smiles.iclou.com.br Open in urlscan Pro
5.161.90.154 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://smils.com.br/
Effective URL:
http://smiles.iclou.com.br/
Submission: On March 03 via api (March 3rd 2023, 6:02:33 pm UTC) from US — Scanned from DE

Summary HTTP 211 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 32 IPs in 3 countries across 31 domains to perform 211 HTTP transactions. The main IP is 5.161.90.154, located in United States and belongs to HETZNER-CLOUD2-AS, DE. The main domain is smiles.iclou.com.br.

This is the only time smiles.iclou.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	5.161.90.154 5.161.90.154	213230 (HETZNER-C...) (HETZNER-CLOUD2-AS)
1	13.58.124.244 13.58.124.244	16509 (AMAZON-02) (AMAZON-02)
37	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::6815:5f5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
9	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:400d:802::200e	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::200e	15169 (GOOGLE) (GOOGLE)
1 35	2a00:1450:400... 2a00:1450:400d:804::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:807::200a	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4008:c13::5e	() ()
2	142.250.102.156 142.250.102.156	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:d::7	15169 (GOOGLE) (GOOGLE)
6 16	142.251.39.34 142.251.39.34	() ()
3 7	185.80.39.216 185.80.39.216	() ()
3 5	185.89.210.153 185.89.210.153	() ()
13	2a00:1450:400... 2a00:1450:400d:806::2006	() ()
2	2a00:1450:400... 2a00:1450:4001:d::6	() ()
1	2a02:fa8:8806... 2a02:fa8:8806:16::1370	() ()
1 1	2a05:d018:d29... 2a05:d018:d29:3602:9716:bff6:4d3d:aff2	() ()
4 4	213.155.156.166 213.155.156.166	() ()
1 1	51.89.9.251 51.89.9.251	() ()
1	185.86.139.103 185.86.139.103	() ()
1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	() ()
1	35.71.131.137 35.71.131.137	() ()
1 1	85.114.159.118 85.114.159.118	() ()
2	142.250.180.226 142.250.180.226	() ()
211	32

6 5.161.90.154 (United States) 1 redirects

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.154.90.161.5.clients.your-server.de

smils.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
smiles.iclou.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.58.124.244 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-124-244.us-east-2.compute.amazonaws.com

contatonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:5f5f (United States)

ASN13335 (CLOUDFLARENET, US)

redirecionador.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:802::200e (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80a::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::200e (Ireland)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:400d:804::2001 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4008:c13::5e (None, )

ASN- ()

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.102.156 (United States)

ASN15169 (GOOGLE, US)
PTR: rb-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:d::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5edn6k.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.251.39.34 (None, ) 6 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.80.39.216 (None, ) 3 redirects

ASN- ()

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.153 (None, ) 3 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:400d:806::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:d::6 (None, )

ASN- ()

r1---sn-4g5edn6k.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1370 (None, )

ASN- ()

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:9716:bff6:4d3d:aff2 (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.166 (None, ) 4 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (None, ) 1 redirects

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.103 (None, )

ASN- ()

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (None, ) 1 redirects

ASN- ()

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.180.226 (None, )

ASN- ()

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	660 KB
42	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 bid.g.doubleclick.net — Cisco Umbrella Rank: 703 cm.g.doubleclick.net googleads4.g.doubleclick.net	308 KB
19	2mdn.net 2 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1090 r2---sn-4g5edn6k.c.2mdn.net — Cisco Umbrella Rank: 706292 s0.2mdn.net r1---sn-4g5edn6k.c.2mdn.net	108 KB
19	gstatic.com fonts.gstatic.com csi.gstatic.com www.gstatic.com	201 KB
15	google.com 1 redirects cse.google.com — Cisco Umbrella Rank: 2640 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 73 clients1.google.com — Cisco Umbrella Rank: 417	374 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36 imasdk.googleapis.com — Cisco Umbrella Rank: 442	268 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com ssum-sec.casalemedia.com Failed	5 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	291 KB
5	adnxs.com 3 redirects ib.adnxs.com	5 KB
5	google.de adservice.google.de — Cisco Umbrella Rank: 8947	1 KB
5	iclou.com.br smiles.iclou.com.br	61 KB
4	de17a.com 4 redirects d5p.de17a.com	1 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 339	47 KB
1	adition.com 1 redirects dsp.adfarm1.adition.com	586 B
1	adsrvr.org match.adsrvr.org	265 B
1	quantserve.com cms.quantserve.com	463 B
1	smartadserver.com ssbsync.smartadserver.com	45 B
1	onetag-sys.com 1 redirects onetag-sys.com	338 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	711 B
1	dotomi.com dclk-match.dotomi.com	104 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	602 B
1	redirecionador.info redirecionador.info	1 KB
1	contatonline.com contatonline.com	367 B
1	smils.com.br 1 redirects smils.com.br	236 B
0	rubiconproject.com Failed pixel.rubiconproject.com Failed
0	pubmatic.com Failed image6.pubmatic.com Failed
0	openx.net Failed rtb.openx.net Failed
0	addthis.com Failed e.dlx.addthis.com Failed
0	agkn.com Failed d.agkn.com Failed
0	atdmt.com Failed ad.atdmt.com Failed
0	tribalfusion.com Failed s.tribalfusion.com Failed
211	31

	Domain	Requested by
37	pagead2.googlesyndication.com	smiles.iclou.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com contatonline.com www.googletagservices.com
35	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com smiles.iclou.com.br
22	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net contatonline.com smiles.iclou.com.br
16	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net smiles.iclou.com.br
13	s0.2mdn.net	contatonline.com s0.2mdn.net
9	fonts.gstatic.com	fonts.googleapis.com
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	csi.gstatic.com	imasdk.googleapis.com
7	www.google.com	1 redirects cse.google.com smiles.iclou.com.br googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	smiles.iclou.com.br googleads.g.doubleclick.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
5	adservice.google.com	pagead2.googlesyndication.com
5	adservice.google.de	pagead2.googlesyndication.com
5	smiles.iclou.com.br	smiles.iclou.com.br
4	d5p.de17a.com	4 redirects
4	imasdk.googleapis.com	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	cdn.jsdelivr.net	smiles.iclou.com.br
2	googleads4.g.doubleclick.net	contatonline.com
2	r1---sn-4g5edn6k.c.2mdn.net	googleads.g.doubleclick.net smiles.iclou.com.br
2	r2---sn-4g5edn6k.c.2mdn.net	smiles.iclou.com.br
2	gcdn.2mdn.net	2 redirects
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	cse.google.com	smiles.iclou.com.br www.google.com
1	dsp.adfarm1.adition.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	onetag-sys.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	clients1.google.com	smiles.iclou.com.br
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	redirecionador.info	smiles.iclou.com.br redirecionador.info
1	contatonline.com
1	smils.com.br	1 redirects
0	ssum-sec.casalemedia.com Failed	googleads.g.doubleclick.net
0	pixel.rubiconproject.com Failed	googleads.g.doubleclick.net
0	image6.pubmatic.com Failed	googleads.g.doubleclick.net
0	rtb.openx.net Failed	googleads.g.doubleclick.net
0	e.dlx.addthis.com Failed	googleads.g.doubleclick.net
0	d.agkn.com Failed	googleads.g.doubleclick.net
0	ad.atdmt.com Failed	googleads.g.doubleclick.net
0	s.tribalfusion.com Failed	googleads.g.doubleclick.net
211	45

This site contains links to these domains. Also see Links.

