXbAyH.e&--=Oq&c-=g0&-2sS=cSSNS7VZpU7tsNUWcU&m7I=ei_*Al)H(&Um7I=9PzA.qQ&2UUmc=R&ZZZ=Uv*520-J505HYIa3fAqPNxP-*lBX)t35!02)tItaDh4FnPt-_FSDA6mZ9X(Of.!l&dfZx=2UUmc%3A%2F%2FcWhx7sps-7pSWsUtuQQ-pZcxtZcpJWu-tS&WdfZx=fHHY!%3Aqq!PydevRv(eRkPvHSu77(R0!dS0!RaPu(Sk&scW=z&Jf=R&hVI=A&pIUR=eDOOQPMer&pIUb=RR.bRRXQR&nIpUp=cIb%3DshJJj7hZJNJ%3DRXjtVWZmS%3Dbub.jItSNn%3DXuz4jc-I%3DsEjZpW%3DX%2CXjItSNJ%3DbXj8JbZNcI%3DbXb4RbRAX4j7hZJNn%3DH4zuAzjhZJNUd-%3DXjhZJNZbpNn%3DXjcUI%3DbQz.RAQHbHjSsNnW2NnttcU%3DXuQjZpU%3DXuXXX%2CXj7m%3DRQPA9ipnmDda7R8DgnOzvbjxnn%3DRzjn2N7S%3D4ejZ77mhp%3DzH%2CzHjZ-%3DRjZ7ch7I%3DX%2CXjZmcNcI%3DbXb4RbRAX.jZpI8%3DXuXXX%2CXjhZJNn%3DRu4.j8JbZNhZJNn%3DXjcSSNfZ%3D44ueQAejhZJNJ%3DRXjcJ8%3Db4u.bjV-pU%3D5RXjnn%3DRQ.jcSSNShJ%3DXu.jWZmS%3Dbub.j8JbZNhZJNd-%3DXYXjmc7N-%3De%2C4%2CX%2CX%2CX%2CX%2CX%2CXjnS%3DRjmc7NI%3DAQQbjZdW%3DX%2CXjp4mNn%3DR44uQ%2CeAuX4jcI%3DRjh7I%3Dbgp6JxDY0s2_OfP7FEj-8JbZNn%3DRAbueQjnUI%3Dbb4QeR44.AQ4A4XRXeXe..eAA.44HbX4bzeQRRbbz.RQ4H.R.XebXAb..QzQeX.Qeeeb4XAzRAzAA.bHHQQ44XAA.HR.z4RQR.Rez.Xjh7S%3DXjZdU%3DXuXXX%2CXjtVIbmNn%3DXuQejcc%3D(Tj--%3DOqjdnNIJ%3DmUjh7f%3D5Rj-W%3DXjZ-8%3DARuHRjDg%3D4X.RjdnNh-%3DRjsUc%3DRHjdnNhJ%3DmUjdnN--dc%3DXj-U%3DnhxxpJtjnccNB9)%3D(T%2C(Tjnpc7cb%3DRQ.jnpc7cR%3DRQ.jdnNUU%3DXjn2NcI%3DbXb4RbRAXRjI-%3Dej8JbZNn%3DR44uQjUU%3DAQQRj8fNWy-%3DXuQAjcSSNn7I%3DRu4.j87cNcI%3D44QjhZJNZmcNn%3DRAuRRjn2N-t%3DXjctna%3DbXAuzbjI-b%3DRj8Npcs%3DbXbHej3i%3DuCcpJWuCjJpcU%3Dj-8tV%3DRAbueQj87cNhZJNn%3DXuzj8JbZN7NcI%3DbXb4RbR4b4j87cNhZJNJ%3DXjWU%3D4bj8JbZN7Nn%3DXuAzj87cNn%3DbXRu4j8JbZNhZJN87%3DRY5R.jhZJNU87%3DXj88%3DXj-8JbZNcI%3D44QjZx8%3DARuHRjJbZNn%3DRXXXjfZNn%3DRbQ%2CXjcSSNcI%3DbXb4RbRAXRjZpIm%3DXuXXX%2CXjc7I%3DHH4.eHARAjhZJNZmcNd-%3DXjdnNcZ-%3Ddnnj8fh%3DXuQAjIbmNJ%3DRXj-8Jb%3DRAbueQj4m-x%3DQQQuQbjtVNSc2%3DRu4HjISSNcUZV%3DcSSNS7VZpU7tsNUWcUjIbmNn%3DXuQQjZmcNn%3DeAuX4jhZJNcZmcNn%3DRAuRjZdfm%3DXuXXX%2CXj3ib%3DuCcpJWuCjZdfI%3DXuXXX%2CXj7c*Wx%3DXjiM%3DXj7c7x%3DXjhZJNZm-Nn%3DXjn7I%3DRu4.jdnNmU%3DTZU7-JWjhZJNZmcNZ8%3DXj-nIm%3DRu4.XjcI%3DRj7UEmWN7I%3DRHjcWJJWZNUpVN7I%3DbQz.RAQHbHjchmmJENUpVN7I%3DjIWUW-UWINUpVN7I%3Dj87Wfpn7J7UE%3DXuQAjmtc%3DRjp-NUEmW%3DRjpInJd%3DbQz.RAQHbHjpSm%3DRjtVn7I%3Dbub.XjnxJZ%3DXuXRXjch7I%3DDTYqY6I7P5TkPovqvknS!QsVHitjIU-%3DWpcUNc-jISSNWZmS%3DxpJcWjISS%3DcSSNS7VZpU7tsNUWcUjnIm-pmI%3DXjIpJV%3DcSSj7scJ%3DRjctnm%3Djy7I%3DTwo5mhn5bQ.H.4z.Ae..QQHRj2USJ%3DRjcSSNpm7%3D8Rj7n-%3DRjscv%3DRHjUVc%3DbzXybzX%7C4XXybzX%7C4XXy.XX%7C4XXyRXzX%7C4bXyAXX%7C4bXyAeX%7C44.ybeX%7CARAyH4.%7CAeXy4bX%7CzeXyAXX%7CH4.yARA%7CHzXybXX%7CHzXy4XX%7CH.eyRXbA%7CQ4XyReX%7CQHXybzX%7CRXbAyH.ejncn%3DXjncm%3DXjUSy%3Db4.&sU8=X&SSS=.U)5r(hyz7O%3D&7f=X&7sgxZ=R&nIZgI=A.X&n7I=4AQQbR&S-x=H.zQb&EIcmZ=R&npW=1yWVvvp(yA&dpUmZW=R&-pItSp7s=Uv*520-J505rq2(Ab5hhxIsz_o2b7DX(.LI4bEAgq-al_raNdEatvV%3D%3D&EmJm=R&7c7I=z&pI8=gs8WcUtZ%20Mt-hc&ccS-ZN8WZ=z&mV7I=mXRQzzbAHRAzUbXb4RbRAR4XR&ccJI=%7B%22cc7m%22%3A%22b.Xb%3Axx-e%3AXXXb%3AXXXX%3AXXXX%3AXXXX%3AXXXX%3AXXXX%22%2C%22cc--%22%3A%22Oq%22%2C%22ccc-%22%3A%22(k%22%2C%22cc-UE%22%3A%22nhxxpJt%22%7D&2USJcZ-=R&sflct=8451290&U-xN-Sm=R&ure=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.55.127 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.55.160.34.bc.googleusercontent.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:17 GMT
via
1.1 google
strict-transport-security
max-age=63072000
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform-Version
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Tue, 12 Dec 2023 19:55:50 GMT
container.html
37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6CAA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://seufinanciamento.99carsforsale.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 13:01:16 GMT
expires
Fri, 13 Dec 2024 13:01:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 6CAA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CcdDjnPx6ZfujOOuZo9kPk9GtgAu-laSvbPfa0tOsDMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTk0MzkxMDYyMDU1ODc5NzbIAQngAgCoAwHIAwKqBIQCT9AQI6RCKNc3KZ4ORbIhmoAB8LJqPlzflpqZbz8xpRaXlc7IrukXuYzM1sSPr0yZSJp0ErIzp9Dr9BOSkTUGocsWwFFryyxy2uhEPPDPjgqdBc-Hj4iRnsymX-KifmWYPatmAlpRqmXeYJveM5T5jcOzRDgTqSh7zhMaGV_snlzvveAvnVFyrP6jdoFX64xzmjiw6tOSRjXgiORPr33U8f7Fguh1glh4ef6UraISydwcdG_LiaI1qB423QohUHyGwKcYMEMLZ5IFRs0Cti8rSPeDD9l9QwaXkMOUaftJrh9qEDo1FA6Nw5krN4CWgBDA4Op58yDvt8L0ysQ2y6AJkLU8McDgBAGABtm_y7TJ2PXCaKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljS-uuH_o6DA4AKAfoLAggBgAwB4g0TCOWs7If-joMDFevMKAUdk2gLsNAVAYAXAbIXHAoaEhRwdWItOTQzOTEwNjIwNTU4Nzk3Nhjel2k&sigh=sHtjtTF_HKs&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_vfVUbXTCInSIYyMe_XscBsL-ZeQQ2URyJOYJDGrSwNXDXS3sY1t3OIALncKwMpnTpMeav_66GAE
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
log
hblg.media.net/ Frame 6CAA 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwKELwQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAASjkwNTkyNTcxMTI3N18xODkwMDEzNjQzXzExNjIxMTA5MTQ2MDFAZGI0MTA0MDJhMjcwN2NhNGJiZGVlZjUxOGVjZTdkMDaYB83MzMzMzOw_VGh0dHBzOi8vc2V1ZmluYW5jaWFtZW50by45OWNhcnNmb3JzYWxlLmNvbQRVUwDoAU1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2RHNldWZpbmFuY2lhbWVudG8uOTljYXJzZm9yc2FsZS5jb20SOENVVTlKRjhICA4zMzZ4MjgwCjAuMzI0DmVhc3Rfc2MGQURYCAhudXJsAAAAAAAAAFVA7JbWho1jAjEAAAAAAADwv0BydGItYXBwbmV4dXMtN2RjNzRmYmRkYy1zcDg0OC5TQz4xNzAwMDgwODA3Njg0MDAwMzM2MDI4MDAwMDU5NTAwAhA2YzgxN2Y5ZgJkAg
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.36.23 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-36-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:17 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 14 Dec 2023 13:01:17 GMT
log
qsearch-a.akamaihd.net/ Frame 6CAA 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=db410402a2707ca4bbdeef518ece7d06&algo=default&bdp=0.9000&bidfp=0.0100&capd=0&cc=US&cid=8CUU9JF8H&crid=116211091&ct=buffalo&dc=east_sc&dfpbd=0.3240&dn=seufinanciamento.99carsforsale.com&iwb=1&ogcbdp=0.9000&other_bids=0.9&other_prv=460&pbshr=100.0000&prdp=0.3240&requrl=seufinanciamento.99carsforsale.com%2F&sat=1&sc=NY&sc_pvid=460&send_erpm=true&server=1&size=336x280&strg=harmony&totalTime=4839909&ugd=4&ver=9.6.4&cliIP=0&time_stamp=2023-12-14%2013%3A01%3A17&seat=BID_API&itype=adx&req_id=Okc0oTeph0r4W_9Bhi-i1w&dfp_bucket=0.3&level_base=0&bdp_bucket=1.0&app_type=adx_test&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.109%20Safari%2F537.36&br_ver=120.0.6099.109&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&model_key=generic_adx_1-cid_0&ogerpm=0.9000&ogerpm_used=false&rawbid=0.9000&totalTimeBucket=4&as_cache=1&sub_bidder=196&current_day=4.0&current_hour=12&cut=64&floor_bucket=0.00&model_version=202312131802_generic_adx_1-cid_0&erpm_bucket=1.00&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=1&viewability=0.8400&pvid_seat=460_BID_API&ckfl=0&mnckfl=0&sd=1&predicted_wr=56.9767&bdp_wider_bucket=1&adblk=73542141&dim10=false&dmm_m9=0.0000&log_less=true&cut_bkt=65&advurl=related.investorfocus.net%2F&dmm_d10=0.0000&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&e_rpm=0.0000&bdr_typ=1&clisp=rtb-appnexus-7dc74fbddc-sp848.SC&dmm_m1=2023-12-14%2013%3A01%3A17.112342482&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss=NA&ss_d1=0&ss_d2=0&dmm_m22=0.9000&adtyp=0&gpid_sent=false&pst=EMS&bcrid=1700080807684000336028000059500&erpm_mult=1.000000&zone=d&rc=-1&ecp_p50=3.646705584374735&ecp_p75=7.272213082147544&ecp_avg=0.02&ecp_status=Success&ecp_used=q05&ecp_rtime=1603.0&sfm_key=mowx_8CUU9JF8H_460&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=17&wsip=mowx-lite-64f849678b-k6jlb&rel_cut_bkt=65&ecp_ver=multiquantile&djvm=9.5.8&ecp_p25=1.9431512605407282&ecp_p60=4.714443261351789&ecp_p70=6.202748547239967&ecp_p80=8.803016307324146&ecp_p85=11.121755705315598&ecp_p90=15.359488924129925&ecp_p95=27.680834345273738&ecp_p99=94.61068091793322&optimal_cut=0.0&cut_cluster=0.0
Requested by
Host: seufinanciamento.99carsforsale.com
URL: https://seufinanciamento.99carsforsale.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.222.4.155 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-4-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:01:17 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 14 Dec 2023 13:01:17 GMT
nmedianet.js
contextual.media.net/ Frame 6CAA 		100 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.112.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-112-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d24c9c0f0a1695c98f172ae2a2be1add7b170f1205f1a4e4c87fdc487febd2e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-mnt-h
22-s1v0
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 14 Dec 2023 13:01:17 GMT
server
Apache
etag
"ea68222702e5bfd953e5d70b51e66ba3"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-5h9m
timing-allow-origin
*
content-length
38736
expires
Thu, 14 Dec 2023 13:06:17 GMT
release-20231121-135-adperformance.js
warp.media.net/rtb/resources/ Frame 6CAA 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.200.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-200-28.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Thu, 14 Dec 2023 13:01:17 GMT
x-guploader-uploadid
ABPtcPo5Vei9sOmLBvFL0QA5JkYOIs0tPNaY2-23OajAozrU4-eg8mIO0T8S57pTPcV0tQ1h8nY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25147
server
UploadServer
etag
"841dabce0b477a93d9cf7379b9eb1368"
vary
Accept-Encoding
x-goog-hash
md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type
application/javascript
x-goog-generation
1700562102250666
cache-control
max-age=3600
x-goog-stored-content-length
73447
expires
Thu, 14 Dec 2023 14:01:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6CAA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 15:10:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
78646
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 15:10:31 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6CAA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 15:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
78648
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 15:10:29 GMT
l
www.google.com/ads/measurement/ Frame 6CAA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT8U2caFzr_VJreFah_SZfcCGYlpl-DgnGMm5kZjTaW-jTSjx2pmsYzMtE1iYX4timi6WTVpu5pPK4-0q2ftX80O-NfJQ
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6CAA 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 21:07:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
143611
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 11 Dec 2024 21:07:46 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6CAA 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 13:01:18 GMT
browserfp.min.js
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 6CAA 		131 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.46.150.66 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-46-150-66.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
9e5f93f14d46d083005f3807479570e6c957c151f77dcf18dd89cd6156105275

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 13:01:17 GMT
Content-Encoding
gzip
x-powered-by
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Access-Control-Max-Age
1800
Connection
keep-alive, Transfer-Encoding
Transfer-Encoding
chunked
Expires
Thu, 14 Dec 2023 13:06:17 GMT
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 9C08 		79 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3434&&kkdd=*H%7C3%7CAH9n*&En=zHh*66kkHHk6U*Uz~hk&)Sm(=h&icmA=h&JSE=zzuh&wcJ2=0uUH&JnS=k.OH!HHzY&JmJS=!J8)ly-g7tY-az775((tJs%3D%3D&J(nS=UH6KUKuuk&cnv2=uuKy*kh&JJ=Oq&cJ=L0&JZPi=Nj3CDf1&mnS=kpD3Ub4Hf&wmnS=9t6UKq~&Zwwmc=z&(((=wv35Z0Je505HYSxCsUqt7_tJ3bBh4lC5!0Z4lSlx.guITtlJDIi.UQm(9hfOsK!b&Pc2=6&es=z&g)S=U&ASwz=k.OO~tMkN&ASw*=zzK*zzh~z&TSAwA=cS*%3DPgeeVng(e7e%3DzhVl)2(mi%3DhX~VSli7T%3DhX6uVcJS%3DPaV(A2%3Dh%2ChVSli7e%3D*hVEe*(7cS%3D*h*uz*zUhuVng(e7T%3DHu6XU6Vg(e7wdJ%3DhVg(e7(*A7T%3DhVcwS%3DHu6U*zUzViP7T2Z7Tllcw%3DhXk~V(Aw%3DhXhhh%2ChVnm%3Dz~tU9pATm.dxnzE.LTO6v*V_TT%3DzUVTZ7ni%3DukV(nnmgA%3D6H%2C6HV(J%3DzV(ncgnS%3Dh%2ChV(mc7cS%3D*h*uz*zUhKV(ASE%3DhXhhh%2ChVg(e7T%3DzXz6VEe*(7g(e7T%3DhVg(e7e%3DzhVceE%3D*uXK*V)JAw%3D5zhVTT%3Dz~KV2(mi%3DhX~VEe*(7g(e7dJ%3DhYhVmcn7J%3D~%2Cu%2Ch%2Ch%2Ch%2Ch%2Ch%2ChVTi%3DzVmcn7S%3DU~~*V(d2%3Dh%2ChVAum7T%3DzuX*u%2CzhuXUkVcS%3DzVgnS%3D*LAQip!--ZebTUqJeNVJEe*(7T%3DUX*KVTwS%3D**u~kzuuKU~u6uz~6~kk6U~6*6~z*zuH6uzHH~*~uKzzhK6*kK*zk~kukz~HKUz6hKuHU6HkzzUH66zzHKu*uHHzuHk6uUkhh~6uuUUVgni%3DhV(dw%3DhXhhh%2ChVl)S*m7T%3DhX~kVcc%3DfjVJJ%3DOqVdT7Se%3DmwVgns%3D5zVJ2%3DhV(JE%3DUzXHzV.L%3DuhKzVdT7gJ%3DzVPwc%3DUVdT7ge%3DmwVdT7JJdc%3DhVJw%3DTg__AelVTcc7B94%3Dfj%2CfjVTAcnc*%3Dz~KVTAcncz%3Dz~KVdT7ww%3DhVTZ7cS%3D*h*uz*zUhzVSJ%3DkVEe*(7T%3DzuX*uVww%3DU~~zVEs72yJ%3DhXkUVEnc7cS%3Duu~Vg(e7(mc7T%3DzUXzzVTZ7Jl%3DhVSJ*%3DzVE7AcP%3D*h*HkVCp%3DXocAe2XoVeAcw%3DVJEl)%3DUX*KVEnc7g(e7T%3DhX6VEe*(7n7cS%3D*h*uz*zu*uVEnc7g(e7e%3DhV2w%3D*kVEe*(7n7T%3DhXh6VEnc7T%3DHu*XhKVEe*(7g(e7En%3DzY5zKVg(e7wEn%3DhVEE%3DhVJEe*(7cS%3Duu~V(_E%3DUzXHzVe*(7T%3DzhhhV(ASm%3DhXhhh%2ChVcnS%3DUH6KUKuukVg(e7(mc7dJ%3DhVdT7c(J%3DdTTVEsg%3DhXkUVS*m7e%3DzhVJEe*%3DUX*KVumJ_%3D~~~XuHVl)7icZ%3DhXuKVSii7cw()%3DZA(ilPaVS*m7T%3DhX~~V(mc7T%3DzhuXUkVg(e7c(mc7T%3DzUXzV(dsm%3DhXhhh%2ChVCp*%3DXocAe2XoV(dsS%3DhXhhh%2ChVnc32_%3DhVpM%3DhVncn_%3DhVg(e7(mJ7T%3DhVTnS%3DhX~VdT7mw%3Dj(wnJe2Vg(e7(mc7(E%3DhVJTSm%3DhXu*UVcS%3DzVnwam27nS%3DzHVc2ee2(7wA)7nS%3DHu6U*zUzVcgmmea7wA)7nS%3DVS2w2Jw2S7wA)7nS%3DVEn2sATnenwa%3DhXkUVmlc%3DzVAJ7wam2%3DzVASTed%3DHu6U*zUzVAim%3DzVl)TnS%3DhX~hhVT_e(%3DhXhzhVcgnS%3D.jYqYfbkHut3dI_P5O3B71L6eClVSwJ%3D2Acw7cJVSii72(mi%3D_Aec2VSii%3DZA(ilPaVTSmJAmS%3DhVSAe)%3DS2_AgewVclTm%3DVynS%3DjWF5mgT5~Uu~zhK*h66kH~HKVZwie%3DzVSJgw%3DK6VSl)T%3Dh5zV2Jm7gc2S%3D8h6V2Jm7mh6%3DhXKhkhuh6zKzh~HkkV2Jm7mzh%3DzXhhHHkukukKu6Hk~zV2Jm7mz6%3DzXuuk*~zHK*~z*KhKuV2Jm7m*h%3DzXK*~KK6*UzhuKk~z6V2Jm7m*6%3DzX~Uuz6z*Kh6UhH*k*V2Jm7muh%3D*X*UHhhK6h*h6hK*~UV2Jm7mu6%3D*X6K6KkKHhUU~K*zHuV2Jm7mUh%3D*Xk~~h*HK*U**6z~HV2Jm7mU6%3DuX*6khKuzU~~kuh6KV2Jm7m6h%3DuXKUKHh66kUuHUHu6V2Jm7m66%3DUXzhhh*~K~K~hHkHV2Jm7mKh%3DUXHzUUUu*Kzu6zHk~V2Jm7mK6%3D6XuKHu*u*zh~ukH~KV2Jm7mHh%3DKX*h*HUk6UH*u~~KHV2Jm7mH6%3DHX*H**zuhk*zUH6UUV2Jm7mkh%3DkXkhuhzKuhHu*UzUKV2Jm7mk6%3DzzXz*zH66Hh6uz66~kV2Jm7m~h%3Dz6Xu6~Ukk~*Uz*~~*6V2Jm7m~6%3D*HXKkhkuUuU6*HuHukV2Jm7m~~%3D~UXKzhKkh~zH~uu**VnTJ%3DzVPcv%3DUVw)c%3D*6hy*6h%7Cuhhy*6h%7Cu*hyzhh%7CuuKy*khVTcT%3DhVTcm%3DhVwiy%3D*zK&PwE=h&iii=AC.k.)~UUAae6bn5AQC(_C5kkgE1Ugd)(nCPljJiHDd%3D&ns=uuK&nPL_(=z&TS(LS=UKh&TnS=uU~~6K&iJ_=HK6~*&aScm(=z&TA2=-y2)vvAfyy&dAwm(2=z&JASliAnP=wv35Z0Je505NqZfU*5gg_SP6DFZ*n.hfK8Su*aULqJxbDNx7daxlv)%3D%3D&amem=z&ncnS=6&ASE=LPE2cwl(%20MlJgc&cciJ(7E2(=6&m)nS=mhz~66*UHzU6w*h*uz*zUzuhz&cceS=%7B%22ccnm%22%3A%22*Kh*%3A__Jk%3Ahhh*%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22ccJJ%22%3A%22Oq%22%2C%22cccJ%22%3A%22f1%22%2C%22ccJwa%22%3A%22Tg__Ael%22%7D&Zwiec(J=z&sflct=6211125&wJ_7Jim=z&ure=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.112.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-112-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c106788c8f2a410a48d49d4e0b7e689c16a8193759c27f83d3950f9f23e653ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