Domain
smiles

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-02-21` - `2023-05-02`	2 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 26 frames:

Primary Page: http://smiles.iclou.com.br/
Frame ID: 3168A9196ADFAB6E9F3661F152F5017E
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html
Frame ID: 635DBD8F7135BDF42A43F7A0E5AC71F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&adk=1812271804&adf=3025194257&lmt=1677866550&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_l%7C308x810_r&format=0x0&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&ea=0&pra=5&wgl=1&dt=1677866549903&bpp=3&bdt=584&idt=396&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6423860147406&frm=20&pv=2&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=421
Frame ID: 648DA73A26AFB2A6D19E7AEF180D24F2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=3582736694&adf=865389875&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677866550&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677866550051&bpp=4&bdt=732&idt=279&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=KXb8FVs6Mf&p=http%3A//smiles.iclou.com.br&dtd=283
Frame ID: B684D27BD9FD238611174F80C4D86D4D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1677866550&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866550055&bpp=1&bdt=736&idt=285&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=bI6HBYU3Kz&p=http%3A//smiles.iclou.com.br&dtd=289
Frame ID: 169D74B7447D4232263849D121D1976F
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=530165087&adf=4093038968&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677866550&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677866550752&bpp=1&bdt=1433&idt=1&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=IFhxDW88Mk&p=http%3A//smiles.iclou.com.br&dtd=6
Frame ID: AC90819CE94A18B5DF13B34E209C40FE
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2157&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=qNFb77EU19&p=http%3A//smiles.iclou.com.br&dtd=5
Frame ID: 1B5F1ABE355A26F025F7780C1FCAABB0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2156&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yVqhSKQ1sU&p=http%3A//smiles.iclou.com.br&dtd=9
Frame ID: C977DF3DCAF1304E97047B9D4DCCB675
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Frame ID: 92AEE1F93D27D8B8D52648AE5BF7A810
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Frame ID: 45247C302A84A6CC72CF1E3202C0492A
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 22E42B64081C9A8357592580E7437334
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8FE91459E9FA68932995E6E1B1D13EC6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677866552&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677866552004&bpp=1&bdt=2685&idt=2&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280%2C1005x124%2C180x500&nras=3&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg%2CAD37Y7sSwmYkqfHyYWDLCumFmaATTE8CcIC193DP9p0dP5MMdk2IngS7jAMmtf74jVS3966fzNLB9ccFbt5ijuI%2CAD37Y7tk1Ju37w6o1doYB7RIgRP3THtIu-rBBiI4bh1Wv1oCVgFjfueVa4EWyiUKysnzTO5s5JG21p7599Ikgsc%2CAD37Y7sPb2PYZfn3TYKip6a9R3-Y1RP8Q23V8KGEvFUUQZmypmP6SBQezqNF1X2VsZUr56R1aTWZxzCpDysJ2uWGKfxlkxUWJutZ4IZscR5X6TE%2CAD37Y7tZkcXlt5i4AvC24napMG2wq2CiaJG2EBCWiyUwMTFkKC3650GIbUtvUhtkKR-gX-KWMRCO0vjAy3xJHhFrLPjttMK1yvUBx_bforcF&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=O0i1czYvxb&p=http%3A//smiles.iclou.com.br&dtd=12
Frame ID: 298E6171EFF3BAFA7C87AFCD7BDEEA4B
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY25DA3gEwAQ&v=APEucNW1I5TYowU_EXKcKKw3RItOm2724cjOVfgxbNjg0lAdT7e51mNNTdoLIeGP7b1hhceM-Uw3KOA8i3YOReBNmoccIbgLsgCRB6MuFP1gz-qURZT5_lrliudovv3hGOUf54DkvKYQwDpqe8HOKYx_xieKbtX1a5EyEm0ld2Yg41t6WjfkkVo
Frame ID: 0324D5C6D960DF7630502F8486D5DC26
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Frame ID: 852B875220493B60B74CD9CC4C75437F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Frame ID: 5EBF51DC711EF24B5957B091AD38F8F6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Frame ID: DF1B3DB84272E6CABCCFBE09FBA471E0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Frame ID: 041258BD8EBAFA32B4A1E43607FF3DB3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C7191648D1CAE27800AEEE11E64D75B5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F3C83763FB888D2DFF20782A73EBD0A6
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj2CRCHtHAYhJye3wEwAQ&v=APEucNUBqKspj7OXWxxSNZTLRnO6KWxMAFcmxJ1A03rc-XUlEgLRMo-kG_uqS9vGtOhPTZt1TfTjlWxuM9P1Sw_jHf8i7QkGjx7DAIiZqaVuAEeHGwXZ9YYRfp26d0DQOXB2siADa3QTXFI7LLzxGP7iimqV6YL0n6K0fO18K8EP92g2F-GIqwg
Frame ID: 3DF080323BF34E2B6BF554B45E2F1CA3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 25CDB30F8B378A045509948713DF0743
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9042D59128DBC6F211F7009E253788C3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 33F4311D5DDB8C99CD7368554E9650A9
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7121045156231289477/index.html
Frame ID: AD9167DBF2D70B831BD858AE8B94CCC3
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B1F21989427606D77D0CCFD494A38906
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SMILESpesquisar

Page URL History Show full URLs

http://smils.com.br/ HTTP 302
http://contatonline.com/?Dw0RYAT Page URL
http://smiles.iclou.com.br/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

211
Requests

82 %
HTTPS

66 %
IPv6

31
Domains

45
Subdomains

32
IPs

3
Countries

2325 kB
Transfer

6135 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://smiles/
Title: Início

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://smils.com.br/ HTTP 302
http://contatonline.com/?Dw0RYAT Page URL
http://smiles.iclou.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://smils.com.br/ HTTP 302
http://contatonline.com/?Dw0RYAT

Request Chain 72

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 75

https://gcdn.2mdn.net/videoplayback/id/a3d1b5ecaa4a0ba0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818572274/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/7B8483686F08FDEDDF432ED54D6F2063DC363BD7.71243E0F9D94CE2610D1FF309EE5B10823FE17BF/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-4g5edn6k.c.2mdn.net/videoplayback/id/a3d1b5ecaa4a0ba0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818572274/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6E3227C26D925AE234724938C57408FBBBFB6AA0.29ED73FB73950295A083925D39EB74835678E58E/key/cms1/cms_redirect/yes/mh/s7/mip/2a01:4a0:1338:92::5/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1677866211/mv/m/mvi/2/pl/36/file/file.mp4

Request Chain 112

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 119

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtsMfL8J0-zfpmApVTn1hU&google_cver=1

Request Chain 120

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAI2OB1G2.9LALoLtarN2AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtsMfL8J0-zfpmApVTn1hU&google_cver=1&google_hm=2

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEM21jEh44zJJ2lDHobVhuxI&google_cver=1

Request Chain 122

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcyMzE2Mzg1MjkxODA0ODYyOQ%3D%3D

Request Chain 164

https://gcdn.2mdn.net/videoplayback/id/fe3af6f64ed30818/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818571157/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/107682CAF7AE9154461F99D1F57574AC3CAA0E10.317B07F9F4108A528FF37FB44CB40138CF543FF0/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/fe3af6f64ed30818/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818571157/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4653CD5CEAF06EC035D22F248C175504AE757176.1C7B4E22EE16A06A5B1A896D3463CC4319DE4BDE/key/cms1/cms_redirect/yes/mh/Ut/mip/2a01:4a0:1338:92::5/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1677866211/mv/m/mvi/1/pl/36/file/file.mp4

Request Chain 166

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIn_T6lEzZxlTgKEDy-TT_M&google_cver=1&google_push=Aa02lx8GsI92EpSzIAJPhZVHPcSSTyiIQ3erP5pmqd9iwwasVpE5LA9a0z5mAaKusSTmnj6gsMgtX2mOn5o7OFtqnmQE77_xydsaZw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTEwODI1ODg5Mzg5MjM4NTczMw==&gdpr=&gdpr_consent=

Request Chain 168

https://a.tribalfusion.com/i.match?p=b6&u=CAESEM-keRuJPI8a2plPvD41wP8&google_cver=1&google_push=Aa02lx90JqgUaV2lI8-uu1GNQs_LZQSdxWJ6CtzChtfw39OVWCm3NSCW0fcLPTgXpee4xaANuNVxsTBqsI_bBcgrdIBLoLgexjjXRMo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx90JqgUaV2lI8-uu1GNQs_LZQSdxWJ6CtzChtfw39OVWCm3NSCW0fcLPTgXpee4xaANuNVxsTBqsI_bBcgrdIBLoLgexjjXRMo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEM-keRuJPI8a2plPvD41wP8&google_cver=1&google_push=Aa02lx90JqgUaV2lI8-uu1GNQs_LZQSdxWJ6CtzChtfw39OVWCm3NSCW0fcLPTgXpee4xaANuNVxsTBqsI_bBcgrdIBLoLgexjjXRMo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx90JqgUaV2lI8-uu1GNQs_LZQSdxWJ6CtzChtfw39OVWCm3NSCW0fcLPTgXpee4xaANuNVxsTBqsI_bBcgrdIBLoLgexjjXRMo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 169

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDdi0fM2lYvY4r7dmk0UPcs&google_cver=1&google_push=Aa02lx-YV-QsN7nu3xYNd4GKNf2nXK5AU1lPmixUdfr7gfUO1sCCqzXvnjqkGLm2yoDhEaWsxvfLf_b4JrJsoTaLad4qBUqclse5kKg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-YV-QsN7nu3xYNd4GKNf2nXK5AU1lPmixUdfr7gfUO1sCCqzXvnjqkGLm2yoDhEaWsxvfLf_b4JrJsoTaLad4qBUqclse5kKg&google_hm=eS02ZWtjb1N0RTJwR2xVc2o3UldRUkRSTGFmRVpPZ1hWcn5B

Request Chain 170

https://d5p.de17a.com/cookies/google?google_gid=CAESEI5XTPgJeFrRuuxBBF3ZwbE&google_cver=1&google_push=Aa02lx8h852x6GSfdhWNXHeB1yQcB15WwNG8coeacCFzaMXazqOWBC0105I6c8oblq9sJ75U-yg88TJxF6WpA97IruyBaWklC9gOT34 HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEI5XTPgJeFrRuuxBBF3ZwbE&google_cver=1&google_push=Aa02lx8h852x6GSfdhWNXHeB1yQcB15WwNG8coeacCFzaMXazqOWBC0105I6c8oblq9sJ75U-yg88TJxF6WpA97IruyBaWklC9gOT34 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8h852x6GSfdhWNXHeB1yQcB15WwNG8coeacCFzaMXazqOWBC0105I6c8oblq9sJ75U-yg88TJxF6WpA97IruyBaWklC9gOT34

Request Chain 171

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEApZJz6RSKlA_coe9LAyRzc&google_cver=1&google_push=Aa02lx-GfsgvgcTVyB24M0NEZW4U8pMY-dR8IyVYA-pVGt8z8BbO1jxgMC3mHnSiej_XdAwDkiK1ifaoadsua5W7lZd-SNjb7mAkiw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-GfsgvgcTVyB24M0NEZW4U8pMY-dR8IyVYA-pVGt8z8BbO1jxgMC3mHnSiej_XdAwDkiK1ifaoadsua5W7lZd-SNjb7mAkiw

Request Chain 176

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECwdH42QyS8dbd_zqH69YPE&google_cver=1&google_push=Aa02lx9-gxN3fkGsEVpvxn-5qdbymC3oy_etbkq-WPIFYvaWO0ug_8tKZ3ti8eL12mTftcX6soyUYr4oudTOeUUiQ0kEqdoj11AzoA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNjM4MTk2NzkyMDQ2MTk3Ng%3D%3D&google_push=Aa02lx9-gxN3fkGsEVpvxn-5qdbymC3oy_etbkq-WPIFYvaWO0ug_8tKZ3ti8eL12mTftcX6soyUYr4oudTOeUUiQ0kEqdoj11AzoA

Request Chain 177

https://d5p.de17a.com/cookies/google?google_gid=CAESEI5XTPgJeFrRuuxBBF3ZwbE&google_cver=1&google_push=Aa02lx_7zaCOdMQxeoi38U3r5cGIrNQUcAOY18llcTw3B6kNWK3Z4T8DuB3DzN_xx80F_pEonla0jjyYZdbrKguES4xGDniCZLQcKw HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEI5XTPgJeFrRuuxBBF3ZwbE&google_cver=1&google_push=Aa02lx_7zaCOdMQxeoi38U3r5cGIrNQUcAOY18llcTw3B6kNWK3Z4T8DuB3DzN_xx80F_pEonla0jjyYZdbrKguES4xGDniCZLQcKw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_7zaCOdMQxeoi38U3r5cGIrNQUcAOY18llcTw3B6kNWK3Z4T8DuB3DzN_xx80F_pEonla0jjyYZdbrKguES4xGDniCZLQcKw

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaa69-IUfdVc_3cvkiTbi4&google_cver=1

Request Chain 189

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAI2OB1G2.9LALoLtarN2AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaa69-IUfdVc_3cvkiTbi4&google_cver=1&google_hm=2

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBn8WgeKS1D0ncQ6nJOQ1_U&google_cver=1

Request Chain 191

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcyMzE2Mzg1MjkxODA0ODYyOQ%3D%3D

Request Chain 213

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEI69440rGnLTrKlvoGzWV04&google_cver=1&google_push=Aa02lx9AbBLSMZyXcaONsBTpZbHbz4CW-doHjvOeD-MJjS7dRdEle4rKvNsLbQx6yzQoUCweULORyHcD4-1pHdOSVAIL5EWwXB5a HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx9AbBLSMZyXcaONsBTpZbHbz4CW-doHjvOeD-MJjS7dRdEle4rKvNsLbQx6yzQoUCweULORyHcD4-1pHdOSVAIL5EWwXB5a&google_hm=UN4AoYaCTVjdtj5PSV4hgg

211 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
contatonline.com/
Redirect Chain

http://smils.com.br/
http://contatonline.com/?Dw0RYAT

110 B
367 B

618ms
142ms

Document
text/html

13.58.124.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://contatonline.com/?Dw0RYAT
Protocol: HTTP/1.1
Server: 13.58.124.244 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-124-244.us-east-2.compute.amazonaws.com
Software: nginx / PHP/5.6.38
Resource Hash: f7da7a3265a7d6f483860c21d4b5447ccbeb23a9652f533cbbea8c2f8ef1c2ee

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Mar 2023 18:02:28 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.38

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Mar 2023 18:02:27 GMT
Location: http://contatonline.com/?Dw0RYAT
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.29

GET
H/1.1 200
OK Primary Request / Show response
smiles.iclou.com.br/ 24 KB
7 KB 612ms
124ms Document
text/html 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx / PHP/7.4.29
Resource Hash: 652799bc78890e96d4f9a781c94b2dd548a1f3bd518ed8a4a4d0c1104de5e362

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Mar 2023 18:02:29 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.29

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
50 KB 447ms
393ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

HTTP/1.1

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af0098f9fa5d18ef5b7996ae5ea98a94b4252c1161bcca4791ebfdd0e219881b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 18:02:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 50710
X-XSS-Protection: 0
Server: cafe
ETag: 6310548122525753014
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Fri, 03 Mar 2023 18:02:29 GMT

GET
H/1.1 200
OK estilo-laranja.css
smiles.iclou.com.br/css/ 202 KB
27 KB 129ms
128ms Stylesheet
text/css 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smiles.iclou.com.br/css/estilo-laranja.css
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx /
Resource Hash: 418c782cd9a0f004f25873525e400620db28bc9d81b2961e5e6be9faa5a900bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 18:02:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Feb 2021 02:21:28 GMT
Server: nginx
ETag: W/"6018b728-327ff"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 141ms
49ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

708d5c9dbe4b6a80868cef351b45d31093d8dbe6e658f893be79a485c5879adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Mar 2023 18:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 18:02:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Mar 2023 18:02:29 GMT

GET
H/1.1 200
OK topo.jpg
smiles.iclou.com.br/images/ 24 KB
24 KB 245ms
122ms Image
image/jpeg 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://smiles.iclou.com.br/images/topo.jpg
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx /
Resource Hash: 0a7cac9b8f0b40c02c190a290f821c12d3a30bdd31f99699c96afb6e011f628b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 18:02:29 GMT
Last-Modified: Tue, 02 Feb 2021 02:21:31 GMT
Server: nginx
ETag: "6018b72b-5fdd"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24541
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK requestData.js Show response
redirecionador.info/relacionados/aereo/ 1 KB
1 KB 570ms
278ms Script
application/javascript 2606:4700:3034::6815:5f5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://redirecionador.info/relacionados/aereo/requestData.js
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:5f5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ea571f67616f2ef7b6acacb2a92cecf6a5035424ce962d971e3f32926202e06