31735
content-type
text/html
date
Thu, 14 Dec 2023 13:01:18 GMT
expires
Thu, 14 Dec 2023 13:01:18 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-lahh
bping.php
lg3.media.net/ Frame 6CAA 		35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=3179&&vgd_cdv=1130&vgd_cage=1&vgd_tsce=L347&vgd_mcf=76592&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=475646338&vi=1702558877854241908&ugd=4&lf=6&cc=US&sc=IL&vsid=3455604766633856&lper=100&wsip=170785052&r=1702558877891&rrr=tzR-hLcl-L-7EdjMw4SJ_fJcRVK0WoM-QLhWodojCu3ZbJocOZmC4GprT0NUw6QV&requrl=https%3A%2F%2Fseufinanciamento.99carsforsale.com%2F&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.i~OmYMGv9.XA~QNOvz5~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fAufuH9A~8xLjMGvhAX.HX~xLjM7UNv9~xLjMLf1MGv9~Q7OvhAXHfuHu~YzMGJwMGmmQ7v9.Wi~L17v9.999%2C9~8Evui6H_01GE%3DUd8ue%3DVGPXlf~kGGvuH~GwM8YvAW~L88Ex1vXh%2CXh~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fAufuH9F~L1Oev9.999%2C9~xLjMGvu.uX~ejfLMxLjMGv9~xLjMjvu9~QjevfA.Ff~yN17vou9~GGvuiF~JLEYv9.i~ejfLMxLjMUNv949~EQ8MNvi%2CA%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOvHiif~LUJv9%2C9~1AEMGvuA.fA%2Cu9A.HW~QOvu~x8OvfV1ZY0gRRwj%2FGHbNjq~NejfLMGvH.fF~G7OvffAiWuAAFHiAXAuiXiWWXHiXfXiufuAhXAuhhifiAFuu9FXfWFfuWiWAWuihFHuX9FAhHXhWuuHhXXuuhFAfAhhuAhWXAHW99iXAAHH~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~UGMOjvE7~x8Bvou~NJv9~LNevHu.hu~%3DVvA9Fu~UGMxNvu~z7QvH~UGMxjvE7~UGMNNUQv9~N7vGxkk1jm~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~UGM77v9~GwMQOvf9fAufuH9u~ONvW~ejfLMGvuA.fA~77vHiiu~eBMJ-Nv9.WH~e8QMQOvAAi~xLjMLEQMGvuH.uu~GwMNmv9~ONfvu~eM1Qzvf9fhW~c0v.*Q1jJ.*~j1Q7v~NemyvH.fF~e8QMxLjMGv9.X~ejfLM8MQOvf9fAufuAfA~e8QMxLjMjv9~J7vfW~ejfLM8MGv9.9X~e8QMGvhAf.9F~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvAAi~LkevHu.hu~jfLMGvu999~L1OEv9.999%2C9~Q8OvHhXFHFAAW~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.WH~OfEMjvu9~NejfvH.fF~AENkviii.Ah~myMYQwv9.AF~OYYMQ7Lyvw1LYmz5~OfEMGv9.ii~LEQMGvu9A.HW~xLjMQLEQMGvuH.u~LUBEv9.999%2C9~c0fv.*Q1jJ.*~LUBOv9.999%2C9~8QDJkv9~0sv9~8Q8kv9~xLjMLENMGv9~G8Ov9.i~UGME7vKL78NjJ~xLjMLEQMLev9~NGOEv9.AfH~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvhAXHfuHu~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.WH~EmQvu~1NM75EJvu~1OGjUvhAXHfuHu~1YEvu~myG8Ov9.i99~GkjLv9.9u9~Qx8Ov%3DK4b4I%2FWhA6DU2kzoPDCM3VXjcm~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~QmGEv~-8OvKrtoExGoiHAiu9Ff9XXWhihF~w7Yjvu~ONx7vFX~OmyGv9ou~JNEMxQJOv%209X~JNEME9Xv9.F9W9A9XuFu9ihWW~JNEMEu9vu.99hhWAWAWFAXhWiu~JNEMEuXvu.AAWfiuhFfiufF9FA~JNEMEf9vu.FfiFFXfHu9AFWiuX~JNEMEfXvu.iHAuXufF9XH9hfWf~JNEMEA9vf.fHh99FX9f9X9FfiH~JNEMEAXvf.XFXFWFh9HHiFfuhA~JNEMEH9vf.Wii9fhFfHffXuih~JNEMEHXvA.fXW9FAuHiiWA9XF~JNEMEX9vA.FHFh9XXWHAhHhAX~JNEMEXXvH.u999fiFiFi9hWh~JNEMEF9vH.huHHHAfFuAXuhWi~JNEMEFXvX.AFhAfAfu9iAWhiF~JNEMEh9vF.f9fhHWXHhfAiiFh~JNEMEhXvh.fhffuA9WfuHhXHH~JNEMEW9vW.W9A9uFA9hAfHuHF~JNEMEWXvuu.ufuhXXh9XAuXXiW~JNEMEi9vuX.AXiHWWifHufiifX~JNEMEiXvfh.FW9WAHAHXfhAhAW~JNEMEiiviH.Fu9FW9iuhiAAff~8GNvu~zQlvH~7yQvfX9-fX9%7CA99-fX9%7CAf9-u99%7CAAF-fW9~GQGv9~GQEv9~7Y-vfuF&ssld=%7B%22QQ8E%22%3A%22fF9f%3AkkNW%3A999f%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22I3%22%2C%22QQN75%22%3A%22Gxkk1jm%22%7D&vgd_bid=349956&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=20278&vgd_rakh=1702558877172241915&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_pgid=p01955247145t202312141301&vgd_pgids=1&vgd_uspa=0&vgda_l1btm=%5B%22SPAMPXL%22%5D&hvsid=00001702558877885016112663388146&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=2
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.200.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-200-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 14 Dec 2023 13:01:17 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 14 Dec 2023 13:01:17 GMT
checksync.php
contextual.media.net/ Frame F06E 		27 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.112.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-112-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8d76a6d198239cff30bb1bdb6e410a19e3170189ba9ec8e7eb79a70cfbf05bdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9627
content-type
text/html; charset=UTF-8
date
Thu, 14 Dec 2023 13:01:17 GMT
expires
Sat, 16 Dec 2023 13:01:17 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 6CAA 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?pixel_len_bucket=6664&logid=awlog&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CUU9JF8H&reqid=Okc0oTeph0r4W_9Bhi-i1w&vid=Okc0oTeph0r4W_9Bhi-i1w&dn=seufinanciamento.99carsforsale.com&rawDn=seufinanciamento.99carsforsale.com&requrl_dn=seufinanciamento.99carsforsale.com&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Fseufinanciamento.99carsforsale.com&cliIPV6=2602%3Affc8%3A0002%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=NY&ct=buffalo&zip=14202&pubid=pub-ADX-116310109131&tgtval=pub-ADX-116310109131&csip=rtb-appnexus-7dc74fbddc-sp848.SC&dtc=east_sc&zone=d&sd=1&ptype=23&tmax=300&xtmax=300&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&asn=20278&sckfl=1&suid=CAESENV873JRkZfn-URK_YI5lMo&sckfl2=0&smbrid=adx-1&usp_status=0&usp_enf=1&mspa_enforced=true&gqid=AD8Fdm4z84hROF-tPAsc2_LGLdYNeUdiEHq16Y6xkRna05pdUnn15Fy-AX-JHFDrfBbUapPU&pexid=ADX-pub-9439106205587976&geoll=false&is_ortb=false&commit_id=6c817f9f&ocurr=USD&omul=1.0&currsrc=NEXUS&currsrc_date=2023-12-13+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&is_msnnative_src=false&proxy=envoy&rtttime=105&req_tid_present=false&pvid=460&prvAccId=475646338&prvApiId=8CU7Q771E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=116211091&prspt=headerBid&prvReqId=905925711277_1890013643_1162110914601&size=336x280&chnl=HARMONY&bdp=0.900&bid_uuid=5568c45e4e088b19f04000b917983d6f&cbdp=0.324&og_cbdp=0.900&ogbdp=0.9&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Frelated.investorfocus.net&dfpBd=0.324&dsrc=-2&dp=0&dbf=1&epc=475646338&s=1&snm=SUCCESS&pcrid=8CU7Q771E-475646338-50-17&tpbTkn=false&exid=218&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=84&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1702558877110&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.9&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080807684000336028000059500&strg=HARMONY&vls=0&scrid=1700080807684000336028000059500&mang=1&pvdTmax=216&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sdr=false&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CU7Q771E&mx_SPRIG=2&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUU9JF8H&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=4&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=250x250%7C300x250%7C320x100%7C336x280&mx_bsProfileRa=0&mx_IAB2=2&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=e647832764&mx_exp_tokens%3C%3E=IPBLOCK_DM%3AGCS%23%23launchexp%3Atoken1%23%23bsNed%3AnoAdd%23%23ctx_canonical_exp%3ADEFAULT%23%23NedCkflWithData%3ADEFAULT%23%23prll_req%3ADEFAULT%23%23NedCkfl%3ADEFAULT%23%23BssTgtMig%3ADEFAULT&acid=db410402a2707ca4bbdeef518ece7d06&rtime=52.0&wsip=mowx-lite-64f849678b-k6jlb&ltime=59.0&act=headerBid&abs=0%7C0%7Cxtmax%3D300%7Cbrr%3D1&adtypes=0&adblk=73542141&impId=1&reftime=0&reftype=0&psrc=fail&mowxReqId=db410402a2707ca4bbdeef518ece7d06_1&policy_enf=2&pub_blk_enf=1&req_size=300x250%7C336x280%7C320x100%7C250x250&renderer=1&ifst=0&iframingState=0&ifdp=0&slotVisibility=1&adpos=1&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&feedback_id=Okc0oTeph0r4W_9Bhi-i1w_1&supplyTagId=73542141&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&debug_ts=2023-12-14+13%3A01%3A17&__expireat=1702559477367&mview=1&lo_pvid=%5B460%5D&lo_dp=0&lo_bdp=0.900&lo_cbdp=0.324&actltime=60&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.9~dom_b%3D0.53~scd%3Dny~rae%3D0%2C0~dom_l%3D20~vl2r_sd%3D2023121403~iurl_b%3D735.45~url_tkc%3D0~url_r2a_b%3D0~std%3D73542141~mn_beh_boost%3D0.89~rat%3D0.000%2C0~ip%3D19J4TPabpCkji1vCIbU5z2~fbb%3D14~bh_im%3D38~riipua%3D57%2C57~rc%3D1~risuid%3D0%2C0~rps_sd%3D2023121406~radv%3D0.000%2C0~url_b%3D1.15~vl2r_url_b%3D0~url_l%3D10~slv%3D23.62~gcat%3D-10~bb%3D196~erpm%3D0.9~vl2r_url_kc%3D0E0~psi_c%3D9%2C3%2C0%2C0%2C0%2C0%2C0%2C0~bm%3D1~psi_d%3D4992~rke%3D0%2C0~a3p_b%3D13.23%2C103.48~sd%3D1~uid%3D2IaGmPQBBhlVb4SclH~cvl2r_b%3D4.26~btd%3D2239813364935319598854952591213753177929361106528621898381976415063745781147551176323771378534800953344~uim%3D0~rkt%3D0.000%2C0~ogd2p_b%3D0.98~ss%3DNA~cc%3DUS~kb_dl%3Dpt~uiw%3D-1~ce%3D0~rcv%3D41.71~CI%3D3061~kb_uc%3D1~nts%3D4~kb_ul%3Dpt~kb_ccks%3D0~ct%3Dbuffalo~bss_KTW%3DNA%2CNA~basis2%3D196~basis1%3D196~kb_tt%3D0~bh_sd%3D2023121401~dc%3D8~vl2r_b%3D13.23~tt%3D4991~vw_exc%3D0.84~vis_sd%3D339~url_rps_b%3D14.11~bh_co%3D0~dc2%3D1~v_asn%3D20278~MP%3D.*sale.*~last%3D~cvog%3D4.26~vis_url_b%3D0.5~vl2r_i_sd%3D2023121323~vis_url_l%3D0~et%3D28~vl2r_i_b%3D0.05~vis_b%3D732.06~vl2r_url_vi%3D1E-16~url_tvi%3D0~vv%3D0~cvl2r_sd%3D339~rfv%3D41.71~l2r_b%3D1000~radp%3D0.000%2C0~sid%3D475646338~url_rps_kc%3D0~kb_src%3Dkbb~vwu%3D0.84~d2p_l%3D10~cvl2%3D4.26~3pcf%3D999.37~og_msh%3D0.36~dmm_strg%3Dharmony~d2p_b%3D0.99~rps_b%3D103.48~url_srps_b%3D14.1~rkwp%3D0.000%2C0~MP2%3D.*sale.*~rkwd%3D0.000%2C0~isRef%3D0~PF%3D0~isif%3D0~url_rpc_b%3D0~bid%3D0.9~kb_pt%3DArticle~url_rps_rv%3D0~cbdp%3D0.324%7Esd%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D73542141%7Esupply_tag_id%3D%7Edetected_tag_id%3D%7Eviewability%3D0.84%7Epos%3D1%7Eac_type%3D1%7Eadblk%3D73542141%7Eamp%3D1%7Eogbid%3D0.900%7Ebflr%3D0.010%7Esuid%3DCAESENV873JRkZfn-URK_YI5lMo%7Edtc%3Deast_sc%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Ddefault%7Esobp%3D%7Exid%3DADX-pub-9439106205587976%7Ehtml%3D1%7Edcut%3D65%7Edogb%3D0-1%7Eecp_used%3Dq05%7Eecp_p05%3D0.608030516109788%7Eecp_p10%3D1.0077838386357891%7Eecp_p15%3D1.3382917629126063%7Eecp_p20%3D1.6296652410368915%7Eecp_p25%3D1.9431512605407282%7Eecp_p30%3D2.2470065020506294%7Eecp_p35%3D2.5656867044962173%7Eecp_p40%3D2.899027624225197%7Eecp_p45%3D3.258063149983056%7Eecp_p50%3D3.646705584374735%7Eecp_p55%3D4.10002969690787%7Eecp_p60%3D4.714443261351789%7Eecp_p65%3D5.367323210938796%7Eecp_p70%3D6.202748547239967%7Eecp_p75%3D7.272213082147544%7Eecp_p80%3D8.803016307324146%7Eecp_p85%3D11.121755705315598%7Eecp_p90%3D15.359488924129925%7Eecp_p95%3D27.680834345273738%7Eecp_p99%3D94.61068091793322~ibc%3D1~nsz%3D4~tgs%3D250x250%7C300x250%7C320x100%7C336x280~bsb%3D0~bsp%3D0~tmx%3D216&utime=797&sf=0&cpr=0.6441035283872676
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.36.23 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-36-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:17 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 14 Dec 2023 13:01:17 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 24D8 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
74391
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 16:21:26 GMT
etag
48472445140208031
expires
Thu, 14 Dec 2023 16:21:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6CAA 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac0bca0936bc00c47199d13edfdbb58b733cf1865f2f492388b76878c2948986

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 24D8 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDqo1OWHgPmcehaphAcIlvc&google_cver=1&google_push=AXcoOmQJBc5UW_S_S7c28YtZg1e7oxBYQMWDepGhbJvtV4f8iJT4NtrcsaYX_4q2D5N93DIqhgZHQds7F_coLTAUJJksMK939J7yyw4
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f1c:a99:832c:2412:5a3c:977a:e751 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 24D8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOU8yjWkg9NX8b2UqvVghlw&google_cver=1&google_push=AXcoOmRmwpiiMkRwqItk-o89NCJSW8nVMGsb3DPCLJ7NafzusEfp0Zt-VBp6Olu-k7XmwDL0cOfXV7RhgkYb-7r0WG...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTQ5ZWNlZTgtOTAyMi00NmFhLTk3MzEtZmY1NzdkZGYxOWMx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e49ecee8-9022-46aa-9731-ff577ddf19c1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTQ5ZWNlZTgtOTAyMi00NmFhLTk3MzEtZmY1NzdkZGYxOWMx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e49ecee8-9022-46aa-9731-ff577ddf19c1
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTQ5ZWNlZTgtOTAyMi00NmFhLTk3MzEtZmY1NzdkZGYxOWMx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e49ecee8-9022-46aa-9731-ff577ddf19c1
date
Thu, 14 Dec 2023 13:01:17 GMT
server
Kestrel
content-length
423
pixel
cm.g.doubleclick.net/ Frame 24D8
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESECkvhfF23v3MOsE3W3Abtmk&google_cver=1&google_push=AXcoOmT-oOdDueT2CRsxFcpDiA97f8nLj-IxlaBRnuKjqe4FxI0i7ImqHoYCtNnFNc1nl6Qd0XQWw6nnQTn8iohD...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ZFsifyJaS48-Pq0F5fnPZA&google_push=AXcoOmT-oOdDueT2CRsxFcpDiA97f8nLj-IxlaBRnuKjqe4FxI0i7ImqHoYCtNnFNc1nl6Qd0XQWw6nnQTn8iohDvqLen5-kZyS4Cw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ZFsifyJaS48-Pq0F5fnPZA&google_push=AXcoOmT-oOdDueT2CRsxFcpDiA97f8nLj-IxlaBRnuKjqe4FxI0i7ImqHoYCtNnFNc1nl6Qd0XQWw6nnQTn8iohDvqLen5-kZyS4Cw
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 14 Dec 2023 13:01:22 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ZFsifyJaS48-Pq0F5fnPZA&google_push=AXcoOmT-oOdDueT2CRsxFcpDiA97f8nLj-IxlaBRnuKjqe4FxI0i7ImqHoYCtNnFNc1nl6Qd0XQWw6nnQTn8iohDvqLen5-kZyS4Cw
x-host
tde-deliveryengine-production-5945689648-df77x
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 24D8
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEN4RhjzfXY4xvSxkTraRgCM&google_cver=1&google_push=AXcoOmRxZqkrvxIbMi-AQTOIb8U2A8mYRFo1utLwIozMxk3zx74IHJNTS7zRVPTj_qNt7N0RfMNFHlTev5uZohaCc6rUXLk2O...