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 18:02:29 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 11 Feb 2021 20:28:44 GMT
Server: cloudflare
ETag: W/"6025937c-43c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pmXSWE8uD8TAwwKVVDMuhwkziRlZhKUmUFTy4cOGq2rLIoRQNu6mdcO9hJjQwg4sWvQnwBdwgJLd67Ww8SC9Wt42JhBfXXZ6hmpIorc4%2Fq%2BHEOhPKy0N42ByKwmGPd0g6hexKZUDku4qhetMxZePeZd"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: public, max-age=315360000
CF-RAY: 7a23ca6f5ee22c20-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.3.1/dist/ 85 KB
30 KB 128ms
41ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.3.1/dist/jquery.min.js

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 Mar 2023 18:02:29 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 229955
x-jsd-version: 3.3.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30349
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
etag: W/"1538f-DcMttKqcXwPzs4xH2IPb1P7ROq4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
10 KB 129ms
42ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 Mar 2023 18:02:29 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 407846
x-jsd-version: 1.8.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10429
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.flexslider.min.js Show response
cdn.jsdelivr.net/npm/flexslider@2.7.1/ 23 KB
7 KB 169ms
82ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/flexslider@2.7.1/jquery.flexslider.min.js

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

82274395ae9741732320547050e84cd8ca10510c0afb8cead6eb9172aa891deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 Mar 2023 18:02:29 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 812454
x-jsd-version: 2.7.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6786
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
etag: W/"5a97-CZSrA1me8DvhFo11qWL07JtctNM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK scripts.min.js Show response
smiles.iclou.com.br/js/ 2 KB
1 KB 243ms
121ms Script
application/javascript 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smiles.iclou.com.br/js/scripts.min.js
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx /
Resource Hash: 9737e1f2d8e8394823b95d1c2ed3db1a65efabeb4eaf36b3d35ed053dff921b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 18:02:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Feb 2021 02:21:33 GMT
Server: nginx
ETag: W/"6018b72d-919"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ads.js Show response
smiles.iclou.com.br/js/ 10 KB
2 KB 245ms
122ms Script
application/javascript 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smiles.iclou.com.br/js/ads.js
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx /
Resource Hash: 2fd3ec1c9bbd8649a7df803f56aee470fa259abb0a9b70485cd51c9d1bf77a03

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 18:02:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Feb 2021 02:21:32 GMT
Server: nginx
ETag: W/"6018b72c-27a5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
22 KB 180ms
52ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://smiles.iclou.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 00:36:12 GMT
x-content-type-options: nosniff
age: 149177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21724
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 00:36:12 GMT

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 290ms
162ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://smiles.iclou.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:31:02 GMT
x-content-type-options: nosniff
age: 178287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:31:02 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 10 KB
10 KB 231ms
103ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://smiles.iclou.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 01:55:31 GMT
x-content-type-options: nosniff
age: 230818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10172
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 01:55:31 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 360 KB
119 KB 239ms
109ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8847092362748368&plah=smiles.iclou.com.br&bust=31072620

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21c55d7f44b3250c7243627771305fbaa0f1fbf7ecde82865a3e33a9d4d17357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121460
x-xss-protection: 0
server: cafe
etag: 16748919523941978926
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 03 Mar 2023 18:02:30 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/ Frame 635D 10 KB
5 KB 177ms
51ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77561
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 20:29:49 GMT
etag: 2378337311435320485
expires: Thu, 16 Mar 2023 20:29:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cse.js Show response
cse.google.com/ 5 KB
3 KB 259ms
93ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

13452f6f4b6457bd22e00d4bf3d1edf3efee95f04d759718a4d3fd6dfec3d096

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:30 GMT
content-encoding: br
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2208
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: AqRrpS1jM/HOs1rGR0CnXerKEP/QFz7qj9ApDSZqAO+0U+KcT/h/lxA6akW4ar0kT0V1bw5MD4t8O7L7OFwM5gUAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY3ODIzMzU5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Fri, 03 Mar 2023 18:02:30 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
349 B 180ms
85ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=165&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20Only%20one%20%27enable_page_level_ads%27%20allowed%20per%20page.%0Aat%20Wo%20(http%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3A188%3A323)%0Aat%20Xo%20(adsbygoogle.js%3A187%3A1249)%0Aat%20cp%20(adsbygoogle.js%3A194%3A380)%0Aat%20dp%20(adsbygoogle.js%3A195%3A14)%0Aat%20op%20(adsbygoogle.js%3A204%3A261)%0Aat%20ep%20(adsbygoogle.js%3A201%3A12)%0Aat%20e.client%20(adsbygoogle.js%3A195%3A222)%0Aat%20Ld.ia%20(adsbygoogle.js%3A43%3A224)%0Aat%20rj%20(adsbygoogle.js%3A90%3A19)%0Aat%20%24o%20(adsbygoogle.js%3A195%3A211)&shv=r20230301&mjsv=m202302210101&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620&client=ca-pub-8847092362748368&url=http%3A%2F%2Fsmiles.iclou.com.br%2F

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cse_element__pt_pt.js Show response
www.google.com/cse/static/element/c23214b953e32f29/ 305 KB
305 KB 188ms
61ms Script
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/c23214b953e32f29/cse_element__pt_pt.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68459d679310d8dea155e2c6c2e27be5fff75050494105c69cfea7b2c73dabf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 01:53:18 GMT
x-content-type-options: nosniff
age: 230952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 312031
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 20:46:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 29 Feb 2024 01:53:18 GMT

GET
H2 200 default+pt_PT.css
www.google.com/cse/static/element/c23214b953e32f29/ 41 KB
9 KB 179ms
53ms Stylesheet
text/css 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/c23214b953e32f29/default+pt_PT.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9086
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 20:46:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 28 Feb 2024 20:56:01 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 186ms
60ms Stylesheet
text/css 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 17:27:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 03 Mar 2023 18:17:15 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
602 B 138ms
47ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=smiles.iclou.com.br&callback=_gfp_s_&client=ca-pub-8847092362748368

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8847092362748368&plah=smiles.iclou.com.br&bust=31072620

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9a1d5c85453407dffeddfa852d86f8db4e36d246541dd4ef152f63d0dfe2a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 155ms
48ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 201ms
74ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 648D 235 KB
56 KB 1091ms
1090ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&adk=1812271804&adf=3025194257&lmt=1677866550&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_l%7C308x810_r&format=0x0&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&ea=0&pra=5&wgl=1&dt=1677866549903&bpp=3&bdt=584&idt=396&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6423860147406&frm=20&pv=2&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=421

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15e2aee274954f17977d75721fc4b0700a4c972e285195e7b44b9307e64a17dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 57232
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 18:02:31 GMT
expires: Fri, 03 Mar 2023 18:02:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B684 104 KB
35 KB 1207ms
1206ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=3582736694&adf=865389875&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677866550&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677866550051&bpp=4&bdt=732&idt=279&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=KXb8FVs6Mf&p=http%3A//smiles.iclou.com.br&dtd=283

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c5930653cbb87e95f3501d804c72f1a050d469663a7a492d09e136099333b10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35465
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 18:02:31 GMT
expires: Fri, 03 Mar 2023 18:02:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 169D 102 KB
33 KB 1255ms
1254ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1677866550&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866550055&bpp=1&bdt=736&idt=285&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=bI6HBYU3Kz&p=http%3A//smiles.iclou.com.br&dtd=289

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c2c7484f1c2b40f0438ef572631d0bdddfe82137e5c8a727e8997ff11e0f3ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 18:02:31 GMT
expires: Fri, 03 Mar 2023 18:02:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 140 KB
52 KB 141ms
88ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/c23214b953e32f29/cse_element__pt_pt.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e09d4ccd732fa47da8eb7eb50fba480e72756bf799e9a03b5e897dfa5f4049f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 18:02:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
ETag: "1198255763195710032"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Accept-Ranges: bytes
Expires: Fri, 03 Mar 2023 18:02:30 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/pt_PT/ 1 KB
2 KB 53ms
52ms Image
image/png 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/pt_PT/branding.png