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=864656434753&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=864656434753&us_privacy=1---
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=864656434753&us_privacy=1---
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 24D8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGlvh2g3pgs09vMpDR8mfpE&google_cver=1&google_push=AXcoOmSPqbIf_tDAIJvTp5PpxxXZ1z7wxN7UgbFybRqgCFfQRi2G_cdof9W5s8o1YzYeF_9sy0OOYxa4MB7av...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEGlvh2g3pgs09vMpDR8mfpE&google_push=AXcoOmSPqbIf_tDAIJvTp5PpxxXZ1z7wxN7UgbFybRqgCFfQRi2G_cdof9W5s8o1YzYeF_9sy0OOYxa4MB7av...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSPqbIf_tDAIJvTp5PpxxXZ1z7wxN7UgbFybRqgCFfQRi2G_cdof9W5s8o1YzYeF_9sy0OOYxa4MB7avK1m075f2N2gv2N6SRQG&google_hm=MHV5UUl1bk9fR1Q1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSPqbIf_tDAIJvTp5PpxxXZ1z7wxN7UgbFybRqgCFfQRi2G_cdof9W5s8o1YzYeF_9sy0OOYxa4MB7avK1m075f2N2gv2N6SRQG&google_hm=MHV5UUl1bk9fR1Q1aHZIN2hEYnQ=
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:01:18 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSPqbIf_tDAIJvTp5PpxxXZ1z7wxN7UgbFybRqgCFfQRi2G_cdof9W5s8o1YzYeF_9sy0OOYxa4MB7avK1m075f2N2gv2N6SRQG&google_hm=MHV5UUl1bk9fR1Q1aHZIN2hEYnQ=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
240
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 24D8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGERjlF1bVXvDHLdkFZZLBU&google_cver=1&google_push=AXcoOmRiInN1oJlwA-zG-E_JjFz2xkQof1y-y8FDBEhOxV9yiuDPUe94o9PSegqOLbHfxKpIlml0reBE8WNb...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRiInN1oJlwA-zG-E_JjFz2xkQof1y-y8FDBEhOxV9yiuDPUe94o9PSegqOLbHfxKpIlml0reBE8WNbXbOr9UNKIey8CcHHd0vs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRiInN1oJlwA-zG-E_JjFz2xkQof1y-y8FDBEhOxV9yiuDPUe94o9PSegqOLbHfxKpIlml0reBE8WNbXbOr9UNKIey8CcHHd0vs
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRiInN1oJlwA-zG-E_JjFz2xkQof1y-y8FDBEhOxV9yiuDPUe94o9PSegqOLbHfxKpIlml0reBE8WNbXbOr9UNKIey8CcHHd0vs
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 24D8
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESELa40RsLhtHP1AnuuPGkG_w&google_cver=1&google_push=AXcoOmTVfKDIk6SOEyMRMfUYFrSSc6-KsVMDvS-FkiPzNOr-lUHecRPkAXkPnZXwqsr...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTVfKDIk6SOEyMRMfUYFrSSc6-KsVMDvS-FkiPzNOr-lUHecRPkAXkPnZXwqsrSw4Z6AfdHfrPLFjepjkT1MLk-W9DpEV65Mf1aig
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTVfKDIk6SOEyMRMfUYFrSSc6-KsVMDvS-FkiPzNOr-lUHecRPkAXkPnZXwqsrSw4Z6AfdHfrPLFjepjkT1MLk-W9DpEV65Mf1aig
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
ac6f8e0.1553ee13
date
Thu, 14 Dec 2023 13:01:18 GMT
x-bytefaas-request-id
20231214130118B5D59C87C82D75EC9F73
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-231214130118B5D59C87C82D75EC9F73-44FB88A3555337F2-00
x-cache
TCP_MISS from a23-222-12-13.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-parent-response-time
68,23.222.12.13
server-timing
cdn-cache; desc=MISS, edge; dur=7, origin; dur=62, inner; dur=59
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231214130118B5D59C87C82D75EC9F73
x-cache-remote
TCP_MISS from a23-202-158-152.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTVfKDIk6SOEyMRMfUYFrSSc6-KsVMDvS-FkiPzNOr-lUHecRPkAXkPnZXwqsrSw4Z6AfdHfrPLFjepjkT1MLk-W9DpEV65Mf1aig
x-bytefaas-execution-duration
56.49
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
01965e57ee8c82c6f229ae255f69314d2a565556d35ba1fca52e97c08805e7b3f49dc2f25c385f02aac119cea38404b61136e2da42cbc9aa175859286ac12ec44ad40455d22665baab35f37c76365d230ad275bd9bb89778e868e09cd5f2f404901b2178ea37508db7c4dbc0070246ee11
x-origin-response-time
62,23.202.158.152
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Thu, 14 Dec 2023 13:01:18 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 24D8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J4haZATDOg0t8X1ILlFMeOxF2kmpITK2jpX4wpPWETMlYXqF5aHJy5zqfHxVJ7y4Lg6c3ZaA
Requested by
Host: 37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
URL: https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
55475bc0-27e8-4f10-954d-abcf89735409.jpg
contextual.media.net/kimg/new/140x110/2/52/193/101/ Frame 9C08 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/kimg/new/140x110/2/52/193/101/55475bc0-27e8-4f10-954d-abcf89735409.jpg?v=9
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3434&&kkdd=*H%7C3%7CAH9n*&En=zHh*66kkHHk6U*Uz~hk&)Sm(=h&icmA=h&JSE=zzuh&wcJ2=0uUH&JnS=k.OH!HHzY&JmJS=!J8)ly-g7tY-az775((tJs%3D%3D&J(nS=UH6KUKuuk&cnv2=uuKy*kh&JJ=Oq&cJ=L0&JZPi=Nj3CDf1&mnS=kpD3Ub4Hf&wmnS=9t6UKq~&Zwwmc=z&(((=wv35Z0Je505HYSxCsUqt7_tJ3bBh4lC5!0Z4lSlx.guITtlJDIi.UQm(9hfOsK!b&Pc2=6&es=z&g)S=U&ASwz=k.OO~tMkN&ASw*=zzK*zzh~z&TSAwA=cS*%3DPgeeVng(e7e%3DzhVl)2(mi%3DhX~VSli7T%3DhX6uVcJS%3DPaV(A2%3Dh%2ChVSli7e%3D*hVEe*(7cS%3D*h*uz*zUhuVng(e7T%3DHu6XU6Vg(e7wdJ%3DhVg(e7(*A7T%3DhVcwS%3DHu6U*zUzViP7T2Z7Tllcw%3DhXk~V(Aw%3DhXhhh%2ChVnm%3Dz~tU9pATm.dxnzE.LTO6v*V_TT%3DzUVTZ7ni%3DukV(nnmgA%3D6H%2C6HV(J%3DzV(ncgnS%3Dh%2ChV(mc7cS%3D*h*uz*zUhKV(ASE%3DhXhhh%2ChVg(e7T%3DzXz6VEe*(7g(e7T%3DhVg(e7e%3DzhVceE%3D*uXK*V)JAw%3D5zhVTT%3Dz~KV2(mi%3DhX~VEe*(7g(e7dJ%3DhYhVmcn7J%3D~%2Cu%2Ch%2Ch%2Ch%2Ch%2Ch%2ChVTi%3DzVmcn7S%3DU~~*V(d2%3Dh%2ChVAum7T%3DzuX*u%2CzhuXUkVcS%3DzVgnS%3D*LAQip!--ZebTUqJeNVJEe*(7T%3DUX*KVTwS%3D**u~kzuuKU~u6uz~6~kk6U~6*6~z*zuH6uzHH~*~uKzzhK6*kK*zk~kukz~HKUz6hKuHU6HkzzUH66zzHKu*uHHzuHk6uUkhh~6uuUUVgni%3DhV(dw%3DhXhhh%2ChVl)S*m7T%3DhX~kVcc%3DfjVJJ%3DOqVdT7Se%3DmwVgns%3D5zVJ2%3DhV(JE%3DUzXHzV.L%3DuhKzVdT7gJ%3DzVPwc%3DUVdT7ge%3DmwVdT7JJdc%3DhVJw%3DTg__AelVTcc7B94%3Dfj%2CfjVTAcnc*%3Dz~KVTAcncz%3Dz~KVdT7ww%3DhVTZ7cS%3D*h*uz*zUhzVSJ%3DkVEe*(7T%3DzuX*uVww%3DU~~zVEs72yJ%3DhXkUVEnc7cS%3Duu~Vg(e7(mc7T%3DzUXzzVTZ7Jl%3DhVSJ*%3DzVE7AcP%3D*h*HkVCp%3DXocAe2XoVeAcw%3DVJEl)%3DUX*KVEnc7g(e7T%3DhX6VEe*(7n7cS%3D*h*uz*zu*uVEnc7g(e7e%3DhV2w%3D*kVEe*(7n7T%3DhXh6VEnc7T%3DHu*XhKVEe*(7g(e7En%3DzY5zKVg(e7wEn%3DhVEE%3DhVJEe*(7cS%3Duu~V(_E%3DUzXHzVe*(7T%3DzhhhV(ASm%3DhXhhh%2ChVcnS%3DUH6KUKuukVg(e7(mc7dJ%3DhVdT7c(J%3DdTTVEsg%3DhXkUVS*m7e%3DzhVJEe*%3DUX*KVumJ_%3D~~~XuHVl)7icZ%3DhXuKVSii7cw()%3DZA(ilPaVS*m7T%3DhX~~V(mc7T%3DzhuXUkVg(e7c(mc7T%3DzUXzV(dsm%3DhXhhh%2ChVCp*%3DXocAe2XoV(dsS%3DhXhhh%2ChVnc32_%3DhVpM%3DhVncn_%3DhVg(e7(mJ7T%3DhVTnS%3DhX~VdT7mw%3Dj(wnJe2Vg(e7(mc7(E%3DhVJTSm%3DhXu*UVcS%3DzVnwam27nS%3DzHVc2ee2(7wA)7nS%3DHu6U*zUzVcgmmea7wA)7nS%3DVS2w2Jw2S7wA)7nS%3DVEn2sATnenwa%3DhXkUVmlc%3DzVAJ7wam2%3DzVASTed%3DHu6U*zUzVAim%3DzVl)TnS%3DhX~hhVT_e(%3DhXhzhVcgnS%3D.jYqYfbkHut3dI_P5O3B71L6eClVSwJ%3D2Acw7cJVSii72(mi%3D_Aec2VSii%3DZA(ilPaVTSmJAmS%3DhVSAe)%3DS2_AgewVclTm%3DVynS%3DjWF5mgT5~Uu~zhK*h66kH~HKVZwie%3DzVSJgw%3DK6VSl)T%3Dh5zV2Jm7gc2S%3D8h6V2Jm7mh6%3DhXKhkhuh6zKzh~HkkV2Jm7mzh%3DzXhhHHkukukKu6Hk~zV2Jm7mz6%3DzXuuk*~zHK*~z*KhKuV2Jm7m*h%3DzXK*~KK6*UzhuKk~z6V2Jm7m*6%3DzX~Uuz6z*Kh6UhH*k*V2Jm7muh%3D*X*UHhhK6h*h6hK*~UV2Jm7mu6%3D*X6K6KkKHhUU~K*zHuV2Jm7mUh%3D*Xk~~h*HK*U**6z~HV2Jm7mU6%3DuX*6khKuzU~~kuh6KV2Jm7m6h%3DuXKUKHh66kUuHUHu6V2Jm7m66%3DUXzhhh*~K~K~hHkHV2Jm7mKh%3DUXHzUUUu*Kzu6zHk~V2Jm7mK6%3D6XuKHu*u*zh~ukH~KV2Jm7mHh%3DKX*h*HUk6UH*u~~KHV2Jm7mH6%3DHX*H**zuhk*zUH6UUV2Jm7mkh%3DkXkhuhzKuhHu*UzUKV2Jm7mk6%3DzzXz*zH66Hh6uz66~kV2Jm7m~h%3Dz6Xu6~Ukk~*Uz*~~*6V2Jm7m~6%3D*HXKkhkuUuU6*HuHukV2Jm7m~~%3D~UXKzhKkh~zH~uu**VnTJ%3DzVPcv%3DUVw)c%3D*6hy*6h%7Cuhhy*6h%7Cu*hyzhh%7CuuKy*khVTcT%3DhVTcm%3DhVwiy%3D*zK&PwE=h&iii=AC.k.)~UUAae6bn5AQC(_C5kkgE1Ugd)(nCPljJiHDd%3D&ns=uuK&nPL_(=z&TS(LS=UKh&TnS=uU~~6K&iJ_=HK6~*&aScm(=z&TA2=-y2)vvAfyy&dAwm(2=z&JASliAnP=wv35Z0Je505NqZfU*5gg_SP6DFZ*n.hfK8Su*aULqJxbDNx7daxlv)%3D%3D&amem=z&ncnS=6&ASE=LPE2cwl(%20MlJgc&cciJ(7E2(=6&m)nS=mhz~66*UHzU6w*h*uz*zUzuhz&cceS=%7B%22ccnm%22%3A%22*Kh*%3A__Jk%3Ahhh*%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22ccJJ%22%3A%22Oq%22%2C%22cccJ%22%3A%22f1%22%2C%22ccJwa%22%3A%22Tg__Ael%22%7D&Zwiec(J=z&sflct=6211125&wJ_7Jim=z&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.112.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-112-22.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7c6ab6f328dad4404608f4ed327afc241121aab29a44ca5f7820f743f16c998c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3434&&kkdd=*H%7C3%7CAH9n*&En=zHh*66kkHHk6U*Uz~hk&)Sm(=h&icmA=h&JSE=zzuh&wcJ2=0uUH&JnS=k.OH!HHzY&JmJS=!J8)ly-g7tY-az775((tJs%3D%3D&J(nS=UH6KUKuuk&cnv2=uuKy*kh&JJ=Oq&cJ=L0&JZPi=Nj3CDf1&mnS=kpD3Ub4Hf&wmnS=9t6UKq~&Zwwmc=z&(((=wv35Z0Je505HYSxCsUqt7_tJ3bBh4lC5!0Z4lSlx.guITtlJDIi.UQm(9hfOsK!b&Pc2=6&es=z&g)S=U&ASwz=k.OO~tMkN&ASw*=zzK*zzh~z&TSAwA=cS*%3DPgeeVng(e7e%3DzhVl)2(mi%3DhX~VSli7T%3DhX6uVcJS%3DPaV(A2%3Dh%2ChVSli7e%3D*hVEe*(7cS%3D*h*uz*zUhuVng(e7T%3DHu6XU6Vg(e7wdJ%3DhVg(e7(*A7T%3DhVcwS%3DHu6U*zUzViP7T2Z7Tllcw%3DhXk~V(Aw%3DhXhhh%2ChVnm%3Dz~tU9pATm.dxnzE.LTO6v*V_TT%3DzUVTZ7ni%3DukV(nnmgA%3D6H%2C6HV(J%3DzV(ncgnS%3Dh%2ChV(mc7cS%3D*h*uz*zUhKV(ASE%3DhXhhh%2ChVg(e7T%3DzXz6VEe*(7g(e7T%3DhVg(e7e%3DzhVceE%3D*uXK*V)JAw%3D5zhVTT%3Dz~KV2(mi%3DhX~VEe*(7g(e7dJ%3DhYhVmcn7J%3D~%2Cu%2Ch%2Ch%2Ch%2Ch%2Ch%2ChVTi%3DzVmcn7S%3DU~~*V(d2%3Dh%2ChVAum7T%3DzuX*u%2CzhuXUkVcS%3DzVgnS%3D*LAQip!--ZebTUqJeNVJEe*(7T%3DUX*KVTwS%3D**u~kzuuKU~u6uz~6~kk6U~6*6~z*zuH6uzHH~*~uKzzhK6*kK*zk~kukz~HKUz6hKuHU6HkzzUH66zzHKu*uHHzuHk6uUkhh~6uuUUVgni%3DhV(dw%3DhXhhh%2ChVl)S*m7T%3DhX~kVcc%3DfjVJJ%3DOqVdT7Se%3DmwVgns%3D5zVJ2%3DhV(JE%3DUzXHzV.L%3DuhKzVdT7gJ%3DzVPwc%3DUVdT7ge%3DmwVdT7JJdc%3DhVJw%3DTg__AelVTcc7B94%3Dfj%2CfjVTAcnc*%3Dz~KVTAcncz%3Dz~KVdT7ww%3DhVTZ7cS%3D*h*uz*zUhzVSJ%3DkVEe*(7T%3DzuX*uVww%3DU~~zVEs72yJ%3DhXkUVEnc7cS%3Duu~Vg(e7(mc7T%3DzUXzzVTZ7Jl%3DhVSJ*%3DzVE7AcP%3D*h*HkVCp%3DXocAe2XoVeAcw%3DVJEl)%3DUX*KVEnc7g(e7T%3DhX6VEe*(7n7cS%3D*h*uz*zu*uVEnc7g(e7e%3DhV2w%3D*kVEe*(7n7T%3DhXh6VEnc7T%3DHu*XhKVEe*(7g(e7En%3DzY5zKVg(e7wEn%3DhVEE%3DhVJEe*(7cS%3Duu~V(_E%3DUzXHzVe*(7T%3DzhhhV(ASm%3DhXhhh%2ChVcnS%3DUH6KUKuukVg(e7(mc7dJ%3DhVdT7c(J%3DdTTVEsg%3DhXkUVS*m7e%3DzhVJEe*%3DUX*KVumJ_%3D~~~XuHVl)7icZ%3DhXuKVSii7cw()%3DZA(ilPaVS*m7T%3DhX~~V(mc7T%3DzhuXUkVg(e7c(mc7T%3DzUXzV(dsm%3DhXhhh%2ChVCp*%3DXocAe2XoV(dsS%3DhXhhh%2ChVnc32_%3DhVpM%3DhVncn_%3DhVg(e7(mJ7T%3DhVTnS%3DhX~VdT7mw%3Dj(wnJe2Vg(e7(mc7(E%3DhVJTSm%3DhXu*UVcS%3DzVnwam27nS%3DzHVc2ee2(7wA)7nS%3DHu6U*zUzVcgmmea7wA)7nS%3DVS2w2Jw2S7wA)7nS%3DVEn2sATnenwa%3DhXkUVmlc%3DzVAJ7wam2%3DzVASTed%3DHu6U*zUzVAim%3DzVl)TnS%3DhX~hhVT_e(%3DhXhzhVcgnS%3D.jYqYfbkHut3dI_P5O3B71L6eClVSwJ%3D2Acw7cJVSii72(mi%3D_Aec2VSii%3DZA(ilPaVTSmJAmS%3DhVSAe)%3DS2_AgewVclTm%3DVynS%3DjWF5mgT5~Uu~zhK*h66kH~HKVZwie%3DzVSJgw%3DK6VSl)T%3Dh5zV2Jm7gc2S%3D8h6V2Jm7mh6%3DhXKhkhuh6zKzh~HkkV2Jm7mzh%3DzXhhHHkukukKu6Hk~zV2Jm7mz6%3DzXuuk*~zHK*~z*KhKuV2Jm7m*h%3DzXK*~KK6*UzhuKk~z6V2Jm7m*6%3DzX~Uuz6z*Kh6UhH*k*V2Jm7muh%3D*X*UHhhK6h*h6hK*~UV2Jm7mu6%3D*X6K6KkKHhUU~K*zHuV2Jm7mUh%3D*Xk~~h*HK*U**6z~HV2Jm7mU6%3DuX*6khKuzU~~kuh6KV2Jm7m6h%3DuXKUKHh66kUuHUHu6V2Jm7m66%3DUXzhhh*~K~K~hHkHV2Jm7mKh%3DUXHzUUUu*Kzu6zHk~V2Jm7mK6%3D6XuKHu*u*zh~ukH~KV2Jm7mHh%3DKX*h*HUk6UH*u~~KHV2Jm7mH6%3DHX*H**zuhk*zUH6UUV2Jm7mkh%3DkXkhuhzKuhHu*UzUKV2Jm7mk6%3DzzXz*zH66Hh6uz66~kV2Jm7m~h%3Dz6Xu6~Ukk~*Uz*~~*6V2Jm7m~6%3D*HXKkhkuUuU6*HuHukV2Jm7m~~%3D~UXKzhKkh~zH~uu**VnTJ%3DzVPcv%3DUVw)c%3D*6hy*6h%7Cuhhy*6h%7Cu*hyzhh%7CuuKy*khVTcT%3DhVTcm%3DhVwiy%3D*zK&PwE=h&iii=AC.k.)~UUAae6bn5AQC(_C5kkgE1Ugd)(nCPljJiHDd%3D&ns=uuK&nPL_(=z&TS(LS=UKh&TnS=uU~~6K&iJ_=HK6~*&aScm(=z&TA2=-y2)vvAfyy&dAwm(2=z&JASliAnP=wv35Z0Je505NqZfU*5gg_SP6DFZ*n.hfK8Su*aULqJxbDNx7daxlv)%3D%3D&amem=z&ncnS=6&ASE=LPE2cwl(%20MlJgc&cciJ(7E2(=6&m)nS=mhz~66*UHzU6w*h*uz*zUzuhz&cceS=%7B%22ccnm%22%3A%22*Kh*%3A__Jk%3Ahhh*%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22ccJJ%22%3A%22Oq%22%2C%22cccJ%22%3A%22f1%22%2C%22ccJwa%22%3A%22Tg__Ael%22%7D&Zwiec(J=z&sflct=6211125&wJ_7Jim=z&ure=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:18 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 01 Apr 2018 04:26:37 GMT
server
nginx
etag
"5ac05f7d-4297"
content-type
image/jpeg
accept-ranges
bytes
content-length
17047
truncated
/ Frame 9C08 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
4bbb4ffc-7cd7-44df-a7a9-f2f1109b8b49.jpg
contextual.media.net/kimg/new/140x110/2/50/11/191/ Frame 9C08 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/kimg/new/140x110/2/50/11/191/4bbb4ffc-7cd7-44df-a7a9-f2f1109b8b49.jpg?v=9
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3434&&kkdd=*H%7C3%7CAH9n*&En=zHh*66kkHHk6U*Uz~hk&)Sm(=h&icmA=h&JSE=zzuh&wcJ2=0uUH&JnS=k.OH!HHzY&JmJS=!J8)ly-g7tY-az775((tJs%3D%3D&J(nS=UH6KUKuuk&cnv2=uuKy*kh&JJ=Oq&cJ=L0&JZPi=Nj3CDf1&mnS=kpD3Ub4Hf&wmnS=9t6UKq~&Zwwmc=z&(((=wv35Z0Je505HYSxCsUqt7_tJ3bBh4lC5!0Z4lSlx.guITtlJDIi.UQm(9hfOsK!b&Pc2=6&es=z&g)S=U&ASwz=k.OO~tMkN&ASw*=zzK*zzh~z&TSAwA=cS*%3DPgeeVng(e7e%3DzhVl)2(mi%3DhX~VSli7T%3DhX6uVcJS%3DPaV(A2%3Dh%2ChVSli7e%3D*hVEe*(7cS%3D*h*uz*zUhuVng(e7T%3DHu6XU6Vg(e7wdJ%3DhVg(e7(*A7T%3DhVcwS%3DHu6U*zUzViP7T2Z7Tllcw%3DhXk~V(Aw%3DhXhhh%2ChVnm%3Dz~tU9pATm.dxnzE.LTO6v*V_TT%3DzUVTZ7ni%3DukV(nnmgA%3D6H%2C6HV(J%3DzV(ncgnS%3Dh%2ChV(mc7cS%3D*h*uz*zUhKV(ASE%3DhXhhh%2ChVg(e7T%3DzXz6VEe*(7g(e7T%3DhVg(e7e%3DzhVceE%3D*uXK*V)JAw%3D5zhVTT%3Dz~KV2(mi%3DhX~VEe*(7g(e7dJ%3DhYhVmcn7J%3D~%2Cu%2Ch%2Ch%2Ch%2Ch%2Ch%2ChVTi%3DzVmcn7S%3DU~~*V(d2%3Dh%2ChVAum7T%3DzuX*u%2CzhuXUkVcS%3DzVgnS%3D*LAQip!--ZebTUqJeNVJEe*(7T%3DUX*KVTwS%3D**u~kzuuKU~u6uz~6~kk6U~6*6~z*zuH6uzHH~*~uKzzhK6*kK*zk~kukz~HKUz6hKuHU6HkzzUH66zzHKu*uHHzuHk6uUkhh~6uuUUVgni%3DhV(dw%3DhXhhh%2ChVl)S*m7T%3DhX~kVcc%3DfjVJJ%3DOqVdT7Se%3DmwVgns%3D5zVJ2%3DhV(JE%3DUzXHzV.L%3DuhKzVdT7gJ%3DzVPwc%3DUVdT7ge%3DmwVdT7JJdc%3DhVJw%3DTg__AelVTcc7B94%3Dfj%2CfjVTAcnc*%3Dz~KVTAcncz%3Dz~KVdT7ww%3DhVTZ7cS%3D*h*uz*zUhzVSJ%3DkVEe*(7T%3DzuX*uVww%3DU~~zVEs72yJ%3DhXkUVEnc7cS%3Duu~Vg(e7(mc7T%3DzUXzzVTZ7Jl%3DhVSJ*%3DzVE7AcP%3D*h*HkVCp%3DXocAe2XoVeAcw%3DVJEl)%3DUX*KVEnc7g(e7T%3DhX6VEe*(7n7cS%3D*h*uz*zu*uVEnc7g(e7e%3DhV2w%3D*kVEe*(7n7T%3DhXh6VEnc7T%3DHu*XhKVEe*(7g(e7En%3DzY5zKVg(e7wEn%3DhVEE%3DhVJEe*(7cS%3Duu~V(_E%3DUzXHzVe*(7T%3DzhhhV(ASm%3DhXhhh%2ChVcnS%3DUH6KUKuukVg(e7(mc7dJ%3DhVdT7c(J%3DdTTVEsg%3DhXkUVS*m7e%3DzhVJEe*%3DUX*KVumJ_%3D~~~XuHVl)7icZ%3DhXuKVSii7cw()%3DZA(ilPaVS*m7T%3DhX~~V(mc7T%3DzhuXUkVg(e7c(mc7T%3DzUXzV(dsm%3DhXhhh%2ChVCp*%3DXocAe2XoV(dsS%3DhXhhh%2ChVnc32_%3DhVpM%3DhVncn_%3DhVg(e7(mJ7T%3DhVTnS%3DhX~VdT7mw%3Dj(wnJe2Vg(e7(mc7(E%3DhVJTSm%3DhXu*UVcS%3DzVnwam27nS%3DzHVc2ee2(7wA)7nS%3DHu6U*zUzVcgmmea7wA)7nS%3DVS2w2Jw2S7wA)7nS%3DVEn2sATnenwa%3DhXkUVmlc%3DzVAJ7wam2%3DzVASTed%3DHu6U*zUzVAim%3DzVl)TnS%3DhX~hhVT_e(%3DhXhzhVcgnS%3D.jYqYfbkHut3dI_P5O3B71L6eClVSwJ%3D2Acw7cJVSii72(mi%3D_Aec2VSii%3DZA(ilPaVTSmJAmS%3DhVSAe)%3DS2_AgewVclTm%3DVynS%3DjWF5mgT5~Uu~zhK*h66kH~HKVZwie%3DzVSJgw%3DK6VSl)T%3Dh5zV2Jm7gc2S%3D8h6V2Jm7mh6%3DhXKhkhuh6zKzh~HkkV2Jm7mzh%3DzXhhHHkukukKu6Hk~zV2Jm7mz6%3DzXuuk*~zHK*~z*KhKuV2Jm7m*h%3DzXK*~KK6*UzhuKk~z6V2Jm7m*6%3DzX~Uuz6z*Kh6UhH*k*V2Jm7muh%3D*X*UHhhK6h*h6hK*~UV2Jm7mu6%3D*X6K6KkKHhUU~K*zHuV2Jm7mUh%3D*Xk~~h*HK*U**6z~HV2Jm7mU6%3DuX*6khKuzU~~kuh6KV2Jm7m6h%3DuXKUKHh66kUuHUHu6V2Jm7m66%3DUXzhhh*~K~K~hHkHV2Jm7mKh%3DUXHzUUUu*Kzu6zHk~V2Jm7mK6%3D6XuKHu*u*zh~ukH~KV2Jm7mHh%3DKX*h*HUk6UH*u~~KHV2Jm7mH6%3DHX*H**zuhk*zUH6UUV2Jm7mkh%3DkXkhuhzKuhHu*UzUKV2Jm7mk6%3DzzXz*zH66Hh6uz66~kV2Jm7m~h%3Dz6Xu6~Ukk~*Uz*~~*6V2Jm7m~6%3D*HXKkhkuUuU6*HuHukV2Jm7m~~%3D~UXKzhKkh~zH~uu**VnTJ%3DzVPcv%3DUVw)c%3D*6hy*6h%7Cuhhy*6h%7Cu*hyzhh%7CuuKy*khVTcT%3DhVTcm%3DhVwiy%3D*zK&PwE=h&iii=AC.k.)~UUAae6bn5AQC(_C5kkgE1Ugd)(nCPljJiHDd%3D&ns=uuK&nPL_(=z&TS(LS=UKh&TnS=uU~~6K&iJ_=HK6~*&aScm(=z&TA2=-y2)vvAfyy&dAwm(2=z&JASliAnP=wv35Z0Je505NqZfU*5gg_SP6DFZ*n.hfK8Su*aULqJxbDNx7daxlv)%3D%3D&amem=z&ncnS=6&ASE=LPE2cwl(%20MlJgc&cciJ(7E2(=6&m)nS=mhz~66*UHzU6w*h*uz*zUzuhz&cceS=%7B%22ccnm%22%3A%22*Kh*%3A__Jk%3Ahhh*%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22ccJJ%22%3A%22Oq%22%2C%22cccJ%22%3A%22f1%22%2C%22ccJwa%22%3A%22Tg__Ael%22%7D&Zwiec(J=z&sflct=6211125&wJ_7Jim=z&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.112.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-112-22.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1f55affd1947decfe6393a7d71a08b38eec9bcdddbab0edb7a98af48866d39af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3434&&kkdd=*H%7C3%7CAH9n*&En=zHh*66kkHHk6U*Uz~hk&)Sm(=h&icmA=h&JSE=zzuh&wcJ2=0uUH&JnS=k.OH!HHzY&JmJS=!J8)ly-g7tY-az775((tJs%3D%3D&J(nS=UH6KUKuuk&cnv2=uuKy*kh&JJ=Oq&cJ=L0&JZPi=Nj3CDf1&mnS=kpD3Ub4Hf&wmnS=9t6UKq~&Zwwmc=z&(((=wv35Z0Je505HYSxCsUqt7_tJ3bBh4lC5!0Z4lSlx.guITtlJDIi.UQm(9hfOsK!b&Pc2=6&es=z&g)S=U&ASwz=k.OO~tMkN&ASw*=zzK*zzh~z&TSAwA=cS*%3DPgeeVng(e7e%3DzhVl)2(mi%3DhX~VSli7T%3DhX6uVcJS%3DPaV(A2%3Dh%2ChVSli7e%3D*hVEe*(7cS%3D*h*uz*zUhuVng(e7T%3DHu6XU6Vg(e7wdJ%3DhVg(e7(*A7T%3DhVcwS%3DHu6U*zUzViP7T2Z7Tllcw%3DhXk~V(Aw%3DhXhhh%2ChVnm%3Dz~tU9pATm.dxnzE.LTO6v*V_TT%3DzUVTZ7ni%3DukV(nnmgA%3D6H%2C6HV(J%3DzV(ncgnS%3Dh%2ChV(mc7cS%3D*h*uz*zUhKV(ASE%3DhXhhh%2ChVg(e7T%3DzXz6VEe*(7g(e7T%3DhVg(e7e%3DzhVceE%3D*uXK*V)JAw%3D5zhVTT%3Dz~KV2(mi%3DhX~VEe*(7g(e7dJ%3DhYhVmcn7J%3D~%2Cu%2Ch%2Ch%2Ch%2Ch%2Ch%2ChVTi%3DzVmcn7S%3DU~~*V(d2%3Dh%2ChVAum7T%3DzuX*u%2CzhuXUkVcS%3DzVgnS%3D*LAQip!--ZebTUqJeNVJEe*(7T%3DUX*KVTwS%3D**u~kzuuKU~u6uz~6~kk6U~6*6~z*zuH6uzHH~*~uKzzhK6*kK*zk~kukz~HKUz6hKuHU6HkzzUH66zzHKu*uHHzuHk6uUkhh~6uuUUVgni%3DhV(dw%3DhXhhh%2ChVl)S*m7T%3DhX~kVcc%3DfjVJJ%3DOqVdT7Se%3DmwVgns%3D5zVJ2%3DhV(JE%3DUzXHzV.L%3DuhKzVdT7gJ%3DzVPwc%3DUVdT7ge%3DmwVdT7JJdc%3DhVJw%3DTg__AelVTcc7B94%3Dfj%2CfjVTAcnc*%3Dz~KVTAcncz%3Dz~KVdT7ww%3DhVTZ7cS%3D*h*uz*zUhzVSJ%3DkVEe*(7T%3DzuX*uVww%3DU~~zVEs72yJ%3DhXkUVEnc7cS%3Duu~Vg(e7(mc7T%3DzUXzzVTZ7Jl%3DhVSJ*%3DzVE7AcP%3D*h*HkVCp%3DXocAe2XoVeAcw%3DVJEl)%3DUX*KVEnc7g(e7T%3DhX6VEe*(7n7cS%3D*h*uz*zu*uVEnc7g(e7e%3DhV2w%3D*kVEe*(7n7T%3DhXh6VEnc7T%3DHu*XhKVEe*(7g(e7En%3DzY5zKVg(e7wEn%3DhVEE%3DhVJEe*(7cS%3Duu~V(_E%3DUzXHzVe*(7T%3DzhhhV(ASm%3DhXhhh%2ChVcnS%3DUH6KUKuukVg(e7(mc7dJ%3DhVdT7c(J%3DdTTVEsg%3DhXkUVS*m7e%3DzhVJEe*%3DUX*KVumJ_%3D~~~XuHVl)7icZ%3DhXuKVSii7cw()%3DZA(ilPaVS*m7T%3DhX~~V(mc7T%3DzhuXUkVg(e7c(mc7T%3DzUXzV(dsm%3DhXhhh%2ChVCp*%3DXocAe2XoV(dsS%3DhXhhh%2ChVnc32_%3DhVpM%3DhVncn_%3DhVg(e7(mJ7T%3DhVTnS%3DhX~VdT7mw%3Dj(wnJe2Vg(e7(mc7(E%3DhVJTSm%3DhXu*UVcS%3DzVnwam27nS%3DzHVc2ee2(7wA)7nS%3DHu6U*zUzVcgmmea7wA)7nS%3DVS2w2Jw2S7wA)7nS%3DVEn2sATnenwa%3DhXkUVmlc%3DzVAJ7wam2%3DzVASTed%3DHu6U*zUzVAim%3DzVl)TnS%3DhX~hhVT_e(%3DhXhzhVcgnS%3D.jYqYfbkHut3dI_P5O3B71L6eClVSwJ%3D2Acw7cJVSii72(mi%3D_Aec2VSii%3DZA(ilPaVTSmJAmS%3DhVSAe)%3DS2_AgewVclTm%3DVynS%3DjWF5mgT5~Uu~zhK*h66kH~HKVZwie%3DzVSJgw%3DK6VSl)T%3Dh5zV2Jm7gc2S%3D8h6V2Jm7mh6%3DhXKhkhuh6zKzh~HkkV2Jm7mzh%3DzXhhHHkukukKu6Hk~zV2Jm7mz6%3DzXuuk*~zHK*~z*KhKuV2Jm7m*h%3DzXK*~KK6*UzhuKk~z6V2Jm7m*6%3DzX~Uuz6z*Kh6UhH*k*V2Jm7muh%3D*X*UHhhK6h*h6hK*~UV2Jm7mu6%3D*X6K6KkKHhUU~K*zHuV2Jm7mUh%3D*Xk~~h*HK*U**6z~HV2Jm7mU6%3DuX*6khKuzU~~kuh6KV2Jm7m6h%3DuXKUKHh66kUuHUHu6V2Jm7m66%3DUXzhhh*~K~K~hHkHV2Jm7mKh%3DUXHzUUUu*Kzu6zHk~V2Jm7mK6%3D6XuKHu*u*zh~ukH~KV2Jm7mHh%3DKX*h*HUk6UH*u~~KHV2Jm7mH6%3DHX*H**zuhk*zUH6UUV2Jm7mkh%3DkXkhuhzKuhHu*UzUKV2Jm7mk6%3DzzXz*zH66Hh6uz66~kV2Jm7m~h%3Dz6Xu6~Ukk~*Uz*~~*6V2Jm7m~6%3D*HXKkhkuUuU6*HuHukV2Jm7m~~%3D~UXKzhKkh~zH~uu**VnTJ%3DzVPcv%3DUVw)c%3D*6hy*6h%7Cuhhy*6h%7Cu*hyzhh%7CuuKy*khVTcT%3DhVTcm%3DhVwiy%3D*zK&PwE=h&iii=AC.k.)~UUAae6bn5AQC(_C5kkgE1Ugd)(nCPljJiHDd%3D&ns=uuK&nPL_(=z&TS(LS=UKh&TnS=uU~~6K&iJ_=HK6~*&aScm(=z&TA2=-y2)vvAfyy&dAwm(2=z&JASliAnP=wv35Z0Je505NqZfU*5gg_SP6DFZ*n.hfK8Su*aULqJxbDNx7daxlv)%3D%3D&amem=z&ncnS=6&ASE=LPE2cwl(%20MlJgc&cciJ(7E2(=6&m)nS=mhz~66*UHzU6w*h*uz*zUzuhz&cceS=%7B%22ccnm%22%3A%22*Kh*%3A__Jk%3Ahhh*%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22ccJJ%22%3A%22Oq%22%2C%22cccJ%22%3A%22f1%22%2C%22ccJwa%22%3A%22Tg__Ael%22%7D&Zwiec(J=z&sflct=6211125&wJ_7Jim=z&ure=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:18 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 21 Mar 2018 04:09:07 GMT
server
nginx
etag
"5ab1dae3-3c69"
content-type
image/jpeg
accept-ranges
bytes
content-length
15465
9f45e30f-a16b-4046-96ac-586c06293a03.jpg
contextual.media.net/kimg/new/140x110/3/141/254/237/ Frame 9C08 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/kimg/new/140x110/3/141/254/237/9f45e30f-a16b-4046-96ac-586c06293a03.jpg?v=9
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3434&&kkdd=*H%7C3%7CAH9n*&En=zHh*66kkHHk6U*Uz~hk&)Sm(=h&icmA=h&JSE=zzuh&wcJ2=0uUH&JnS=k.OH!HHzY&JmJS=!J8)ly-g7tY-az775((tJs%3D%3D&J(nS=UH6KUKuuk&cnv2=uuKy*kh&JJ=Oq&cJ=L0&JZPi=Nj3CDf1&mnS=kpD3Ub4Hf&wmnS=9t6UKq~&Zwwmc=z&(((=wv35Z0Je505HYSxCsUqt7_tJ3bBh4lC5!0Z4lSlx.guITtlJDIi.UQm(9hfOsK!b&Pc2=6&es=z&g)S=U&ASwz=k.OO~tMkN&ASw*=zzK*zzh~z&TSAwA=cS*%3DPgeeVng(e7e%3DzhVl)2(mi%3DhX~VSli7T%3DhX6uVcJS%3DPaV(A2%3Dh%2ChVSli7e%3D*hVEe*(7cS%3D*h*uz*zUhuVng(e7T%3DHu6XU6Vg(e7wdJ%3DhVg(e7(*A7T%3DhVcwS%3DHu6U*zUzViP7T2Z7Tllcw%3DhXk~V(Aw%3DhXhhh%2ChVnm%3Dz~tU9pATm.dxnzE.LTO6v*V_TT%3DzUVTZ7ni%3DukV(nnmgA%3D6H%2C6HV(J%3DzV(ncgnS%3Dh%2ChV(mc7cS%3D*h*uz*zUhKV(ASE%3DhXhhh%2ChVg(e7T%3DzXz6VEe*(7g(e7T%3DhVg(e7e%3DzhVceE%3D*uXK*V)JAw%3D5zhVTT%3Dz~KV2(mi%3DhX~VEe*(7g(e7dJ%3DhYhVmcn7J%3D~%2Cu%2Ch%2Ch%2Ch%2Ch%2Ch%2ChVTi%3DzVmcn7S%3DU~~*V(d2%3Dh%2ChVAum7T%3DzuX*u%2CzhuXUkVcS%3DzVgnS%3D*LAQip!--ZebTUqJeNVJEe*(7T%3DUX*KVTwS%3D**u~kzuuKU~u6uz~6~kk6U~6*6~z*zuH6uzHH~*~uKzzhK6*kK*zk~kukz~HKUz6hKuHU6HkzzUH66zzHKu*uHHzuHk6uUkhh~6uuUUVgni%3DhV(dw%3DhXhhh%2ChVl)S*m7T%3DhX~kVcc%3DfjVJJ%3DOqVdT7Se%3DmwVgns%3D5zVJ2%3DhV(JE%3DUzXHzV.L%3DuhKzVdT7gJ%3DzVPwc%3DUVdT7ge%3DmwVdT7JJdc%3DhVJw%3DTg__AelVTcc7B94%3Dfj%2CfjVTAcnc*%3Dz~KVTAcncz%3Dz~KVdT7ww%3DhVTZ7cS%3D*h*uz*zUhzVSJ%3DkVEe*(7T%3DzuX*uVww%3DU~~zVEs72yJ%3DhXkUVEnc7cS%3Duu~Vg(e7(mc7T%3DzUXzzVTZ7Jl%3DhVSJ*%3DzVE7AcP%3D*h*HkVCp%3DXocAe2XoVeAcw%3DVJEl)%3DUX*KVEnc7g(e7T%3DhX6VEe*(7n7cS%3D*h*uz*zu*uVEnc7g(e7e%3DhV2w%3D*kVEe*(7n7T%3DhXh6VEnc7T%3DHu*XhKVEe*(7g(e7En%3DzY5zKVg(e7wEn%3DhVEE%3DhVJEe*(7cS%3Duu~V(_E%3DUzXHzVe*(7T%3DzhhhV(ASm%3DhXhhh%2ChVcnS%3DUH6KUKuukVg(e7(mc7dJ%3DhVdT7c(J%3DdTTVEsg%3DhXkUVS*m7e%3DzhVJEe*%3DUX*KVumJ_%3D~~~XuHVl)7icZ%3DhXuKVSii7cw()%3DZA(ilPaVS*m7T%3DhX~~V(mc7T%3DzhuXUkVg(e7c(mc7T%3DzUXzV(dsm%3DhXhhh%2ChVCp*%3DXocAe2XoV(dsS%3DhXhhh%2ChVnc32_%3DhVpM%3DhVncn_%3DhVg(e7(mJ7T%3DhVTnS%3DhX~VdT7mw%3Dj(wnJe2Vg(e7(mc7(E%3DhVJTSm%3DhXu*UVcS%3DzVnwam27nS%3DzHVc2ee2(7wA)7nS%3DHu6U*zUzVcgmmea7wA)7nS%3DVS2w2Jw2S7wA)7nS%3DVEn2sATnenwa%3DhXkUVmlc%3DzVAJ7wam2%3DzVASTed%3DHu6U*zUzVAim%3DzVl)TnS%3DhX~hhVT_e(%3DhXhzhVcgnS%3D.jYqYfbkHut3dI_P5O3B71L6eClVSwJ%3D2Acw7cJVSii72(mi%3D_Aec2VSii%3DZA(ilPaVTSmJAmS%3DhVSAe)%3DS2_AgewVclTm%3DVynS%3DjWF5mgT5~Uu~zhK*h66kH~HKVZwie%3DzVSJgw%3DK6VSl)T%3Dh5zV2Jm7gc2S%3D8h6V2Jm7mh6%3DhXKhkhuh6zKzh~HkkV2Jm7mzh%3DzXhhHHkukukKu6Hk~zV2Jm7mz6%3DzXuuk*~zHK*~z*KhKuV2Jm7m*h%3DzXK*~KK6*UzhuKk~z6V2Jm7m*6%3DzX~Uuz6z*Kh6UhH*k*V2Jm7muh%3D*X*UHhhK6h*h6hK*~UV2Jm7mu6%3D*X6K6KkKHhUU~K*zHuV2Jm7mUh%3D*Xk~~h*HK*U**6z~HV2Jm7mU6%3DuX*6khKuzU~~kuh6KV2Jm7m6h%3DuXKUKHh66kUuHUHu6V2Jm7m66%3DUXzhhh*~K~K~hHkHV2Jm7mKh%3DUXHzUUUu*Kzu6zHk~V2Jm7mK6%3D6XuKHu*u*zh~ukH~KV2Jm7mHh%3DKX*h*HUk6UH*u~~KHV2Jm7mH6%3DHX*H**zuhk*zUH6UUV2Jm7mkh%3DkXkhuhzKuhHu*UzUKV2Jm7mk6%3DzzXz*zH66Hh6uz66~kV2Jm7m~h%3Dz6Xu6~Ukk~*Uz*~~*6V2Jm7m~6%3D*HXKkhkuUuU6*HuHukV2Jm7m~~%3D~UXKzhKkh~zH~uu**VnTJ%3DzVPcv%3DUVw)c%3D*6hy*6h%7Cuhhy*6h%7Cu*hyzhh%7CuuKy*khVTcT%3DhVTcm%3DhVwiy%3D*zK&PwE=h&iii=AC.k.)~UUAae6bn5AQC(_C5kkgE1Ugd)(nCPljJiHDd%3D&ns=uuK&nPL_(=z&TS(LS=UKh&TnS=uU~~6K&iJ_=HK6~*&aScm(=z&TA2=-y2)vvAfyy&dAwm(2=z&JASliAnP=wv35Z0Je505NqZfU*5gg_SP6DFZ*n.hfK8Su*aULqJxbDNx7daxlv)%3D%3D&amem=z&ncnS=6&ASE=LPE2cwl(%20MlJgc&cciJ(7E2(=6&m)nS=mhz~66*UHzU6w*h*uz*zUzuhz&cceS=%7B%22ccnm%22%3A%22*Kh*%3A__Jk%3Ahhh*%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22ccJJ%22%3A%22Oq%22%2C%22cccJ%22%3A%22f1%22%2C%22ccJwa%22%3A%22Tg__Ael%22%7D&Zwiec(J=z&sflct=6211125&wJ_7Jim=z&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.112.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-112-22.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