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1f061781dd54ac94ee2245db3b03e2fe1604349e42b857a3e5c982d6cdbb5f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 09:36:43 GMT
x-content-type-options: nosniff
age: 203147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 29 Feb 2024 09:36:43 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
127 B 130ms
52ms Image
text/plain 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 18:02:30 GMT
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 49ms
48ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 75ms
74ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AC90 75 KB
23 KB 288ms
287ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=530165087&adf=4093038968&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677866550&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677866550752&bpp=1&bdt=1433&idt=1&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=IFhxDW88Mk&p=http%3A//smiles.iclou.com.br&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1326ce9ca289bcdad7489f3aaa9bec025fed0b3061e558d43f6bbbbe1c4666c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 23753
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 18:02:31 GMT
expires: Fri, 03 Mar 2023 18:02:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame AC90 22 KB
9 KB 194ms
53ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Mar 2023 13:37:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AC90 8 KB
812 B 51ms
49ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Mar 2023 18:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 16:19:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Mar 2023 18:02:31 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/ Frame AC90 14 KB
3 KB 207ms
53ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 11:39:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 12:53:31 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/ Frame AC90 376 KB
128 KB 210ms
56ms Script
text/javascript 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d07304cca832f4d70ceafd73f39bf68de4cb3b8185f24614641e6f860118389b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 23:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131380
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 11:39:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 23:00:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame AC90 20 KB
8 KB 197ms
60ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:30:01 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame AC90 0
234 B 1011ms
269ms Ping
image/gif 2404:6800:4008:c13::5e

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=1~lesuf8uc&c=7962907168148&slotId=3981453584074&qqid=CK-e-P2rwP0CFZX0mgodqjkKDw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c13::5e -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AC90 15 KB
16 KB 52ms
52ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 12:23:05 GMT
x-content-type-options: nosniff
age: 106766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 12:23:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AC90 15 KB
15 KB 62ms
62ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 13:13:56 GMT
x-content-type-options: nosniff
age: 103715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 13:13:56 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AC90 0
56 B 87ms
86ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CvL1mNjYCZK-rMpXp6wSq86h4rMW312612Ozk-RD6ndyg1AEQASCQsIcTYJWCgIC0B6ABqf_lxgHIAQWoAwHIA5sEqgSWAk_QqmAP_wfYT5-sTonoJSajp-40GU51vM-AWCz6fk_s0dWRmXnZHNp4UuDKObAW-roiOmtoqz_JK0J5shRYCNx7HMoq_yXBYJR1xpeez3fAXewE1UdVxsvwbtQfoa5l2DgnJThL4lFM5J3IsZkvIk6htayLpP9ncOcNMgZ11joIF9Mo1NYbH-ar7yf5CJ892ooBC-Y0SntPT8uZbUkNv8w4RciPYTf2bUR7JKO60GnNaz0oIxKpG9DlquKQoio0wUfq8M54kojc9d3qzZgCO8dxm81n2nEzt8ePGFHs6w_byt5pw3WE77ea8vBA69b-bbSppVrHGm4sCIB61LSiTQp50H3xw7JyqRFkFoA17SaTj9Eb3wU7wASl-5X0mQTgBAOQBgGgBk6AB7-AmrkCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoBmAsByAsBgAwBsBOU0bES2BMNiBQB2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1677866551446&ai=CvL1mNjYCZK-rMpXp6wSq86h4rMW312612Ozk-RD6ndyg1AEQASCQsIcTYJWCgIC0B6ABqf_lxgHIAQWoAwHIA5sEqgSWAk_QqmAP_wfYT5-sTonoJSajp-40GU51vM-AWCz6fk_s0dWRmXnZHNp4UuDKObAW-roiOmtoqz_JK0J5shRYCNx7HMoq_yXBYJR1xpeez3fAXewE1UdVxsvwbtQfoa5l2DgnJThL4lFM5J3IsZkvIk6htayLpP9ncOcNMgZ11joIF9Mo1NYbH-ar7yf5CJ892ooBC-Y0SntPT8uZbUkNv8w4RciPYTf2bUR7JKO60GnNaz0oIxKpG9DlquKQoio0wUfq8M54kojc9d3qzZgCO8dxm81n2nEzt8ePGFHs6w_byt5pw3WE77ea8vBA69b-bbSppVrHGm4sCIB61LSiTQp50H3xw7JyqRFkFoA17SaTj9Eb3wU7wASl-5X0mQTgBAOQBgGgBk6AB7-AmrkCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoBmAsByAsBgAwBsBOU0bES2BMNiBQB2BQB0BUB-BYBgBcB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame AC90 0
54 B 997ms
270ms Ping
image/gif 2404:6800:4008:c13::5e

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=2~lesuf8uw&c=7962907168148&slotId=3981453584074&qqid=CK-e-P2rwP0CFZX0mgodqjkKDw&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c13::5e -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame AC90 29 KB
17 KB 170ms
66ms XHR
text/xml 142.250.102.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AswzQycfUawBVzc0LvDxi_A99tkylAA6gkCiwm6CMyX-BWPfuFkWn_6l28ymN7-UGEwEwcVQLj02j05NY1kSjUzDOPiA&cry=1&dbm_d=AKAmf-CijOg-E9zAYbOz9kRjTXZWTuQb9O7rAwmyBW-3EGeF83KyBMRknuzZHtgi3iS5LuIEXrDGknbV5M_FJg60UZm0-O4JDAuFGj58mgg2fjS8NfNONcQrV2ZL7CTD2BzhvqlsQfZKjTE1eUCTNxFV2K9Di50D_SQi84Xn_nXm15XrpMdL1HKK_sW3j7gxFNiQJ3TH7PpBy4UJNc8sP2kNJ83WSuKzK-gkYyHuUSQeyNBVuv1SmvaJXh30lJx4PHvsw956_JqMSxuWiK5yKveNs9i-hnAuWoVs9AaKR7j86QnZ97CJ3XQPnh4hS0559PzepAU9ANqfmWI8JZ2pbz1L8T3WJ-wjd1qp0iodFF5_5QLEX3MCWIUL1cqqqeDTy0J4ocLjrHuor1GKuOmtsCtweSQTVHkF0_DJCw6oHlDmTdSrlPuEBZJFWYOY-1rTurqihGtrNfbIymYysofIE0a8JMbtZ2VqXno6biOshGRTRTMZ6Tsxki1js0uuAypsahsE4_4flzAh3w0hq3C9kj_unV2vStpFJSVm5E82Bh8eVyHYBseLox87sPO4siBqwioqkUjrPP_hXDvTnlJIlICPBIGOfpXWcQkP7wqbkCZKjn-UcholHMNOPB_q8cdt9ceEzw8h4IupUl6sNmfu7_wncV8b5G7HW3disYFBtjOaPnpQzGT9vy93-FjeZoCXrdqxOjaezUu-pLGqbmK_ql4eYOAaCPFf7WydRAcpVL7y7X91ftijVPHtQGhOGPa4roTWGYRmGcw1NumEZn0UYbemKuo2Gc87-M4Y_jTmCqTViXTjajXh71fQNeb5HaDe-yVUI4E6C8RIHz75TrZCKxzOPugwNkQu7W7jvve_sCoXaFhCt63nNphT0IZidOdFM0u7Fi5fioayzWicsB90ywSyvwMOSk0N-vIm3ADrPEgnRG4uEKKX9E55cs_jYKOC00A1V00MJJPt3Hp458DcYVoZ8J6nRrzhPfvx7tGD5H_EZTgZXh7QoEgmqSqxCEKzlf6TPfVOg7CpEuP-aRRvIrp6LuXlCbgxrq5g40_J2eV42XrDlBF15Jf3Sd4rCyda8Bxxlli55oEyXR12Ad3ELmrNbsE0KhUBIR2tykZYoyCI-cjQvVtB4f5_2VuwXnp53iVLbyZV2E6LCutTj8XjtwMIdGFlP4du1cogymvStuyYjZg3uxqnLFZBDE_pBgAXMO_4ON3SwfomOMfr-sCUyHijyIgo8NfSjt0JHNPoO5f6utWi-quq61OuqC15DL1uHyMwRJ_okeqavMHOsp3i-Ngb0fN2aLeH6J4R_V-aDuMKMDsnZIJxCzikywFvljVMvPBV4xSozMW07GH3Hc9XXAeKqvukssbD5NJTnj4A9tTA_Wh_V7qx_-toG0I5a15AOj-WCNX7Tbju6tGgsL4MJoWM2EM89BS6nzfD5LZ59dKMmh6x7Bgqg23F4r_QHBqxbjval9sol4zBSNvx--B7vPwo7mLh8DoXRnIz9PVya2ToM-bcNsuya0RtIM4nCthWd-rIFatvQHdg8B1EaOeyA7_9WLuSvFubjAYE3VkpDBeoz-uhgd9t4hMVEFNKmlOzn-ZTmnoMHGorACRysMUalZ05A_wZPAANqkxUq7HZdVebg0kFB_AMcLURfv-UShg8tpIqeSu5Yquz9OHtWQOt-dKcUStPbr5HBgK6l11runVd3SUO-Cl31u3-x-SCU4nlEfCI5tfN4GX5AjEzGzpybjsYNpcrAjQ-WUmKOEM7xuXfpW9_jV-uy1l7omaAR9OgLNXdNLhr61acdrED_M-Y6aEAzyJcmrjaXDEVWt4DB1d_KfqWhSIbuwm6sHqSsWn4PfDxj5XcjCayMVOJ4UE6QAvirz-Q-2qMrTPAtKcui8HJtXOL1LbSs5jVones09GznOMhAuQ1YXItcRPDywGQ_DeSUaMkOpV4zTuRc_Dscrj40vukakOv5ZcZbtvZ7flrop7Q82ACPKS9ktUi69hrBj2F4sHTWEMC9SMN6LXtlKErMVgiKFN_tpwwj94D-7lz7DknfN_qQpdUP1XRdxyuCPda0BoDs8BSZK35u8UgwJ8-RsK2JgXRAJv5A-Gj2Dka2m_C8XvsRPqi0M1miuoIABnL-jA5GcZ-d-edam8pw3qwL3y6XhksUMwiYfZUSf_-Na2DL-pOrbOdUPcmBGhIjbUZ5_T32n0lSAgjwQNRd0woBG4INy27uzN5H9miGopYvx_vydJGuFpXDG_sI5XSYHimSpRzqcuymaK6UC7EsjXf0xDyZu7W9AbblcV41kkPBA_yV68shSq0fp0zGB44prgAWLwpoE1NHudTsOoayQimcsRXRd6m_MoNh5JE6JUk2Ln1Ltpr2FFzkRQ1HHBjc4sdzGLXquangA-DdbQQj_M6mOHsXsyGNS8RrT_ZlBeKurXGsumR6-J0unpmwPyiE9tgH9vjPiuCR1tDclZHdTTlMiUrbITjosT3vBe4wpphGNk5z00k_A4Vjn1wWLeOuyEasTKHRi6RPCRPz_AEsAaeJru9jqcsI_8LzuItjOe1XRCfpWoTa0WRb1G5rKgExpgkVIYaoxsDxYnuHqUDUmiE3tHXqTUIzEvQICvL3VRGrjfBOvK1CCh47F6NM76a9ACEG1rObs8crPrYVdfTV1ufa4vP8sD1133K-03V0YOCHKGVdYHBUvKxQ4rWWP82inTdgoMvTGE6Mg89r8JjQv0AbUeis_FDFS1hI1-J1y3PwJxRYkHSyzd0XZgX8gEyvr6nl88FSogeH3Woa8h7CaqM3bjvQlysE-2WKbgyP9aT7CEhjXyjjET5VxdNFN8nOwB1OLa24LLP4hRULmqe_zGYKYjefBlpp4iWi5p09UX0hG01nsGXJTAYFaWK_vEvK5IA46Vup78mUzjgR0-F30Ds7IrNn-61F3QQ1NV-6kOZs9rhtA4RLFqktd-rQhjoGaSk95LQIdh74V5cqO33OCypXTDndyp8MzPijOrjysOHdvE0wMRkwAMS1A7US3IlePZfgI2qux9kAcQqbP8n_2IT9bgZw2_L5FTHczLm_vdTVSL7P082_ELiaBYwbYBT2b9x6-0_cJiZ1_ICcNvGrc1Dz8svs32AGQP5bwUNdehCTGn7hCtWw5fXf9rIKpEzUrgObosZB12QRbC0_JHTotyDKl2L3H2MtQfjQOPrtDR2jjdhho9twv31FTVJvqUTndrTHM_6lkyWLjNF3_tEybwyn5D0hIMtCdWXWBmDE8bhhGqNwpb7f1c6zimP6T_HZyPnLUiO1IEo4WX9DeGh4RzzBfWJSmxmW05xddt4hg5nL6xUYUfpdvjU5cRfp-W5XzZXA3e50uYb0nvbOKw2CUaGof1IHbKqDWJm7GSmQzVsIHqDMP_LLFvEIY2WdYPdua9FpwND3z5RdA&cid=CAQSSwDUE5ymWZNhtYdhGpesdkGiQYNmbiz9k_nY22k6u0nwpMBU9OyFKLFPEcWfsIUE4ovx3yf-d6s4tow3Rk-LZ5hteEj50cGpsOK0KxgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.102.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f156.1e100.net

Software

cafe /

Resource Hash

83f2458b1a0b08e9f5732e3b0316f3b8ac618e28a75d00aeda6e6014e719f93a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16268
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AC90 0
0 90ms
90ms Fetch
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzRqqNjYCZK-rMpXp6wSq86h4rMW312612Ozk-RD6ndyg1AEQASCQsIcTYJWCgIC0B6ABqf_lxgHIAQWoAwGqBJMCT9CqYA__B9hPn6xOieglJqOn7jQZTnW8z4BYLPp-T-zR1ZGZedkc2nhS4Mo5sBb6uiI6a2irP8krQnmyFFgI3Hscyir_JcFglHXGl57Pd8Bd7ATVR1XGy_Bu1B-hrmXYOCclOEviUUzkncixmS8iTqG1rIuk_2dw5w0yBnXWOggX0yjU1hsf5qvvJ_kInz3aigEL5jRKe09Py5ltSQ2_zDhFyI9hN_ZtRHsko7rQac1rPSgjEqkb0OWq4pCiKjTBR-rwzniSiNz13erNmAI7x3GblWZoGzudJ72KjwRMZxltioJ-H1RSs3h12KJE9N1nMKCMQknZ8QTqJdz-mrqt_Ny6rW5JmF6xzbmp6Pe_jWeMQrfABKX7lfSZBOAEA4gF2bOHsUiSBQYIAxABGAGSBQYIGxADGAGSBQoIIhACGAFImKx8kgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAe_gJq5AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEOr3CxiN0fzeAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBsBOU0bESyBO5qeHhA9gTDYgUAdgUAdAVAYAXAbIXHAoaCAASFHB1Yi04ODQ3MDkyMzYyNzQ4MzY4GAA&sigh=pkWVn2yPwxE&uach_m=[UACH]&cid=CAQSSwDUE5ymWZNhtYdhGpesdkGiQYNmbiz9k_nY22k6u0nwpMBU9OyFKLFPEcWfsIUE4ovx3yf-d6s4tow3Rk-LZ5hteEj50cGpsOK0KxgB&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=530165087&adf=4093038968&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677866550&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677866550752&bpp=1&bdt=1433&idt=1&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=IFhxDW88Mk&p=http%3A//smiles.iclou.com.br&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 03 Mar 2023 18:02:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Mar 2023 18:02:31 GMT

GET
DATA 200
OK truncated
/ Frame AC90 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1dc300ad27cf763c0f0063459213ef6ed3e91f4283909b32dcb2cd6328139781