027ff0028cb639dc6260e4331078e9abfadaa30ac5ffe217e2d3632f2a76e3e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3434&&kkdd=*H%7C3%7CAH9n*&En=zHh*66kkHHk6U*Uz~hk&)Sm(=h&icmA=h&JSE=zzuh&wcJ2=0uUH&JnS=k.OH!HHzY&JmJS=!J8)ly-g7tY-az775((tJs%3D%3D&J(nS=UH6KUKuuk&cnv2=uuKy*kh&JJ=Oq&cJ=L0&JZPi=Nj3CDf1&mnS=kpD3Ub4Hf&wmnS=9t6UKq~&Zwwmc=z&(((=wv35Z0Je505HYSxCsUqt7_tJ3bBh4lC5!0Z4lSlx.guITtlJDIi.UQm(9hfOsK!b&Pc2=6&es=z&g)S=U&ASwz=k.OO~tMkN&ASw*=zzK*zzh~z&TSAwA=cS*%3DPgeeVng(e7e%3DzhVl)2(mi%3DhX~VSli7T%3DhX6uVcJS%3DPaV(A2%3Dh%2ChVSli7e%3D*hVEe*(7cS%3D*h*uz*zUhuVng(e7T%3DHu6XU6Vg(e7wdJ%3DhVg(e7(*A7T%3DhVcwS%3DHu6U*zUzViP7T2Z7Tllcw%3DhXk~V(Aw%3DhXhhh%2ChVnm%3Dz~tU9pATm.dxnzE.LTO6v*V_TT%3DzUVTZ7ni%3DukV(nnmgA%3D6H%2C6HV(J%3DzV(ncgnS%3Dh%2ChV(mc7cS%3D*h*uz*zUhKV(ASE%3DhXhhh%2ChVg(e7T%3DzXz6VEe*(7g(e7T%3DhVg(e7e%3DzhVceE%3D*uXK*V)JAw%3D5zhVTT%3Dz~KV2(mi%3DhX~VEe*(7g(e7dJ%3DhYhVmcn7J%3D~%2Cu%2Ch%2Ch%2Ch%2Ch%2Ch%2ChVTi%3DzVmcn7S%3DU~~*V(d2%3Dh%2ChVAum7T%3DzuX*u%2CzhuXUkVcS%3DzVgnS%3D*LAQip!--ZebTUqJeNVJEe*(7T%3DUX*KVTwS%3D**u~kzuuKU~u6uz~6~kk6U~6*6~z*zuH6uzHH~*~uKzzhK6*kK*zk~kukz~HKUz6hKuHU6HkzzUH66zzHKu*uHHzuHk6uUkhh~6uuUUVgni%3DhV(dw%3DhXhhh%2ChVl)S*m7T%3DhX~kVcc%3DfjVJJ%3DOqVdT7Se%3DmwVgns%3D5zVJ2%3DhV(JE%3DUzXHzV.L%3DuhKzVdT7gJ%3DzVPwc%3DUVdT7ge%3DmwVdT7JJdc%3DhVJw%3DTg__AelVTcc7B94%3Dfj%2CfjVTAcnc*%3Dz~KVTAcncz%3Dz~KVdT7ww%3DhVTZ7cS%3D*h*uz*zUhzVSJ%3DkVEe*(7T%3DzuX*uVww%3DU~~zVEs72yJ%3DhXkUVEnc7cS%3Duu~Vg(e7(mc7T%3DzUXzzVTZ7Jl%3DhVSJ*%3DzVE7AcP%3D*h*HkVCp%3DXocAe2XoVeAcw%3DVJEl)%3DUX*KVEnc7g(e7T%3DhX6VEe*(7n7cS%3D*h*uz*zu*uVEnc7g(e7e%3DhV2w%3D*kVEe*(7n7T%3DhXh6VEnc7T%3DHu*XhKVEe*(7g(e7En%3DzY5zKVg(e7wEn%3DhVEE%3DhVJEe*(7cS%3Duu~V(_E%3DUzXHzVe*(7T%3DzhhhV(ASm%3DhXhhh%2ChVcnS%3DUH6KUKuukVg(e7(mc7dJ%3DhVdT7c(J%3DdTTVEsg%3DhXkUVS*m7e%3DzhVJEe*%3DUX*KVumJ_%3D~~~XuHVl)7icZ%3DhXuKVSii7cw()%3DZA(ilPaVS*m7T%3DhX~~V(mc7T%3DzhuXUkVg(e7c(mc7T%3DzUXzV(dsm%3DhXhhh%2ChVCp*%3DXocAe2XoV(dsS%3DhXhhh%2ChVnc32_%3DhVpM%3DhVncn_%3DhVg(e7(mJ7T%3DhVTnS%3DhX~VdT7mw%3Dj(wnJe2Vg(e7(mc7(E%3DhVJTSm%3DhXu*UVcS%3DzVnwam27nS%3DzHVc2ee2(7wA)7nS%3DHu6U*zUzVcgmmea7wA)7nS%3DVS2w2Jw2S7wA)7nS%3DVEn2sATnenwa%3DhXkUVmlc%3DzVAJ7wam2%3DzVASTed%3DHu6U*zUzVAim%3DzVl)TnS%3DhX~hhVT_e(%3DhXhzhVcgnS%3D.jYqYfbkHut3dI_P5O3B71L6eClVSwJ%3D2Acw7cJVSii72(mi%3D_Aec2VSii%3DZA(ilPaVTSmJAmS%3DhVSAe)%3DS2_AgewVclTm%3DVynS%3DjWF5mgT5~Uu~zhK*h66kH~HKVZwie%3DzVSJgw%3DK6VSl)T%3Dh5zV2Jm7gc2S%3D8h6V2Jm7mh6%3DhXKhkhuh6zKzh~HkkV2Jm7mzh%3DzXhhHHkukukKu6Hk~zV2Jm7mz6%3DzXuuk*~zHK*~z*KhKuV2Jm7m*h%3DzXK*~KK6*UzhuKk~z6V2Jm7m*6%3DzX~Uuz6z*Kh6UhH*k*V2Jm7muh%3D*X*UHhhK6h*h6hK*~UV2Jm7mu6%3D*X6K6KkKHhUU~K*zHuV2Jm7mUh%3D*Xk~~h*HK*U**6z~HV2Jm7mU6%3DuX*6khKuzU~~kuh6KV2Jm7m6h%3DuXKUKHh66kUuHUHu6V2Jm7m66%3DUXzhhh*~K~K~hHkHV2Jm7mKh%3DUXHzUUUu*Kzu6zHk~V2Jm7mK6%3D6XuKHu*u*zh~ukH~KV2Jm7mHh%3DKX*h*HUk6UH*u~~KHV2Jm7mH6%3DHX*H**zuhk*zUH6UUV2Jm7mkh%3DkXkhuhzKuhHu*UzUKV2Jm7mk6%3DzzXz*zH66Hh6uz66~kV2Jm7m~h%3Dz6Xu6~Ukk~*Uz*~~*6V2Jm7m~6%3D*HXKkhkuUuU6*HuHukV2Jm7m~~%3D~UXKzhKkh~zH~uu**VnTJ%3DzVPcv%3DUVw)c%3D*6hy*6h%7Cuhhy*6h%7Cu*hyzhh%7CuuKy*khVTcT%3DhVTcm%3DhVwiy%3D*zK&PwE=h&iii=AC.k.)~UUAae6bn5AQC(_C5kkgE1Ugd)(nCPljJiHDd%3D&ns=uuK&nPL_(=z&TS(LS=UKh&TnS=uU~~6K&iJ_=HK6~*&aScm(=z&TA2=-y2)vvAfyy&dAwm(2=z&JASliAnP=wv35Z0Je505NqZfU*5gg_SP6DFZ*n.hfK8Su*aULqJxbDNx7daxlv)%3D%3D&amem=z&ncnS=6&ASE=LPE2cwl(%20MlJgc&cciJ(7E2(=6&m)nS=mhz~66*UHzU6w*h*uz*zUzuhz&cceS=%7B%22ccnm%22%3A%22*Kh*%3A__Jk%3Ahhh*%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22ccJJ%22%3A%22Oq%22%2C%22cccJ%22%3A%22f1%22%2C%22ccJwa%22%3A%22Tg__Ael%22%7D&Zwiec(J=z&sflct=6211125&wJ_7Jim=z&ure=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:18 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 18 Mar 2018 23:06:45 GMT
server
nginx
etag
"5aaef105-395b"
content-type
image/jpeg
accept-ranges
bytes
content-length
14683
ff9cfd0f-e9c6-444a-a247-d01dc1c01703.jpg
contextual.media.net/kimg/new/140x110/3/53/94/218/ Frame 9C08 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/kimg/new/140x110/3/53/94/218/ff9cfd0f-e9c6-444a-a247-d01dc1c01703.jpg?v=9
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3434&&kkdd=*H%7C3%7CAH9n*&En=zHh*66kkHHk6U*Uz~hk&)Sm(=h&icmA=h&JSE=zzuh&wcJ2=0uUH&JnS=k.OH!HHzY&JmJS=!J8)ly-g7tY-az775((tJs%3D%3D&J(nS=UH6KUKuuk&cnv2=uuKy*kh&JJ=Oq&cJ=L0&JZPi=Nj3CDf1&mnS=kpD3Ub4Hf&wmnS=9t6UKq~&Zwwmc=z&(((=wv35Z0Je505HYSxCsUqt7_tJ3bBh4lC5!0Z4lSlx.guITtlJDIi.UQm(9hfOsK!b&Pc2=6&es=z&g)S=U&ASwz=k.OO~tMkN&ASw*=zzK*zzh~z&TSAwA=cS*%3DPgeeVng(e7e%3DzhVl)2(mi%3DhX~VSli7T%3DhX6uVcJS%3DPaV(A2%3Dh%2ChVSli7e%3D*hVEe*(7cS%3D*h*uz*zUhuVng(e7T%3DHu6XU6Vg(e7wdJ%3DhVg(e7(*A7T%3DhVcwS%3DHu6U*zUzViP7T2Z7Tllcw%3DhXk~V(Aw%3DhXhhh%2ChVnm%3Dz~tU9pATm.dxnzE.LTO6v*V_TT%3DzUVTZ7ni%3DukV(nnmgA%3D6H%2C6HV(J%3DzV(ncgnS%3Dh%2ChV(mc7cS%3D*h*uz*zUhKV(ASE%3DhXhhh%2ChVg(e7T%3DzXz6VEe*(7g(e7T%3DhVg(e7e%3DzhVceE%3D*uXK*V)JAw%3D5zhVTT%3Dz~KV2(mi%3DhX~VEe*(7g(e7dJ%3DhYhVmcn7J%3D~%2Cu%2Ch%2Ch%2Ch%2Ch%2Ch%2ChVTi%3DzVmcn7S%3DU~~*V(d2%3Dh%2ChVAum7T%3DzuX*u%2CzhuXUkVcS%3DzVgnS%3D*LAQip!--ZebTUqJeNVJEe*(7T%3DUX*KVTwS%3D**u~kzuuKU~u6uz~6~kk6U~6*6~z*zuH6uzHH~*~uKzzhK6*kK*zk~kukz~HKUz6hKuHU6HkzzUH66zzHKu*uHHzuHk6uUkhh~6uuUUVgni%3DhV(dw%3DhXhhh%2ChVl)S*m7T%3DhX~kVcc%3DfjVJJ%3DOqVdT7Se%3DmwVgns%3D5zVJ2%3DhV(JE%3DUzXHzV.L%3DuhKzVdT7gJ%3DzVPwc%3DUVdT7ge%3DmwVdT7JJdc%3DhVJw%3DTg__AelVTcc7B94%3Dfj%2CfjVTAcnc*%3Dz~KVTAcncz%3Dz~KVdT7ww%3DhVTZ7cS%3D*h*uz*zUhzVSJ%3DkVEe*(7T%3DzuX*uVww%3DU~~zVEs72yJ%3DhXkUVEnc7cS%3Duu~Vg(e7(mc7T%3DzUXzzVTZ7Jl%3DhVSJ*%3DzVE7AcP%3D*h*HkVCp%3DXocAe2XoVeAcw%3DVJEl)%3DUX*KVEnc7g(e7T%3DhX6VEe*(7n7cS%3D*h*uz*zu*uVEnc7g(e7e%3DhV2w%3D*kVEe*(7n7T%3DhXh6VEnc7T%3DHu*XhKVEe*(7g(e7En%3DzY5zKVg(e7wEn%3DhVEE%3DhVJEe*(7cS%3Duu~V(_E%3DUzXHzVe*(7T%3DzhhhV(ASm%3DhXhhh%2ChVcnS%3DUH6KUKuukVg(e7(mc7dJ%3DhVdT7c(J%3DdTTVEsg%3DhXkUVS*m7e%3DzhVJEe*%3DUX*KVumJ_%3D~~~XuHVl)7icZ%3DhXuKVSii7cw()%3DZA(ilPaVS*m7T%3DhX~~V(mc7T%3DzhuXUkVg(e7c(mc7T%3DzUXzV(dsm%3DhXhhh%2ChVCp*%3DXocAe2XoV(dsS%3DhXhhh%2ChVnc32_%3DhVpM%3DhVncn_%3DhVg(e7(mJ7T%3DhVTnS%3DhX~VdT7mw%3Dj(wnJe2Vg(e7(mc7(E%3DhVJTSm%3DhXu*UVcS%3DzVnwam27nS%3DzHVc2ee2(7wA)7nS%3DHu6U*zUzVcgmmea7wA)7nS%3DVS2w2Jw2S7wA)7nS%3DVEn2sATnenwa%3DhXkUVmlc%3DzVAJ7wam2%3DzVASTed%3DHu6U*zUzVAim%3DzVl)TnS%3DhX~hhVT_e(%3DhXhzhVcgnS%3D.jYqYfbkHut3dI_P5O3B71L6eClVSwJ%3D2Acw7cJVSii72(mi%3D_Aec2VSii%3DZA(ilPaVTSmJAmS%3DhVSAe)%3DS2_AgewVclTm%3DVynS%3DjWF5mgT5~Uu~zhK*h66kH~HKVZwie%3DzVSJgw%3DK6VSl)T%3Dh5zV2Jm7gc2S%3D8h6V2Jm7mh6%3DhXKhkhuh6zKzh~HkkV2Jm7mzh%3DzXhhHHkukukKu6Hk~zV2Jm7mz6%3DzXuuk*~zHK*~z*KhKuV2Jm7m*h%3DzXK*~KK6*UzhuKk~z6V2Jm7m*6%3DzX~Uuz6z*Kh6UhH*k*V2Jm7muh%3D*X*UHhhK6h*h6hK*~UV2Jm7mu6%3D*X6K6KkKHhUU~K*zHuV2Jm7mUh%3D*Xk~~h*HK*U**6z~HV2Jm7mU6%3DuX*6khKuzU~~kuh6KV2Jm7m6h%3DuXKUKHh66kUuHUHu6V2Jm7m66%3DUXzhhh*~K~K~hHkHV2Jm7mKh%3DUXHzUUUu*Kzu6zHk~V2Jm7mK6%3D6XuKHu*u*zh~ukH~KV2Jm7mHh%3DKX*h*HUk6UH*u~~KHV2Jm7mH6%3DHX*H**zuhk*zUH6UUV2Jm7mkh%3DkXkhuhzKuhHu*UzUKV2Jm7mk6%3DzzXz*zH66Hh6uz66~kV2Jm7m~h%3Dz6Xu6~Ukk~*Uz*~~*6V2Jm7m~6%3D*HXKkhkuUuU6*HuHukV2Jm7m~~%3D~UXKzhKkh~zH~uu**VnTJ%3DzVPcv%3DUVw)c%3D*6hy*6h%7Cuhhy*6h%7Cu*hyzhh%7CuuKy*khVTcT%3DhVTcm%3DhVwiy%3D*zK&PwE=h&iii=AC.k.)~UUAae6bn5AQC(_C5kkgE1Ugd)(nCPljJiHDd%3D&ns=uuK&nPL_(=z&TS(LS=UKh&TnS=uU~~6K&iJ_=HK6~*&aScm(=z&TA2=-y2)vvAfyy&dAwm(2=z&JASliAnP=wv35Z0Je505NqZfU*5gg_SP6DFZ*n.hfK8Su*aULqJxbDNx7daxlv)%3D%3D&amem=z&ncnS=6&ASE=LPE2cwl(%20MlJgc&cciJ(7E2(=6&m)nS=mhz~66*UHzU6w*h*uz*zUzuhz&cceS=%7B%22ccnm%22%3A%22*Kh*%3A__Jk%3Ahhh*%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22ccJJ%22%3A%22Oq%22%2C%22cccJ%22%3A%22f1%22%2C%22ccJwa%22%3A%22Tg__Ael%22%7D&Zwiec(J=z&sflct=6211125&wJ_7Jim=z&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.112.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-112-22.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2c5a81cb140acc1db33db1e292912d4506b6413c6e522d68803eb9ac900442fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3434&&kkdd=*H%7C3%7CAH9n*&En=zHh*66kkHHk6U*Uz~hk&)Sm(=h&icmA=h&JSE=zzuh&wcJ2=0uUH&JnS=k.OH!HHzY&JmJS=!J8)ly-g7tY-az775((tJs%3D%3D&J(nS=UH6KUKuuk&cnv2=uuKy*kh&JJ=Oq&cJ=L0&JZPi=Nj3CDf1&mnS=kpD3Ub4Hf&wmnS=9t6UKq~&Zwwmc=z&(((=wv35Z0Je505HYSxCsUqt7_tJ3bBh4lC5!0Z4lSlx.guITtlJDIi.UQm(9hfOsK!b&Pc2=6&es=z&g)S=U&ASwz=k.OO~tMkN&ASw*=zzK*zzh~z&TSAwA=cS*%3DPgeeVng(e7e%3DzhVl)2(mi%3DhX~VSli7T%3DhX6uVcJS%3DPaV(A2%3Dh%2ChVSli7e%3D*hVEe*(7cS%3D*h*uz*zUhuVng(e7T%3DHu6XU6Vg(e7wdJ%3DhVg(e7(*A7T%3DhVcwS%3DHu6U*zUzViP7T2Z7Tllcw%3DhXk~V(Aw%3DhXhhh%2ChVnm%3Dz~tU9pATm.dxnzE.LTO6v*V_TT%3DzUVTZ7ni%3DukV(nnmgA%3D6H%2C6HV(J%3DzV(ncgnS%3Dh%2ChV(mc7cS%3D*h*uz*zUhKV(ASE%3DhXhhh%2ChVg(e7T%3DzXz6VEe*(7g(e7T%3DhVg(e7e%3DzhVceE%3D*uXK*V)JAw%3D5zhVTT%3Dz~KV2(mi%3DhX~VEe*(7g(e7dJ%3DhYhVmcn7J%3D~%2Cu%2Ch%2Ch%2Ch%2Ch%2Ch%2ChVTi%3DzVmcn7S%3DU~~*V(d2%3Dh%2ChVAum7T%3DzuX*u%2CzhuXUkVcS%3DzVgnS%3D*LAQip!--ZebTUqJeNVJEe*(7T%3DUX*KVTwS%3D**u~kzuuKU~u6uz~6~kk6U~6*6~z*zuH6uzHH~*~uKzzhK6*kK*zk~kukz~HKUz6hKuHU6HkzzUH66zzHKu*uHHzuHk6uUkhh~6uuUUVgni%3DhV(dw%3DhXhhh%2ChVl)S*m7T%3DhX~kVcc%3DfjVJJ%3DOqVdT7Se%3DmwVgns%3D5zVJ2%3DhV(JE%3DUzXHzV.L%3DuhKzVdT7gJ%3DzVPwc%3DUVdT7ge%3DmwVdT7JJdc%3DhVJw%3DTg__AelVTcc7B94%3Dfj%2CfjVTAcnc*%3Dz~KVTAcncz%3Dz~KVdT7ww%3DhVTZ7cS%3D*h*uz*zUhzVSJ%3DkVEe*(7T%3DzuX*uVww%3DU~~zVEs72yJ%3DhXkUVEnc7cS%3Duu~Vg(e7(mc7T%3DzUXzzVTZ7Jl%3DhVSJ*%3DzVE7AcP%3D*h*HkVCp%3DXocAe2XoVeAcw%3DVJEl)%3DUX*KVEnc7g(e7T%3DhX6VEe*(7n7cS%3D*h*uz*zu*uVEnc7g(e7e%3DhV2w%3D*kVEe*(7n7T%3DhXh6VEnc7T%3DHu*XhKVEe*(7g(e7En%3DzY5zKVg(e7wEn%3DhVEE%3DhVJEe*(7cS%3Duu~V(_E%3DUzXHzVe*(7T%3DzhhhV(ASm%3DhXhhh%2ChVcnS%3DUH6KUKuukVg(e7(mc7dJ%3DhVdT7c(J%3DdTTVEsg%3DhXkUVS*m7e%3DzhVJEe*%3DUX*KVumJ_%3D~~~XuHVl)7icZ%3DhXuKVSii7cw()%3DZA(ilPaVS*m7T%3DhX~~V(mc7T%3DzhuXUkVg(e7c(mc7T%3DzUXzV(dsm%3DhXhhh%2ChVCp*%3DXocAe2XoV(dsS%3DhXhhh%2ChVnc32_%3DhVpM%3DhVncn_%3DhVg(e7(mJ7T%3DhVTnS%3DhX~VdT7mw%3Dj(wnJe2Vg(e7(mc7(E%3DhVJTSm%3DhXu*UVcS%3DzVnwam27nS%3DzHVc2ee2(7wA)7nS%3DHu6U*zUzVcgmmea7wA)7nS%3DVS2w2Jw2S7wA)7nS%3DVEn2sATnenwa%3DhXkUVmlc%3DzVAJ7wam2%3DzVASTed%3DHu6U*zUzVAim%3DzVl)TnS%3DhX~hhVT_e(%3DhXhzhVcgnS%3D.jYqYfbkHut3dI_P5O3B71L6eClVSwJ%3D2Acw7cJVSii72(mi%3D_Aec2VSii%3DZA(ilPaVTSmJAmS%3DhVSAe)%3DS2_AgewVclTm%3DVynS%3DjWF5mgT5~Uu~zhK*h66kH~HKVZwie%3DzVSJgw%3DK6VSl)T%3Dh5zV2Jm7gc2S%3D8h6V2Jm7mh6%3DhXKhkhuh6zKzh~HkkV2Jm7mzh%3DzXhhHHkukukKu6Hk~zV2Jm7mz6%3DzXuuk*~zHK*~z*KhKuV2Jm7m*h%3DzXK*~KK6*UzhuKk~z6V2Jm7m*6%3DzX~Uuz6z*Kh6UhH*k*V2Jm7muh%3D*X*UHhhK6h*h6hK*~UV2Jm7mu6%3D*X6K6KkKHhUU~K*zHuV2Jm7mUh%3D*Xk~~h*HK*U**6z~HV2Jm7mU6%3DuX*6khKuzU~~kuh6KV2Jm7m6h%3DuXKUKHh66kUuHUHu6V2Jm7m66%3DUXzhhh*~K~K~hHkHV2Jm7mKh%3DUXHzUUUu*Kzu6zHk~V2Jm7mK6%3D6XuKHu*u*zh~ukH~KV2Jm7mHh%3DKX*h*HUk6UH*u~~KHV2Jm7mH6%3DHX*H**zuhk*zUH6UUV2Jm7mkh%3DkXkhuhzKuhHu*UzUKV2Jm7mk6%3DzzXz*zH66Hh6uz66~kV2Jm7m~h%3Dz6Xu6~Ukk~*Uz*~~*6V2Jm7m~6%3D*HXKkhkuUuU6*HuHukV2Jm7m~~%3D~UXKzhKkh~zH~uu**VnTJ%3DzVPcv%3DUVw)c%3D*6hy*6h%7Cuhhy*6h%7Cu*hyzhh%7CuuKy*khVTcT%3DhVTcm%3DhVwiy%3D*zK&PwE=h&iii=AC.k.)~UUAae6bn5AQC(_C5kkgE1Ugd)(nCPljJiHDd%3D&ns=uuK&nPL_(=z&TS(LS=UKh&TnS=uU~~6K&iJ_=HK6~*&aScm(=z&TA2=-y2)vvAfyy&dAwm(2=z&JASliAnP=wv35Z0Je505NqZfU*5gg_SP6DFZ*n.hfK8Su*aULqJxbDNx7daxlv)%3D%3D&amem=z&ncnS=6&ASE=LPE2cwl(%20MlJgc&cciJ(7E2(=6&m)nS=mhz~66*UHzU6w*h*uz*zUzuhz&cceS=%7B%22ccnm%22%3A%22*Kh*%3A__Jk%3Ahhh*%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22ccJJ%22%3A%22Oq%22%2C%22cccJ%22%3A%22f1%22%2C%22ccJwa%22%3A%22Tg__Ael%22%7D&Zwiec(J=z&sflct=6211125&wJ_7Jim=z&ure=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:18 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 21 May 2022 15:20:52 GMT
server
nginx
etag
"62890354-3d0b"
content-type
image/jpeg
accept-ranges
bytes
content-length
15627
truncated
/ Frame 9C08 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9C08 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
OpenSans_Bold.woff
contextual.media.net/__media__/fonts/OpenSans_Bold/ Frame 9C08 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/OpenSans_Bold/OpenSans_Bold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3434&&kkdd=*H%7C3%7CAH9n*&En=zHh*66kkHHk6U*Uz~hk&)Sm(=h&icmA=h&JSE=zzuh&wcJ2=0uUH&JnS=k.OH!HHzY&JmJS=!J8)ly-g7tY-az775((tJs%3D%3D&J(nS=UH6KUKuuk&cnv2=uuKy*kh&JJ=Oq&cJ=L0&JZPi=Nj3CDf1&mnS=kpD3Ub4Hf&wmnS=9t6UKq~&Zwwmc=z&(((=wv35Z0Je505HYSxCsUqt7_tJ3bBh4lC5!0Z4lSlx.guITtlJDIi.UQm(9hfOsK!b&Pc2=6&es=z&g)S=U&ASwz=k.OO~tMkN&ASw*=zzK*zzh~z&TSAwA=cS*%3DPgeeVng(e7e%3DzhVl)2(mi%3DhX~VSli7T%3DhX6uVcJS%3DPaV(A2%3Dh%2ChVSli7e%3D*hVEe*(7cS%3D*h*uz*zUhuVng(e7T%3DHu6XU6Vg(e7wdJ%3DhVg(e7(*A7T%3DhVcwS%3DHu6U*zUzViP7T2Z7Tllcw%3DhXk~V(Aw%3DhXhhh%2ChVnm%3Dz~tU9pATm.dxnzE.LTO6v*V_TT%3DzUVTZ7ni%3DukV(nnmgA%3D6H%2C6HV(J%3DzV(ncgnS%3Dh%2ChV(mc7cS%3D*h*uz*zUhKV(ASE%3DhXhhh%2ChVg(e7T%3DzXz6VEe*(7g(e7T%3DhVg(e7e%3DzhVceE%3D*uXK*V)JAw%3D5zhVTT%3Dz~KV2(mi%3DhX~VEe*(7g(e7dJ%3DhYhVmcn7J%3D~%2Cu%2Ch%2Ch%2Ch%2Ch%2Ch%2ChVTi%3DzVmcn7S%3DU~~*V(d2%3Dh%2ChVAum7T%3DzuX*u%2CzhuXUkVcS%3DzVgnS%3D*LAQip!--ZebTUqJeNVJEe*(7T%3DUX*KVTwS%3D**u~kzuuKU~u6uz~6~kk6U~6*6~z*zuH6uzHH~*~uKzzhK6*kK*zk~kukz~HKUz6hKuHU6HkzzUH66zzHKu*uHHzuHk6uUkhh~6uuUUVgni%3DhV(dw%3DhXhhh%2ChVl)S*m7T%3DhX~kVcc%3DfjVJJ%3DOqVdT7Se%3DmwVgns%3D5zVJ2%3DhV(JE%3DUzXHzV.L%3DuhKzVdT7gJ%3DzVPwc%3DUVdT7ge%3DmwVdT7JJdc%3DhVJw%3DTg__AelVTcc7B94%3Dfj%2CfjVTAcnc*%3Dz~KVTAcncz%3Dz~KVdT7ww%3DhVTZ7cS%3D*h*uz*zUhzVSJ%3DkVEe*(7T%3DzuX*uVww%3DU~~zVEs72yJ%3DhXkUVEnc7cS%3Duu~Vg(e7(mc7T%3DzUXzzVTZ7Jl%3DhVSJ*%3DzVE7AcP%3D*h*HkVCp%3DXocAe2XoVeAcw%3DVJEl)%3DUX*KVEnc7g(e7T%3DhX6VEe*(7n7cS%3D*h*uz*zu*uVEnc7g(e7e%3DhV2w%3D*kVEe*(7n7T%3DhXh6VEnc7T%3DHu*XhKVEe*(7g(e7En%3DzY5zKVg(e7wEn%3DhVEE%3DhVJEe*(7cS%3Duu~V(_E%3DUzXHzVe*(7T%3DzhhhV(ASm%3DhXhhh%2ChVcnS%3DUH6KUKuukVg(e7(mc7dJ%3DhVdT7c(J%3DdTTVEsg%3DhXkUVS*m7e%3DzhVJEe*%3DUX*KVumJ_%3D~~~XuHVl)7icZ%3DhXuKVSii7cw()%3DZA(ilPaVS*m7T%3DhX~~V(mc7T%3DzhuXUkVg(e7c(mc7T%3DzUXzV(dsm%3DhXhhh%2ChVCp*%3DXocAe2XoV(dsS%3DhXhhh%2ChVnc32_%3DhVpM%3DhVncn_%3DhVg(e7(mJ7T%3DhVTnS%3DhX~VdT7mw%3Dj(wnJe2Vg(e7(mc7(E%3DhVJTSm%3DhXu*UVcS%3DzVnwam27nS%3DzHVc2ee2(7wA)7nS%3DHu6U*zUzVcgmmea7wA)7nS%3DVS2w2Jw2S7wA)7nS%3DVEn2sATnenwa%3DhXkUVmlc%3DzVAJ7wam2%3DzVASTed%3DHu6U*zUzVAim%3DzVl)TnS%3DhX~hhVT_e(%3DhXhzhVcgnS%3D.jYqYfbkHut3dI_P5O3B71L6eClVSwJ%3D2Acw7cJVSii72(mi%3D_Aec2VSii%3DZA(ilPaVTSmJAmS%3DhVSAe)%3DS2_AgewVclTm%3DVynS%3DjWF5mgT5~Uu~zhK*h66kH~HKVZwie%3DzVSJgw%3DK6VSl)T%3Dh5zV2Jm7gc2S%3D8h6V2Jm7mh6%3DhXKhkhuh6zKzh~HkkV2Jm7mzh%3DzXhhHHkukukKu6Hk~zV2Jm7mz6%3DzXuuk*~zHK*~z*KhKuV2Jm7m*h%3DzXK*~KK6*UzhuKk~z6V2Jm7m*6%3DzX~Uuz6z*Kh6UhH*k*V2Jm7muh%3D*X*UHhhK6h*h6hK*~UV2Jm7mu6%3D*X6K6KkKHhUU~K*zHuV2Jm7mUh%3D*Xk~~h*HK*U**6z~HV2Jm7mU6%3DuX*6khKuzU~~kuh6KV2Jm7m6h%3DuXKUKHh66kUuHUHu6V2Jm7m66%3DUXzhhh*~K~K~hHkHV2Jm7mKh%3DUXHzUUUu*Kzu6zHk~V2Jm7mK6%3D6XuKHu*u*zh~ukH~KV2Jm7mHh%3DKX*h*HUk6UH*u~~KHV2Jm7mH6%3DHX*H**zuhk*zUH6UUV2Jm7mkh%3DkXkhuhzKuhHu*UzUKV2Jm7mk6%3DzzXz*zH66Hh6uz66~kV2Jm7m~h%3Dz6Xu6~Ukk~*Uz*~~*6V2Jm7m~6%3D*HXKkhkuUuU6*HuHukV2Jm7m~~%3D~UXKzhKkh~zH~uu**VnTJ%3DzVPcv%3DUVw)c%3D*6hy*6h%7Cuhhy*6h%7Cu*hyzhh%7CuuKy*khVTcT%3DhVTcm%3DhVwiy%3D*zK&PwE=h&iii=AC.k.)~UUAae6bn5AQC(_C5kkgE1Ugd)(nCPljJiHDd%3D&ns=uuK&nPL_(=z&TS(LS=UKh&TnS=uU~~6K&iJ_=HK6~*&aScm(=z&TA2=-y2)vvAfyy&dAwm(2=z&JASliAnP=wv35Z0Je505NqZfU*5gg_SP6DFZ*n.hfK8Su*aULqJxbDNx7daxlv)%3D%3D&amem=z&ncnS=6&ASE=LPE2cwl(%20MlJgc&cciJ(7E2(=6&m)nS=mhz~66*UHzU6w*h*uz*zUzuhz&cceS=%7B%22ccnm%22%3A%22*Kh*%3A__Jk%3Ahhh*%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22ccJJ%22%3A%22Oq%22%2C%22cccJ%22%3A%22f1%22%2C%22ccJwa%22%3A%22Tg__Ael%22%7D&Zwiec(J=z&sflct=6211125&wJ_7Jim=z&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.112.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-112-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3434&&kkdd=*H%7C3%7CAH9n*&En=zHh*66kkHHk6U*Uz~hk&)Sm(=h&icmA=h&JSE=zzuh&wcJ2=0uUH&JnS=k.OH!HHzY&JmJS=!J8)ly-g7tY-az775((tJs%3D%3D&J(nS=UH6KUKuuk&cnv2=uuKy*kh&JJ=Oq&cJ=L0&JZPi=Nj3CDf1&mnS=kpD3Ub4Hf&wmnS=9t6UKq~&Zwwmc=z&(((=wv35Z0Je505HYSxCsUqt7_tJ3bBh4lC5!0Z4lSlx.guITtlJDIi.UQm(9hfOsK!b&Pc2=6&es=z&g)S=U&ASwz=k.OO~tMkN&ASw*=zzK*zzh~z&TSAwA=cS*%3DPgeeVng(e7e%3DzhVl)2(mi%3DhX~VSli7T%3DhX6uVcJS%3DPaV(A2%3Dh%2ChVSli7e%3D*hVEe*(7cS%3D*h*uz*zUhuVng(e7T%3DHu6XU6Vg(e7wdJ%3DhVg(e7(*A7T%3DhVcwS%3DHu6U*zUzViP7T2Z7Tllcw%3DhXk~V(Aw%3DhXhhh%2ChVnm%3Dz~tU9pATm.dxnzE.LTO6v*V_TT%3DzUVTZ7ni%3DukV(nnmgA%3D6H%2C6HV(J%3DzV(ncgnS%3Dh%2ChV(mc7cS%3D*h*uz*zUhKV(ASE%3DhXhhh%2ChVg(e7T%3DzXz6VEe*(7g(e7T%3DhVg(e7e%3DzhVceE%3D*uXK*V)JAw%3D5zhVTT%3Dz~KV2(mi%3DhX~VEe*(7g(e7dJ%3DhYhVmcn7J%3D~%2Cu%2Ch%2Ch%2Ch%2Ch%2Ch%2ChVTi%3DzVmcn7S%3DU~~*V(d2%3Dh%2ChVAum7T%3DzuX*u%2CzhuXUkVcS%3DzVgnS%3D*LAQip!--ZebTUqJeNVJEe*(7T%3DUX*KVTwS%3D**u~kzuuKU~u6uz~6~kk6U~6*6~z*zuH6uzHH~*~uKzzhK6*kK*zk~kukz~HKUz6hKuHU6HkzzUH66zzHKu*uHHzuHk6uUkhh~6uuUUVgni%3DhV(dw%3DhXhhh%2ChVl)S*m7T%3DhX~kVcc%3DfjVJJ%3DOqVdT7Se%3DmwVgns%3D5zVJ2%3DhV(JE%3DUzXHzV.L%3DuhKzVdT7gJ%3DzVPwc%3DUVdT7ge%3DmwVdT7JJdc%3DhVJw%3DTg__AelVTcc7B94%3Dfj%2CfjVTAcnc*%3Dz~KVTAcncz%3Dz~KVdT7ww%3DhVTZ7cS%3D*h*uz*zUhzVSJ%3DkVEe*(7T%3DzuX*uVww%3DU~~zVEs72yJ%3DhXkUVEnc7cS%3Duu~Vg(e7(mc7T%3DzUXzzVTZ7Jl%3DhVSJ*%3DzVE7AcP%3D*h*HkVCp%3DXocAe2XoVeAcw%3DVJEl)%3DUX*KVEnc7g(e7T%3DhX6VEe*(7n7cS%3D*h*uz*zu*uVEnc7g(e7e%3DhV2w%3D*kVEe*(7n7T%3DhXh6VEnc7T%3DHu*XhKVEe*(7g(e7En%3DzY5zKVg(e7wEn%3DhVEE%3DhVJEe*(7cS%3Duu~V(_E%3DUzXHzVe*(7T%3DzhhhV(ASm%3DhXhhh%2ChVcnS%3DUH6KUKuukVg(e7(mc7dJ%3DhVdT7c(J%3DdTTVEsg%3DhXkUVS*m7e%3DzhVJEe*%3DUX*KVumJ_%3D~~~XuHVl)7icZ%3DhXuKVSii7cw()%3DZA(ilPaVS*m7T%3DhX~~V(mc7T%3DzhuXUkVg(e7c(mc7T%3DzUXzV(dsm%3DhXhhh%2ChVCp*%3DXocAe2XoV(dsS%3DhXhhh%2ChVnc32_%3DhVpM%3DhVncn_%3DhVg(e7(mJ7T%3DhVTnS%3DhX~VdT7mw%3Dj(wnJe2Vg(e7(mc7(E%3DhVJTSm%3DhXu*UVcS%3DzVnwam27nS%3DzHVc2ee2(7wA)7nS%3DHu6U*zUzVcgmmea7wA)7nS%3DVS2w2Jw2S7wA)7nS%3DVEn2sATnenwa%3DhXkUVmlc%3DzVAJ7wam2%3DzVASTed%3DHu6U*zUzVAim%3DzVl)TnS%3DhX~hhVT_e(%3DhXhzhVcgnS%3D.jYqYfbkHut3dI_P5O3B71L6eClVSwJ%3D2Acw7cJVSii72(mi%3D_Aec2VSii%3DZA(ilPaVTSmJAmS%3DhVSAe)%3DS2_AgewVclTm%3DVynS%3DjWF5mgT5~Uu~zhK*h66kH~HKVZwie%3DzVSJgw%3DK6VSl)T%3Dh5zV2Jm7gc2S%3D8h6V2Jm7mh6%3DhXKhkhuh6zKzh~HkkV2Jm7mzh%3DzXhhHHkukukKu6Hk~zV2Jm7mz6%3DzXuuk*~zHK*~z*KhKuV2Jm7m*h%3DzXK*~KK6*UzhuKk~z6V2Jm7m*6%3DzX~Uuz6z*Kh6UhH*k*V2Jm7muh%3D*X*UHhhK6h*h6hK*~UV2Jm7mu6%3D*X6K6KkKHhUU~K*zHuV2Jm7mUh%3D*Xk~~h*HK*U**6z~HV2Jm7mU6%3DuX*6khKuzU~~kuh6KV2Jm7m6h%3DuXKUKHh66kUuHUHu6V2Jm7m66%3DUXzhhh*~K~K~hHkHV2Jm7mKh%3DUXHzUUUu*Kzu6zHk~V2Jm7mK6%3D6XuKHu*u*zh~ukH~KV2Jm7mHh%3DKX*h*HUk6UH*u~~KHV2Jm7mH6%3DHX*H**zuhk*zUH6UUV2Jm7mkh%3DkXkhuhzKuhHu*UzUKV2Jm7mk6%3DzzXz*zH66Hh6uz66~kV2Jm7m~h%3Dz6Xu6~Ukk~*Uz*~~*6V2Jm7m~6%3D*HXKkhkuUuU6*HuHukV2Jm7m~~%3D~UXKzhKkh~zH~uu**VnTJ%3DzVPcv%3DUVw)c%3D*6hy*6h%7Cuhhy*6h%7Cu*hyzhh%7CuuKy*khVTcT%3DhVTcm%3DhVwiy%3D*zK&PwE=h&iii=AC.k.)~UUAae6bn5AQC(_C5kkgE1Ugd)(nCPljJiHDd%3D&ns=uuK&nPL_(=z&TS(LS=UKh&TnS=uU~~6K&iJ_=HK6~*&aScm(=z&TA2=-y2)vvAfyy&dAwm(2=z&JASliAnP=wv35Z0Je505NqZfU*5gg_SP6DFZ*n.hfK8Su*aULqJxbDNx7daxlv)%3D%3D&amem=z&ncnS=6&ASE=LPE2cwl(%20MlJgc&cciJ(7E2(=6&m)nS=mhz~66*UHzU6w*h*uz*zUzuhz&cceS=%7B%22ccnm%22%3A%22*Kh*%3A__Jk%3Ahhh*%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22ccJJ%22%3A%22Oq%22%2C%22cccJ%22%3A%22f1%22%2C%22ccJwa%22%3A%22Tg__Ael%22%7D&Zwiec(J=z&sflct=6211125&wJ_7Jim=z&ure=1
Origin
https://contextual.media.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:01:18 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
25720
expires
Fri, 15 Dec 2023 13:01:18 GMT
bql.php
lg3.media.net/ Frame 9C08 		15 B
178 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=6669&&vgd_canary=0&vgd_l2type=scs_newfl&fp=xGJTLtCqN9TAwF7DaZ1NB5pzaGiFZFh6uiWbSL9LHBHlBSPRnof0L7LFGZE1URhdmfoxW8XEHtZpN8gOc6a3KEJMMLSTInTsl2LS3tI4-lKj1eXSoJQmpKYShKhGVkmQAkv655cYm8_YZfbusWmWpPN3u1xLazF295JS19-a8Ow%3D&cme=Hrh4FBD26HKTpJ-KNHVhXsMCWkvkqLRTZhbZUMce_DROTVBvM_bKf1Yb85Bv9DY9yyyyv8AxjX2jESW_zoXKZohE6qhkcTf6JG1-QwhyFfMlmEUtlO9NTzoJOYKPor9Hpu_rc8bWKcqwxFgoVgnyGJn35rWsAzxYWL4SUehUdeE1jbEfbNjWOzclhJCcI6lcDs5EhlgRBxQ6Ygkk_wS9Xcb2ShpyqbyNPqIGp4cfPAU%3D%7C%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CJwgYdc1KQkFA0AkMtcoUY9olDV92JfOo%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD7Wy4ZhdQDhnd3MSpHciquNEUvtQX6xuk9HtwKr231Tt7v2aEXyA8B5RgwgBZkz7-M%3D%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7CoOSjRjCfg2iX8raQ4dFx7CtkKG2TeM49Yuh1EnCCQrSB44fufwyIOk7YPv-6AxxwUhAJpa3l2sgulg41kL4gKUWuIkFYLAEO21kHKmeYl9KkyvguJoHIrq7a6Y5M8FpJOaHkpoyYR_D5BWfNndEcVrpWw82cJSL-A2PX9vh7K1k4K56NbTnvkvLU8WYW5N-uVEoRORQxCikC5EkgnKK-7FQ0PEt8_wIFsL_9kQlP_hm8O7mXOrf6WogUWKsK_dUISVHHZPWijkhaHgmjSL5w2IiDDp_OdkV0cofylhnze1DHQrtwWy0fqQ%3D%3D%7C&subBdr=196&bdrid=460&ksu=224&fdkt=475&vgde_kbbh=ffoyxQJuO&kwd[]=Cars+for+%241500+Near+Me&kwt[]=475&kbc[]=a8c108effc9a3a91a640caceff019e2b.d2s&kwp[]=1&kid[]=329961520&kbc2[]=eset%3D1%7Ce_st%3D37%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0004%7C8%3D121323%7C13%3D0.2438%7C14%3D121408%7Cokt%3D475%7Cbdkt%3D475%7Cir%3D1%7Ciid%3D2994309%7Cps%3D0.888%7C1%3D4.81%7C2%3D9.59&ktd[]=4503875327758592&kwd[]=%24900+Cars+for+Sale&kwt[]=475&kbc[]=a8c108effc9a3a91a640caceff019e2b.d2s&kwp[]=2&kid[]=329969988&kbc2[]=eset%3D1%7Ce_st%3D37%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0005%7C8%3D121323%7C13%3D0.1908%7C14%3D121408%7Cokt%3D475%7Cbdkt%3D475%7Cir%3D1%7Ciid%3D3157463%7Cps%3D0.888%7C1%3D2.56%7C2%3D6.64&ktd[]=4503875327758592&kwd[]=Bank+Repo+Cars+for+Sale&kwt[]=475&kbc[]=a8c108effc9a3a91a640caceff019e2b.d2s&kwp[]=3&kid[]=322142811&kbc2[]=eset%3D1%7Ce_st%3D37%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0006%7C8%3D121323%7C13%3D0.1630%7C14%3D121408%7Cokt%3D475%7Cbdkt%3D475%7Cir%3D1%7Ciid%3D6731866%7Cps%3D0.888%7C1%3D2.17%7C2%3D4.20&ktd[]=4503875344535808&kwd[]=Impounded+Cars+for+Sale&kwt[]=475&kbc[]=a8c108effc9a3a91a640caceff019e2b.d2s&kwp[]=4&kid[]=14831061&kbc2[]=eset%3D1%7Ce_st%3D37%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0005%7C8%3D121323%7C13%3D0.1494%7C14%3D121408%7Cokt%3D475%7Cbdkt%3D475%7Cir%3D1%7Ciid%3D21775136%7Cps%3D0.888%7C1%3D2.69%7C2%3D5.13&ktd[]=275700388096&v=1&geo=43.12%7C-77.56&dlper=20&lper=100&lpid=&tsid=7&hint=&cc=US&wsip=170774599&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%22Gxkk1jm%22%2C%22QQ8E%22%3A%22fF9f%3AkkNW%3A999f%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQQN%22%3A%22I3%22%7D&cid=8CU7Q771E&vi=1702558877854241908&vsid=3455604766633856&tdAdd[]=asnum%3D20278&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0100&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=0&vgd_tsce=L347-S347&vgd_imdtl=1&vgd_l3_sc=IL&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=3000ca6a&vgd_nrrsf=scrr&vgd_cty=rochester&vgd_ifrmode=14&sttm=1702558877885&upk=1702558878.6459&hvsid=00001702558877885016112663388146&verid=3111299&sbdrId=196&vgd_vsidtv=000V10&tsrc=entity&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_l1rakh=1702558877172241915&vgd_ecrid=1700080807684000336028000059500&vgd_isiolc=1&kbbq=%26asn%3D20278&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=76592&vgd_vstrid=3455604766633856&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.i~OmYMGv9.XA~QNOvz5~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fAufuH9A~8xLjMGvhAX.HX~xLjM7UNv9~xLjMLf1MGv9~Q7OvhAXHfuHu~YzMGJwMGmmQ7v9.Wi~L17v9.999%2C9~8Evui6H_01GE%3DUd8ue%3DVGPXlf~kGGvuH~GwM8YvAW~L88Ex1vXh%2CXh~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fAufuH9F~L1Oev9.999%2C9~xLjMGvu.uX~ejfLMxLjMGv9~xLjMjvu9~QjevfA.Ff~yN17vou9~GGvuiF~JLEYv9.i~ejfLMxLjMUNv949~EQ8MNvi%2CA%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOvHiif~LUJv9%2C9~1AEMGvuA.fA%2Cu9A.HW~QOvu~x8OvfV1ZY0gRRwj%2FGHbNjq~NejfLMGvH.fF~G7OvffAiWuAAFHiAXAuiXiWWXHiXfXiufuAhXAuhhifiAFuu9FXfWFfuWiWAWuihFHuX9FAhHXhWuuHhXXuuhFAfAhhuAhWXAHW99iXAAHH~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~UGMOjvE7~x8Bvou~NJv9~LNevHu.hu~%3DVvA9Fu~UGMxNvu~z7QvH~UGMxjvE7~UGMNNUQv9~N7vGxkk1jm~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~UGM77v9~GwMQOvf9fAufuH9u~ONvW~ejfLMGvuA.fA~77vHiiu~eBMJ-Nv9.WH~e8QMQOvAAi~xLjMLEQMGvuH.uu~GwMNmv9~ONfvu~eM1Qzvf9fhW~c0v.