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 77ms
77ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 75ms
74ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1B5F 21 KB
9 KB 1214ms
1213ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2157&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=qNFb77EU19&p=http%3A//smiles.iclou.com.br&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30fa01cd206ea32c9c62f03c9e3781a483ebcedb63c83bd8ed5d5363c8175f61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 9026
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 18:02:32 GMT
expires: Fri, 03 Mar 2023 18:02:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C977 18 KB
8 KB 477ms
476ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2156&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yVqhSKQ1sU&p=http%3A//smiles.iclou.com.br&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66cebde0f7bd64bdad237cbd413b0c0868d1261b3552a7b996246573153464ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 8429
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 18:02:31 GMT
expires: Fri, 03 Mar 2023 18:02:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 150 KB
51 KB 104ms
100ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/reactive_library_fy2021.js?bust=31072620

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05e223fbe6c08feeaeaa01d0b922b4f7b8245272a28f2c8036e6373c194ad6c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52051
x-xss-protection: 0
server: cafe
etag: 881481856402864104
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Mar 2023 18:02:31 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 86ms
84ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=1%2C3&c=ca-pub-8847092362748368&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B684 8 KB
895 B 56ms
54ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Mar 2023 18:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 17:27:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Mar 2023 18:02:31 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame B684 2 KB
818 B 53ms
52ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:30:01 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B684 0
0 98ms
98ms Fetch
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpzxuNjYCZP_EGJby6gTx0IPwBLLLlpJun5Pu_rgQzpXbmf0vEAEgkLCHE2CVgoCAtAegAcjM0-QDyAEJqQK0w3q35c-xPqgDAcgDywSqBOQBT9D6rmdZyIknujVRm_PBOngobSRjBl_rj1rzD3tNcEYBbq_hlkEJyRafhO4oMpgjz1K3S8NshZCNPHAgNj38qpntsRn3gsS97JA1NOrtbpKdxVbCxdBPopN6TrZJY272Dh15Bd76brHA3rDkTk5nM3x-JXTBUFkRZLB82Tywbc_8UaFyWcWaoc8Skx1cR73DeTfN6vXoLVPjSv3qytEmJCySbJfHp7P-4SXaBMuvL6KByo6vn3fbVvQCFmldWt2qnKZ_cDF8Py3U0MNjfqH2ViR6aTeFPWy5Xz2yKQ9CzJc7VtjGwAT74Y-4nASSBQQIBBgBkgUECAUYBKAGLoAHoLOsG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcFENCMjAPSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi04ODQ3MDkyMzYyNzQ4MzY4GAA&sigh=egRY6IxHEl4&uach_m=[UACH]&cid=CAQSGwDUE5ymA4aym-0ofv1aGaBQKsRHQg5zHbsM7xgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=3582736694&adf=865389875&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677866550&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677866550051&bpp=4&bdt=732&idt=279&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=KXb8FVs6Mf&p=http%3A//smiles.iclou.com.br&dtd=283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 03 Mar 2023 18:02:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame B684 22 KB
9 KB 56ms
52ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Mar 2023 13:37:29 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame B684 3 KB
1 KB 71ms
68ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Mar 2023 13:37:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame B684 20 KB
8 KB 62ms
59ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:30:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B684 158 KB
49 KB 253ms
117ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Mar 2023 18:02:31 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame B684 34 KB
14 KB 137ms
42ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 08:24:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 07:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:24:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 169D 4 KB
621 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1677866550&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866550055&bpp=1&bdt=736&idt=285&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=bI6HBYU3Kz&p=http%3A//smiles.iclou.com.br&dtd=289

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Mar 2023 18:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 17:21:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Mar 2023 18:02:31 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 169D 2 KB
799 B 84ms
83ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:30:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame 169D 22 KB
9 KB 65ms
64ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Mar 2023 13:37:29 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 169D 3 KB
1 KB 68ms
67ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Mar 2023 13:37:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 169D 20 KB
8 KB 73ms
72ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:30:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 169D 158 KB
48 KB 322ms
194ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Mar 2023 18:02:31 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 169D 34 KB
14 KB 120ms
50ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 08:24:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 07:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:24:18 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13732394498923137331/ Frame B684 28 KB
28 KB 117ms
116ms Image
image/jpeg 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13732394498923137331/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a669ebd3084aafcfbdee9e8baf522b714c4a517eaba6db04026b23fde6eeddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:31 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28375
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 11:38:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Mar 2024 18:02:31 GMT

GET
DATA 200
OK truncated
/ Frame B684 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B684 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 169D 0
0 99ms
99ms Fetch
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CuneiNjYCZPSaGfqZ78EPjYaMoAzXmsCgbp_Mr6y_Duqf3KDUARABIJCwhxNglYKAgLQHoAGwuqHXA8gBCakCtMN6t-XPsT6oAwHIA8sEqgTpAU_Qa27J1BN9gQujkKlbOTdaHz_nLNDwLzN_IKXCMVmwa66bXWRcqesom9J-P3kW5bcCZKKNA1dPaJ3M48OO2RpSJI0kWY6-PGvxCeyLKLsELsT0rdus5qSg6bDrx_OffxmjXdSq7P6b6VG4s_xelchEaWXQKY1G0UiMPDgFERkfKpqC2AKcHrSdWgYKFjBMTox-UT4OY0pRi3mDssycTDHdwysfARsy3X6QIzNgiNbXCYoq18W4TT8s9Hgm5MMXzYRkDOqXCgMzGnwyUNYqCjFidvUnrnSpjfa-yBfRIp6DS2SN7QXJibvLwASpnKmq4AOSBQQIBBgBkgUECAUYBKAGLoAHxfetPqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBC4l0rSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi04ODQ3MDkyMzYyNzQ4MzY4GAA&sigh=atK7nV2al64&uach_m=[UACH]&cid=CAQSGwDUE5ymg280OXO0sQwDj8cx-7aGTIOatGZunBgB&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1677866550&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866550055&bpp=1&bdt=736&idt=285&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=bI6HBYU3Kz&p=http%3A//smiles.iclou.com.br&dtd=289
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 03 Mar 2023 18:02:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 169D 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame 169D
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

54ms
53ms

Image
image/png

2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Protocol

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 21:24:25 GMT
x-content-type-options: nosniff
age: 74286
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Mar 2024 21:24:25 GMT

Redirect headers

date: Thu, 02 Mar 2023 18:46:28 GMT
x-content-type-options: nosniff
server: cafe
age: 83763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 01 Apr 2023 18:46:28 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame AC90 0
45 B 807ms
270ms Ping
image/gif 2404:6800:4008:c13::5e

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=3~lesuf8v9&c=7962907168148&slotId=3981453584074&qqid=CK-e-P2rwP0CFZX0mgodqjkKDw&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c13::5e -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame AC90 41 KB
15 KB 58ms
58ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170590
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 18:39:21 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-4g5edn6k.c.2mdn.net/videoplayback/id/a3d1b5ecaa4a0ba0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818572274/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame AC90
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/a3d1b5ecaa4a0ba0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818572274/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r2---sn-4g5edn6k.c.2mdn.net/videoplayback/id/a3d1b5ecaa4a0ba0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818572274/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

237ms
40ms

Fetch
video/mp4

2a00:1450:4001:d::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5edn6k.c.2mdn.net/videoplayback/id/a3d1b5ecaa4a0ba0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818572274/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6E3227C26D925AE234724938C57408FBBBFB6AA0.29ED73FB73950295A083925D39EB74835678E58E/key/cms1/cms_redirect/yes/mh/s7/mip/2a01:4a0:1338:92::5/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1677866211/mv/m/mvi/2/pl/36/file/file.mp4

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

HTTP/1.1

Server

2a00:1450:4001:d::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 18:02:32 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4489784
Last-Modified: Thu, 19 Jan 2023 10:29:30 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 03 Mar 2023 18:02:32 GMT