*Q1jJ.*~j1Q7v~NemyvH.fF~e8QMxLjMGv9.X~ejfLM8MQOvf9fAufuAfA~e8QMxLjMjv9~J7vfW~ejfLM8MGv9.9X~e8QMGvhAf.9F~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvAAi~LkevHu.hu~jfLMGvu999~L1OEv9.999%2C9~Q8OvHhXFHFAAW~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.WH~OfEMjvu9~NejfvH.fF~AENkviii.Ah~myMYQwv9.AF~OYYMQ7Lyvw1LYmz5~OfEMGv9.ii~LEQMGvu9A.HW~xLjMQLEQMGvuH.u~LUBEv9.999%2C9~c0fv.*Q1jJ.*~LUBOv9.999%2C9~8QDJkv9~0sv9~8Q8kv9~xLjMLENMGv9~G8Ov9.i~UGME7vKL78NjJ~xLjMLEQMLev9~NGOEv9.AfH~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvhAXHfuHu~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.WH~EmQvu~1NM75EJvu~1OGjUvhAXHfuHu~1YEvu~myG8Ov9.i99~GkjLv9.9u9~Qx8Ov%3DK4b4I%2FWhA6DU2kzoPDCM3VXjcm~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~QmGEv~-8OvKrtoExGoiHAiu9Ff9XXWhihF~w7Yjvu~ONx7vFX~OmyGv9ou~JNEMxQJOv%209X~JNEME9Xv9.F9W9A9XuFu9ihWW~JNEMEu9vu.99hhWAWAWFAXhWiu~JNEMEuXvu.AAWfiuhFfiufF9FA~JNEMEf9vu.FfiFFXfHu9AFWiuX~JNEMEfXvu.iHAuXufF9XH9hfWf~JNEMEA9vf.fHh99FX9f9X9FfiH~JNEMEAXvf.XFXFWFh9HHiFfuhA~JNEMEH9vf.Wii9fhFfHffXuih~JNEMEHXvA.fXW9FAuHiiWA9XF~JNEMEX9vA.FHFh9XXWHAhHhAX~JNEMEXXvH.u999fiFiFi9hWh~JNEMEF9vH.huHHHAfFuAXuhWi~JNEMEFXvX.AFhAfAfu9iAWhiF~JNEMEh9vF.f9fhHWXHhfAiiFh~JNEMEhXvh.fhffuA9WfuHhXHH~JNEMEW9vW.W9A9uFA9hAfHuHF~JNEMEWXvuu.ufuhXXh9XAuXXiW~JNEMEi9vuX.AXiHWWifHufiifX~JNEMEiXvfh.FW9WAHAHXfhAhAW~JNEMEiiviH.Fu9FW9iuhiAAff~8GNvu~zQlvH~7yQvfX9-fX9%7CA99-fX9%7CAf9-u99%7CAAF-fW9~GQGv9~GQEv9~7Y-vfuF&vgd_bhv_kbb=1&vgd_cfud=230323&vgd_scsver=296&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=336_280&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=602&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1130&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=500&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A336%3Brend_h%3A280&vgd_uspa=0&vgd_sc=IL&vgd_l1rhst=contextual.media.net&hvsid=00001702558877885016112663388146&rc=0&rand=1702558878187&acid=db410402a2707ca4bbdeef518ece7d06&matm=1702558878187&vgd_ltimesrc=1&vgd_ltime=394&vgd_rtime=392&vgd_etm=8&vgd_l1hcsd=Ss1v0%7C8298&vgd_tcf_cmp=1&vgda_l1btm=%5B%22SPAMPXL%22%5D&vgd_l1ch=1&vgd_lhl=6895&vgd_pgid=p01955247145t202312141301&vgd_csip=rtb-appnexus-7dc74fbddc-sp848.SC&vgd_sbSup=1&vgd_vsidv=10&vgd_nrrs=37575&vgd_cntrdt=SF%7C37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com&vgd_eadm=1&vgd_matchstr=hr%3D0%7Cbcat%3Dod%2C16%2Cg%2Chb%7Ccsh%3D1&vgd_end=2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3434&&kkdd=*H%7C3%7CAH9n*&En=zHh*66kkHHk6U*Uz~hk&)Sm(=h&icmA=h&JSE=zzuh&wcJ2=0uUH&JnS=k.OH!HHzY&JmJS=!J8)ly-g7tY-az775((tJs%3D%3D&J(nS=UH6KUKuuk&cnv2=uuKy*kh&JJ=Oq&cJ=L0&JZPi=Nj3CDf1&mnS=kpD3Ub4Hf&wmnS=9t6UKq~&Zwwmc=z&(((=wv35Z0Je505HYSxCsUqt7_tJ3bBh4lC5!0Z4lSlx.guITtlJDIi.UQm(9hfOsK!b&Pc2=6&es=z&g)S=U&ASwz=k.OO~tMkN&ASw*=zzK*zzh~z&TSAwA=cS*%3DPgeeVng(e7e%3DzhVl)2(mi%3DhX~VSli7T%3DhX6uVcJS%3DPaV(A2%3Dh%2ChVSli7e%3D*hVEe*(7cS%3D*h*uz*zUhuVng(e7T%3DHu6XU6Vg(e7wdJ%3DhVg(e7(*A7T%3DhVcwS%3DHu6U*zUzViP7T2Z7Tllcw%3DhXk~V(Aw%3DhXhhh%2ChVnm%3Dz~tU9pATm.dxnzE.LTO6v*V_TT%3DzUVTZ7ni%3DukV(nnmgA%3D6H%2C6HV(J%3DzV(ncgnS%3Dh%2ChV(mc7cS%3D*h*uz*zUhKV(ASE%3DhXhhh%2ChVg(e7T%3DzXz6VEe*(7g(e7T%3DhVg(e7e%3DzhVceE%3D*uXK*V)JAw%3D5zhVTT%3Dz~KV2(mi%3DhX~VEe*(7g(e7dJ%3DhYhVmcn7J%3D~%2Cu%2Ch%2Ch%2Ch%2Ch%2Ch%2ChVTi%3DzVmcn7S%3DU~~*V(d2%3Dh%2ChVAum7T%3DzuX*u%2CzhuXUkVcS%3DzVgnS%3D*LAQip!--ZebTUqJeNVJEe*(7T%3DUX*KVTwS%3D**u~kzuuKU~u6uz~6~kk6U~6*6~z*zuH6uzHH~*~uKzzhK6*kK*zk~kukz~HKUz6hKuHU6HkzzUH66zzHKu*uHHzuHk6uUkhh~6uuUUVgni%3DhV(dw%3DhXhhh%2ChVl)S*m7T%3DhX~kVcc%3DfjVJJ%3DOqVdT7Se%3DmwVgns%3D5zVJ2%3DhV(JE%3DUzXHzV.L%3DuhKzVdT7gJ%3DzVPwc%3DUVdT7ge%3DmwVdT7JJdc%3DhVJw%3DTg__AelVTcc7B94%3Dfj%2CfjVTAcnc*%3Dz~KVTAcncz%3Dz~KVdT7ww%3DhVTZ7cS%3D*h*uz*zUhzVSJ%3DkVEe*(7T%3DzuX*uVww%3DU~~zVEs72yJ%3DhXkUVEnc7cS%3Duu~Vg(e7(mc7T%3DzUXzzVTZ7Jl%3DhVSJ*%3DzVE7AcP%3D*h*HkVCp%3DXocAe2XoVeAcw%3DVJEl)%3DUX*KVEnc7g(e7T%3DhX6VEe*(7n7cS%3D*h*uz*zu*uVEnc7g(e7e%3DhV2w%3D*kVEe*(7n7T%3DhXh6VEnc7T%3DHu*XhKVEe*(7g(e7En%3DzY5zKVg(e7wEn%3DhVEE%3DhVJEe*(7cS%3Duu~V(_E%3DUzXHzVe*(7T%3DzhhhV(ASm%3DhXhhh%2ChVcnS%3DUH6KUKuukVg(e7(mc7dJ%3DhVdT7c(J%3DdTTVEsg%3DhXkUVS*m7e%3DzhVJEe*%3DUX*KVumJ_%3D~~~XuHVl)7icZ%3DhXuKVSii7cw()%3DZA(ilPaVS*m7T%3DhX~~V(mc7T%3DzhuXUkVg(e7c(mc7T%3DzUXzV(dsm%3DhXhhh%2ChVCp*%3DXocAe2XoV(dsS%3DhXhhh%2ChVnc32_%3DhVpM%3DhVncn_%3DhVg(e7(mJ7T%3DhVTnS%3DhX~VdT7mw%3Dj(wnJe2Vg(e7(mc7(E%3DhVJTSm%3DhXu*UVcS%3DzVnwam27nS%3DzHVc2ee2(7wA)7nS%3DHu6U*zUzVcgmmea7wA)7nS%3DVS2w2Jw2S7wA)7nS%3DVEn2sATnenwa%3DhXkUVmlc%3DzVAJ7wam2%3DzVASTed%3DHu6U*zUzVAim%3DzVl)TnS%3DhX~hhVT_e(%3DhXhzhVcgnS%3D.jYqYfbkHut3dI_P5O3B71L6eClVSwJ%3D2Acw7cJVSii72(mi%3D_Aec2VSii%3DZA(ilPaVTSmJAmS%3DhVSAe)%3DS2_AgewVclTm%3DVynS%3DjWF5mgT5~Uu~zhK*h66kH~HKVZwie%3DzVSJgw%3DK6VSl)T%3Dh5zV2Jm7gc2S%3D8h6V2Jm7mh6%3DhXKhkhuh6zKzh~HkkV2Jm7mzh%3DzXhhHHkukukKu6Hk~zV2Jm7mz6%3DzXuuk*~zHK*~z*KhKuV2Jm7m*h%3DzXK*~KK6*UzhuKk~z6V2Jm7m*6%3DzX~Uuz6z*Kh6UhH*k*V2Jm7muh%3D*X*UHhhK6h*h6hK*~UV2Jm7mu6%3D*X6K6KkKHhUU~K*zHuV2Jm7mUh%3D*Xk~~h*HK*U**6z~HV2Jm7mU6%3DuX*6khKuzU~~kuh6KV2Jm7m6h%3DuXKUKHh66kUuHUHu6V2Jm7m66%3DUXzhhh*~K~K~hHkHV2Jm7mKh%3DUXHzUUUu*Kzu6zHk~V2Jm7mK6%3D6XuKHu*u*zh~ukH~KV2Jm7mHh%3DKX*h*HUk6UH*u~~KHV2Jm7mH6%3DHX*H**zuhk*zUH6UUV2Jm7mkh%3DkXkhuhzKuhHu*UzUKV2Jm7mk6%3DzzXz*zH66Hh6uz66~kV2Jm7m~h%3Dz6Xu6~Ukk~*Uz*~~*6V2Jm7m~6%3D*HXKkhkuUuU6*HuHukV2Jm7m~~%3D~UXKzhKkh~zH~uu**VnTJ%3DzVPcv%3DUVw)c%3D*6hy*6h%7Cuhhy*6h%7Cu*hyzhh%7CuuKy*khVTcT%3DhVTcm%3DhVwiy%3D*zK&PwE=h&iii=AC.k.)~UUAae6bn5AQC(_C5kkgE1Ugd)(nCPljJiHDd%3D&ns=uuK&nPL_(=z&TS(LS=UKh&TnS=uU~~6K&iJ_=HK6~*&aScm(=z&TA2=-y2)vvAfyy&dAwm(2=z&JASliAnP=wv35Z0Je505NqZfU*5gg_SP6DFZ*n.hfK8Su*aULqJxbDNx7daxlv)%3D%3D&amem=z&ncnS=6&ASE=LPE2cwl(%20MlJgc&cciJ(7E2(=6&m)nS=mhz~66*UHzU6w*h*uz*zUzuhz&cceS=%7B%22ccnm%22%3A%22*Kh*%3A__Jk%3Ahhh*%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22ccJJ%22%3A%22Oq%22%2C%22cccJ%22%3A%22f1%22%2C%22ccJwa%22%3A%22Tg__Ael%22%7D&Zwiec(J=z&sflct=6211125&wJ_7Jim=z&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.200.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-200-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 14 Dec 2023 13:01:18 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
content-length
15
expires
Thu, 14 Dec 2023 13:01:18 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7438 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssp7jXxnAY0v_aN3dvNH1LKYJpW0QKezXloixEh7ViinvTp0YEbOrWvW5xMv7KzG67L-BFZuqVgJxJfq9a3vZ8qGJnr2j19-YgEcgpkmi_N8_0klKvvX5KGU6JH6njGpsO8X7MC8Ou2hclF5qIi3D1Gh7ti&sai=AMfl-YSEXSweiH4Wbt37xxvlDWHNF3eyO9DVcW7aQn4oOOuIVQPaOqoN_Nwuem4wYXFdYGQwd5ZKwtaFRw2UfX_92iDl2f7NIiUonH6Te7kzwEM7dJNc8UPQON8GrmM&sig=Cg0ArKJSzIuVnzCiZ3-6EAE&cid=CAQSOwAvHhf_0G9KTMQOP-rDp_Fqqkd6i7DMSMrXBZBv5dQwsUrB-SLhiu5_GTGZym4mXWFZ97HHNtfY8hXEGAE&id=ampim&o=464,777&d=672,280&ss=1600,1200&bs=1600,1200&mcvt=1023&mtos=0,0,1023,1023,1023&tos=0,0,1023,0,0&tfs=116&tls=1139&g=51.07142925262451&h=100&tt=1139&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://seufinanciamento.99carsforsale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
hblg.media.net/ Frame 6CAA 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=AfIFMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwAQAQGRiNDEwNDAyYTI3MDdjYTRiYmRlZWY1MThlY2U3ZDA2pvbpbpgHBFVTRHNldWZpbmFuY2lhbWVudG8uOTljYXJzZm9yc2FsZS5jb20SOENVVTlKRjhIAA4zMzZ4MjgwDmVhc3Rfc2MEMjMGQURYEjhQUjExM0pHQw5CSURfQVBJAAACMEBydGItYXBwbmV4dXMtN2RjNzRmYmRkYy1zcDg0OC5TQz4xNzAwMDgwODA3Njg0MDAwMzM2MDI4MDAwMDU5NTAwAjAAIgAQRVhDSEFOR0UCAmQ&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.36.23 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-36-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:18 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 14 Dec 2023 13:01:18 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6CAA 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLHPKk5iicq2DodRqSfUYOTzAwPcvxOsenI1hOq0MatsrEPF70Sx_79fdGJyfuIqUB3lTXs3tOSE-bn0akEotOcUf7DCxJrl6dvxfl5rAAGp4FVNN8rKf8&sig=Cg0ArKJSzEyZmdcFTM12EAE&id=lidar2&mcvt=1000&p=305,632,589,968&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=73542141&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702558877752&rpt=603&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bqi.php
lg3.media.net/ Frame 6CAA 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=3333&lf=3&&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_tsce=L347&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_bid=349956&vgd_cdv=1130&vgd_cage=1&vgd_rensize=336_280&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.i~OmYMGv9.XA~QNOvz5~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fAufuH9A~8xLjMGvhAX.HX~xLjM7UNv9~xLjMLf1MGv9~Q7OvhAXHfuHu~YzMGJwMGmmQ7v9.Wi~L17v9.999%2C9~8Evui6H_01GE%3DUd8ue%3DVGPXlf~kGGvuH~GwM8YvAW~L88Ex1vXh%2CXh~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fAufuH9F~L1Oev9.999%2C9~xLjMGvu.uX~ejfLMxLjMGv9~xLjMjvu9~QjevfA.Ff~yN17vou9~GGvuiF~JLEYv9.i~ejfLMxLjMUNv949~EQ8MNvi%2CA%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOvHiif~LUJv9%2C9~1AEMGvuA.fA%2Cu9A.HW~QOvu~x8OvfV1ZY0gRRwj%2FGHbNjq~NejfLMGvH.fF~G7OvffAiWuAAFHiAXAuiXiWWXHiXfXiufuAhXAuhhifiAFuu9FXfWFfuWiWAWuihFHuX9FAhHXhWuuHhXXuuhFAfAhhuAhWXAHW99iXAAHH~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~UGMOjvE7~x8Bvou~NJv9~LNevHu.hu~%3DVvA9Fu~UGMxNvu~z7QvH~UGMxjvE7~UGMNNUQv9~N7vGxkk1jm~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~UGM77v9~GwMQOvf9fAufuH9u~ONvW~ejfLMGvuA.fA~77vHiiu~eBMJ-Nv9.WH~e8QMQOvAAi~xLjMLEQMGvuH.uu~GwMNmv9~ONfvu~eM1Qzvf9fhW~c0v.*Q1jJ.*~j1Q7v~NemyvH.fF~e8QMxLjMGv9.X~ejfLM8MQOvf9fAufuAfA~e8QMxLjMjv9~J7vfW~ejfLM8MGv9.9X~e8QMGvhAf.9F~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvAAi~LkevHu.hu~jfLMGvu999~L1OEv9.999%2C9~Q8OvHhXFHFAAW~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.WH~OfEMjvu9~NejfvH.fF~AENkviii.Ah~myMYQwv9.AF~OYYMQ7Lyvw1LYmz5~OfEMGv9.ii~LEQMGvu9A.HW~xLjMQLEQMGvuH.u~LUBEv9.999%2C9~c0fv.*Q1jJ.*~LUBOv9.999%2C9~8QDJkv9~0sv9~8Q8kv9~xLjMLENMGv9~G8Ov9.i~UGME7vKL78NjJ~xLjMLEQMLev9~NGOEv9.AfH~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvhAXHfuHu~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.WH~EmQvu~1NM75EJvu~1OGjUvhAXHfuHu~1YEvu~myG8Ov9.i99~GkjLv9.9u9~Qx8Ov%3DK4b4I%2FWhA6DU2kzoPDCM3VXjcm~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~QmGEv~-8OvKrtoExGoiHAiu9Ff9XXWhihF~w7Yjvu~ONx7vFX~OmyGv9ou~JNEMxQJOv%209X~JNEME9Xv9.F9W9A9XuFu9ihWW~JNEMEu9vu.99hhWAWAWFAXhWiu~JNEMEuXvu.AAWfiuhFfiufF9FA~JNEMEf9vu.FfiFFXfHu9AFWiuX~JNEMEfXvu.iHAuXufF9XH9hfWf~JNEMEA9vf.fHh99FX9f9X9FfiH~JNEMEAXvf.XFXFWFh9HHiFfuhA~JNEMEH9vf.Wii9fhFfHffXuih~JNEMEHXvA.fXW9FAuHiiWA9XF~JNEMEX9vA.FHFh9XXWHAhHhAX~JNEMEXXvH.u999fiFiFi9hWh~JNEMEF9vH.huHHHAfFuAXuhWi~JNEMEFXvX.AFhAfAfu9iAWhiF~JNEMEh9vF.f9fhHWXHhfAiiFh~JNEMEhXvh.fhffuA9WfuHhXHH~JNEMEW9vW.W9A9uFA9hAfHuHF~JNEMEWXvuu.ufuhXXh9XAuXXiW~JNEMEi9vuX.AXiHWWifHufiifX~JNEMEiXvfh.FW9WAHAHXfhAhAW~JNEMEiiviH.Fu9FW9iuhiAAff~8GNvu~zQlvH~7yQvfX9-fX9%7CA99-fX9%7CAf9-u99%7CAAF-fW9~GQGv9~GQEv9~7Y-vfuF&vgd_lbt=500&vgda_l1btm=%5B%22SPAMPXL%22%5D&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=475646338&rrr=tzR-hLcl-L-7EdjMw4SJ_fJcRVK0WoM-QLhWodojCu3ZbJocOZmC4GprT0NUw6QV&requrl=https%3A%2F%2Fseufinanciamento.99carsforsale.com%2F&vi=1702558877854241908&ugd=4&cc=US&sc=IL&bdrid=460&subBdr=196&startTime=1702558877881&l1ch=1&l1hcsd=l1!Ss1v0|8298&mmm=aMC8Cg944ayl5Vi-aGMrfM-88uvY4ukgriMnoAcm7Ok=&buid=349956&sttm=1702558877885&upk=1702558878.6459&hvsid=00001702558877885016112663388146&acid=db410402a2707ca4bbdeef518ece7d06&verid=3111299&vstrid=3455604766633856&vsidtv=000V10&infr=1&twna=1&dma=602&stime=1702558877805&tsrc=entity&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1702558877172241915&vgd_sc=IL&vgd_vsidv=10&vgd_ecrid=1700080807684000336028000059500&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p01955247145t202312141301&vgd_pgids=1&vgd_end=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.200.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-200-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 14 Dec 2023 13:01:19 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Thu, 14 Dec 2023 13:01:19 GMT
collect
analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-TJK4NSZXBW&gtm=45je3bt0v9135192634&_p=1702558874665&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=844009142.1702558875&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&sid=1702558874&sct=1&seg=0&dl=https%3A%2F%2Fseufinanciamento.99carsforsale.com%2F&dt=Como%20Solicitar%20o%20Financiamento%20de%20Ve%C3%ADculos%20Santander&_s=2&tfd=7476
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TJK4NSZXBW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::8a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://seufinanciamento.99carsforsale.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:01:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://seufinanciamento.99carsforsale.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture object| googletag string| idAnalytics string| PxGoogle string| idGoogle string| pixelCompletoGoogle string| NETWORK string| DOMAIN object| translations string| language string| adText function| createAdSlot function| addNoScriptPixelTag function| getUrlParameter string| tpx string| gpx string| fpx boolean| viewcontentFlg object| viewcontentAt boolean| unloadFlg object| unloadAt boolean| blurFlg object| blurAt boolean| visibilityFlg object| visibilityAt function| execPixel function| funcMonitor function| gtag function| gtag_report_conversion object| dataLayer object| sizeIds object| ggeac object| google_tag_data object| google_js_reporting_queue object| heatmap object| google_tag_manager object| GooglebQhCsO object| gaGlobal undefined| google_measure_js_timing object| google_reactive_ads_global_state object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NmRjZmYxZTEwYzZkNGIwYWxvYWRlcl9qcw== string| NmRjZmYxZTEwYzZkNGIwYWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady number| google_unique_id object| regeneratorRuntime object| ox_esp object| _33across function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| criteo_pubtag object| criteo_identitytag_145 object| Criteo object| Criteo_identitytag_145 object| GoogleGcLKhOms object| google_image_requests object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager number| google_srt object| _google_rum_ns_ undefined| google_rum_values boolean| 7e77b49d-8ec2-494a-a197-0c20fbe411a1

37 Cookies

Domain/Path Name / Value
seufinanciamento.99carsforsale.com/ Name: PHPSESSID
Value: 19f70154187120a32655ea46c10c1d3d
.99carsforsale.com/ Name: _gcl_au
Value: 1.1.398324879.1702558875
.99carsforsale.com/ Name: _ga
Value: GA1.1.844009142.1702558875
.99carsforsale.com/ Name: lotame_domain_check
Value: 99carsforsale.com
.openx.net/ Name: i
Value: 3116336b-67fc-4c51-a29b-9caf4d99e77f|1702558875
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 2560f7b739e77f03663610e63782c70a
.99carsforsale.com/ Name: _cc_id
Value: 2560f7b739e77f03663610e63782c70a
.99carsforsale.com/ Name: panoramaId_expiry
Value: 1702645275646
.openx.net/ Name: pd
Value: v2|1702558875|vMgavPkWgy
.adsrvr.org/ Name: TDID
Value: e49ecee8-9022-46aa-9731-ff577ddf19c1
.yahoo.com/ Name: A3
Value: d=AQABBJv8emUCEIpAyn07tmnxDfKL7WsjavwFEgEBAQFOfGWEZQAAAAAA_eMAAA&S=AQAAAmWMhEggxNPaUEjY8dSL2uA
.openx.net/ Name: univ_id
Value: 537072971|e49ecee8-9022-46aa-9731-ff577ddf19c1|1702558876030730
.amazon-adsystem.com/ Name: ad-id
Value: AwjHlS6KgENkpUQAQkp_jOg
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.doubleclick.net/ Name: DSID
Value: NO_DATA
.mediago.io/ Name: __mguid_
Value: f5ef61ca70076ecf288nbv00lq57lha2
.adnxs.com/ Name: uuid2
Value: 2258835454352092576
.tremorhub.com/ Name: tvid
Value: 19cd8cef46004d30a866e021631c5ac6
.tremorhub.com/ Name: tv_UIDF
Value: CAESEM5Bc0uMQxj79Z7RYJek3lE
.tremorhub.com/ Name: tvssa
Value: 1702558877146
.360yield.com/ Name: tuuid
Value: 3c954f9d-d4a6-4711-8de7-60d052290866
.360yield.com/ Name: tuuid_lu
Value: 1702558877
.dotomi.com/ Name: DotomiTest
Value: 3ce21414153e11fa
.media.net/ Name: data-g
Value: CAESEPK-jXUsMNYhKT1rLY4--aE~~6
.99carsforsale.com/ Name: FCNEC
Value: %5B%5B%22AKsRol9ZBpx53ZcV0PRhNMEyRAmUxrd9ggEihA6ZzOS9KjuUx7F8la5N7BvLT97MJADL3GC6XzCRZjX_1M603x48h5TrBX9iy_OLBOvlylUMnSY6K1ELr3JDQM4WnCt3UCWZcoGxqjVqLFS9PDlisaLyqgK1QCzuTg%3D%3D%22%5D%5D
.media.net/ Name: visitor-id
Value: 3455604766633856000V10
.doubleclick.net/ Name: IDE
Value: AHWqTUkVEa7cAiPUs0sRE42kJZ6JGaaf1cYzLWR91zj14nhz8qMZazmH9nmmSlH_n_M
.99carsforsale.com/ Name: __gads
Value: ID=2548fe2595f1214d:T=1702558875:RT=1702558875:S=ALNI_MacI_XETyIq9NakrV4CwPBSNsywPA
.99carsforsale.com/ Name: __gpi
Value: UID=00000da96ce1056f:T=1702558875:RT=1702558875:S=ALNI_Ma_Ssm5KxWzv092P_p-DgSpmbT8fg
.99carsforsale.com/ Name: _ga_TJK4NSZXBW
Value: GS1.1.1702558874.1.0.1702558877.57.0.0
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIxuuPtdmrvjwQBRgFIAIoAjILCPaG0M7vq748EAU4AQ..
.acuityplatform.com/ Name: auid
Value: 864656434753
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRhoNLE6EmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUYaDSxOhI90aGlyZFBhcnR5VXNlcklkWkNBRVNFTjRSaGp6ZlhZNHh2U3hrVHJhUmdDTfv7hnZlcnNpb27C+w=="
.zemanta.com/ Name: zuid
Value: 0uyQIunO_GT5hvH7hDbt
.quantserve.com/ Name: d
Value: EGYBCQHUKoEA
.quantserve.com/ Name: mc
Value: 657afc9e-33bca-e8352-fb3f7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

37906674e3c00f42dbde182818fbaf0b.safeframe.googlesyndication.com
ads.travelaudience.com
akl-navvy.media.net
analytics.google.com
analytics.pangle-ads.com
b1sync.zemanta.com
bcp.crwdcntrl.net
cdn-ima.33across.com
cdn.ampproject.org
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
cs.media.net
csi.gstatic.com
dclk-match.dotomi.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
google-bidout-d.openx.net
google.partners.tremorhub.com
googleads.g.doubleclick.net
gtrace.mediago.io
hblg.media.net
lg3.media.net
match.360yield.com
match.adsrvr.org
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
pxlclnmdecom-a.akamaihd.net
qsearch-a.akamaihd.net
s.amazon-adsystem.com
secure.adnxs.com
securepubads.g.doubleclick.net
seufinanciamento.99carsforsale.com
static.criteo.net
stats.g.doubleclick.net
tags.crwdcntrl.net
tpc.googlesyndication.com
u.heatmap.it
ums.acuityplatform.com
us-u.openx.net
us4.heatmap.it
warp.media.net
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.18.35.167
108.138.128.46
142.251.163.154
174.129.88.64
184.24.36.23
192.99.47.17
23.220.112.22
23.222.12.17
23.222.200.28
23.222.4.155
23.46.150.66
2600:1f18:4e9:5a02:d4c8:9f2:5a1a:543f
2600:1f18:612b:4280:bda1:9df6:36cc:93
2600:1f1c:a99:832c:2412:5a3c:977a:e751
2606:4700:3033::ac43:bbba
2606:4700::6811:180e
2606:ae80:1451:18::1690
2607:f8b0:4001:c10::78
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::8b
2607:f8b0:4004:c06::9b
2607:f8b0:4004:c07::84
2607:f8b0:4004:c08::61
2607:f8b0:4004:c08::84
2607:f8b0:4004:c08::9d
2607:f8b0:4004:c09::84
2607:f8b0:4004:c09::8a
2607:f8b0:4004:c0b::9b
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c1b::9a
2607:f8b0:4004:c1b::9b
2607:f8b0:4004:c1d::63
2620:100:a001::4
3.33.220.150
34.102.146.192
34.120.135.53
34.160.55.127
34.98.64.218
35.168.129.45
35.190.0.66
35.208.249.213
46.105.202.39
50.31.142.31
51.222.39.186
52.46.143.56
68.67.160.76
69.90.254.78
74.119.119.150
001f78c2467c70ae4535ffb900e9cb57d78c9cde1d7c816f44ec403d74f7cea4
008702ed20b35006a694d4dc03dbb3f38c759a7db77b016857bd3641e7b54ce7
027ff0028cb639dc6260e4331078e9abfadaa30ac5ffe217e2d3632f2a76e3e1
02e8944ed774c3367114968f5198158e1a8c8576a30f240ca4be2c6ecf0f492d
04d549a4f168546afdc3608bc6ef4ad67a16a2bf2baf8c6770f88f524c924d11
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07
1f55affd1947decfe6393a7d71a08b38eec9bcdddbab0edb7a98af48866d39af
2c5a81cb140acc1db33db1e292912d4506b6413c6e522d68803eb9ac900442fd
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
336b83b6821ec62bf8bd1b267f4a28af5dafe30d52340bd6b0e812d188317752
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3ae3e5bef1d65f47e1f785dbe997922d24717b6044ff01015cd4f13c38ebfdfc
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
51cab93ff5c15ff7c9650306e559fb19ea47d39cc3b29a00179ac284435890e1
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
573b4a00fed1e3794d70b07a1975ac23f461da32cfc380cbd54f360705c5e135
5c2fba2d7412f1de1267dd5d2a7cf51c12ddb66f331c0d0650b6522051f00e71
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fccfdc6707e6432998da73d67d285fad858d68d59c9eb2657930772fb2cbd9
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
671c8110727247e1e3959a84855028e25f92d2990ac3eda3f4e56a54a8caa587
6aef2146afb096d0893ba0f998ed101ec550d0d57666205dda86bfe4252007d7
6c11bd8b40121ede8f319c93a3d2c05e8734e5727005b5cf0f56415ba7f2e2af
6e75e61cb89124aa721b6f1a0cdacb0f09d005ee959433cb5943e4a2e9083291
70497ea3c36a2d29569f8853a6211684f3e63cc821f72ee7e1bead6c0b811a75
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
7712878f8dfe04a0cf32b22e2513d87e115593b5826a4700cfb1ccb80797d397
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7c6ab6f328dad4404608f4ed327afc241121aab29a44ca5f7820f743f16c998c
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
81e8ce3dda7a27bc17d1d6dafc7a111c05f0be6af3ced4d83f361503763b0c96
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d76a6d198239cff30bb1bdb6e410a19e3170189ba9ec8e7eb79a70cfbf05bdf
907efa73424cc1d827d3e5f6b2f6abef6ccc4c28098ed9fb53bc9d7ed463f955
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e5f93f14d46d083005f3807479570e6c957c151f77dcf18dd89cd6156105275
9ecba3e9cda1660fa2d97d12e8f6c47c71c12ec31fc9c006ec042ca4a270a247
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a80fbc70183ff8cc4638371b81515c18c2f7d839af151f1c5cf51d78cdc872df
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aaf995362435afad90dbf3f8cb9228187564bc2c3d51e0166fca2332bdbedb42
ac0bca0936bc00c47199d13edfdbb58b733cf1865f2f492388b76878c2948986
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b277d2c18d6066d37e4f5a8a20b111b221e9d335b06cc9ea372c60b8bf5ca937
b5399d6eaf6df1955dfdbdf008306492e4ce431c24a941e6c463a71453abb589
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
bb679eef978598a07c0e39e3bdb2ca9b1f7a4346dc3bcddbfa78e149572b2977
c106788c8f2a410a48d49d4e0b7e689c16a8193759c27f83d3950f9f23e653ce
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
cb962fd24d9d425933477085177610c42bc87a45c16d83119013e7f989d77544
d24c9c0f0a1695c98f172ae2a2be1add7b170f1205f1a4e4c87fdc487febd2e6
d8e85fcc74853acfd1e3667ce582bff9aa13e8495474415739b17636a8da2386
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58210f82e88fae38dcf2785ef1ffe20ef9e6feea15980b17f1d5774e507e6f9
e75f88d23a7114a1c18fafbda05d937826a94102cc62ec4667bcddb7c78c5106
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27469d16bc671ff448fa2970a097a12f0b4ea03629edd7c95245b54b19a29cd
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f712cf0fe79b235265b9b898f2e4464d921937ab29e1475b23c8a7cb8d4024af
f91dcfa378602e00e832b51a10309da918a4f8ce5900cc55e04be598d779f498