Redirect headers

date: Fri, 03 Mar 2023 18:02:31 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-4g5edn6k.c.2mdn.net/videoplayback/id/a3d1b5ecaa4a0ba0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818572274/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6E3227C26D925AE234724938C57408FBBBFB6AA0.29ED73FB73950295A083925D39EB74835678E58E/key/cms1/cms_redirect/yes/mh/s7/mip/2a01:4a0:1338:92::5/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1677866211/mv/m/mvi/2/pl/36/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 85ms
84ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=1%2C3&c=ca-pub-8847092362748368&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 82ms
79ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 76ms
74ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/ Frame 92AE 10 KB
4 KB 56ms
52ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 21:19:28 GMT
etag: 2378337311435320485
expires: Thu, 16 Mar 2023 21:19:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/ Frame 4524 10 KB
4 KB 57ms
52ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 21:19:28 GMT
etag: 2378337311435320485
expires: Thu, 16 Mar 2023 21:19:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B684 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de10df60b55a6e5e7e3cfb603500eef739e2c517b9234fccf340334f568e5a38

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 169D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7c08902b4fc94156a09fb46bfa362cd3b236df6257a71b0cbdaf018e5a7bd08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 22E4 23 KB
9 KB 57ms
54ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 170590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 18:39:21 GMT
expires: Thu, 29 Feb 2024 18:39:21 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 92AE 0
0 93ms
93ms Fetch
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5iENNjYCZIeLGO2Z78EP6a6V0A79qLWXYcXfzZL-DOCIhZ4LEAEgkLCHE2CVgoCAtAegAdGb-bUCyAEDqQK0w3q35c-xPqgDAcgDyQSqBOIBT9DCMPgllvHkdaj1zSJEyaMODxqZauFOMFNR1uICI7Fuy2Yc0xoNAyBIBLhKChw3qeHyMZOr85LeNIR1DLzWzy3YtIfDnRB_X91HzuQMUn_ABZ3VN1g2wydpQbvOh3xZX5zG6Bqvqv5diRYmooGc9GfgD6PporvARUt1IguMXssBHQjcTD6LtAlm0n0NTgn_tueW4vb4r56EnIZHLfzOrN-_qWGDejgVg413iEsuW-xY3NzfWiN2jbx9a_Yi2Caksnbkpq-QrobnLx_zXZtErzgG4K1DoYpGbKRX_qNFLqr7bsAE2NOL2MgDkgUECAQYAZIFBAgFGASgBgOAB5fkhsoBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ3sB60ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw7QFQGAFwGyFxwKGggAEhRwdWItODg0NzA5MjM2Mjc0ODM2OBgA&sigh=tdbaIy_zk2w&uach_m=[UACH]&cid=CAQSGwDUE5yma9xi-EDESkefNrUr7AN1KXapPWsV7xgB

Requested by

Host: contatonline.com
URL: http://contatonline.com/?Dw0RYAT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 03 Mar 2023 18:02:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame 92AE 22 KB
9 KB 52ms
52ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Mar 2023 13:37:29 GMT

GET
H3 200 8577790645785731169
tpc.googlesyndication.com/simgad/ Frame 92AE 16 KB
16 KB 110ms
109ms Image
image/gif 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8577790645785731169

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc975dee2288ad71c4131cbbd9e8e61d9123727e03ec56dfe5e3d78d60596d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 16:11:13 GMT
x-content-type-options: nosniff
age: 6678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16142
x-xss-protection: 0
last-modified: Fri, 29 Jan 2021 14:15:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Mar 2024 16:11:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 92AE 3 KB
1 KB 71ms
70ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Mar 2023 13:37:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 92AE 20 KB
8 KB 62ms
61ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:30:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 92AE 158 KB
48 KB 185ms
184ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Mar 2023 18:02:31 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 92AE 33 KB
13 KB 92ms
92ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48a3803c66697398863063eaad8263078145e5d97110d0b777a7347640a5afc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13717
x-xss-protection: 0
server: cafe
etag: 17409078185802295553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 19:27:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4524 8 KB
895 B 51ms
51ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Mar 2023 18:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 17:18:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Mar 2023 18:02:31 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 4524 2 KB
765 B 104ms
104ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:30:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame 4524 22 KB
9 KB 53ms
52ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Mar 2023 13:37:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 4524 3 KB
1 KB 102ms
101ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Mar 2023 13:37:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 4524 20 KB
8 KB 62ms
60ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:30:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4524 158 KB
48 KB 173ms
172ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Mar 2023 18:02:31 GMT

GET
H2 200 32a90be408c9c7ee7210a0b41533c7d1.js Show response
www.gstatic.com/mysidia/ Frame 4524 34 KB
14 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32a90be408c9c7ee7210a0b41533c7d1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97216833c4b179d99561e8d7690aca967286ef9e6c61180b9d1a2fbd24ef8d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 03:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14300
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 02:16:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 03:52:28 GMT

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 22E4 36 KB
14 KB 54ms
54ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:10:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 168740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 19:10:11 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8FE9 143 B
166 B 51ms
51ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3035
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 17:11:56 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 92AE 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bb6d832c5365641d58ce3d09c4aec5ad5864fc8d10e2742d518f91a3f111cdc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C977 42 B
63 B 84ms
84ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bzv3c97kwRVvRFa6CjldYfhAh3Ev2At4yi-aHb-r_5RNAM4qx6P5ibFewylNatUjvRZ3Gn6H3JM-0xB7BqjBo2FJVDWgqSrJflDtSB4_SmUEbQcVw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2156&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yVqhSKQ1sU&p=http%3A//smiles.iclou.com.br&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C977 0
20 B 85ms
84ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15424903484656264387&x=1&ct=76

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2156&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yVqhSKQ1sU&p=http%3A//smiles.iclou.com.br&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C977 78 KB
27 KB 120ms
118ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2156&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yVqhSKQ1sU&p=http%3A//smiles.iclou.com.br&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 03 Mar 2023 18:02:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame C977 3 KB
1 KB 56ms
55ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2156&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yVqhSKQ1sU&p=http%3A//smiles.iclou.com.br&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15903
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Mar 2023 13:37:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame C977 20 KB
8 KB 55ms
53ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2156&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yVqhSKQ1sU&p=http%3A//smiles.iclou.com.br&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:30:01 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C977 0
0 74ms
73ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRR2jOIkABG_6YjTiBrbEKus6uVYWeNCG9OZh9aUzWN2Dv_vFkiCcxDFmosOv1UucqojREnHZR6a7DRlaFIF72tORcrvg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2156&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yVqhSKQ1sU&p=http%3A//smiles.iclou.com.br&dtd=9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C977 158 KB
49 KB 170ms
168ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2156&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yVqhSKQ1sU&p=http%3A//smiles.iclou.com.br&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Mar 2023 18:02:32 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 76ms
75ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 76ms
75ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 298E 75 KB
24 KB 241ms
240ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677866552&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677866552004&bpp=1&bdt=2685&idt=2&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280%2C1005x124%2C180x500&nras=3&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg%2CAD37Y7sSwmYkqfHyYWDLCumFmaATTE8CcIC193DP9p0dP5MMdk2IngS7jAMmtf74jVS3966fzNLB9ccFbt5ijuI%2CAD37Y7tk1Ju37w6o1doYB7RIgRP3THtIu-rBBiI4bh1Wv1oCVgFjfueVa4EWyiUKysnzTO5s5JG21p7599Ikgsc%2CAD37Y7sPb2PYZfn3TYKip6a9R3-Y1RP8Q23V8KGEvFUUQZmypmP6SBQezqNF1X2VsZUr56R1aTWZxzCpDysJ2uWGKfxlkxUWJutZ4IZscR5X6TE%2CAD37Y7tZkcXlt5i4AvC24napMG2wq2CiaJG2EBCWiyUwMTFkKC3650GIbUtvUhtkKR-gX-KWMRCO0vjAy3xJHhFrLPjttMK1yvUBx_bforcF&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=O0i1czYvxb&p=http%3A//smiles.iclou.com.br&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1f91deff330a245fc52a9e7be9e08e57958e0cd097f5d293f06e02d5177f6c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 24347
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 18:02:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0324 624 B
242 B 93ms
88ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY25DA3gEwAQ&v=APEucNW1I5TYowU_EXKcKKw3RItOm2724cjOVfgxbNjg0lAdT7e51mNNTdoLIeGP7b1hhceM-Uw3KOA8i3YOReBNmoccIbgLsgCRB6MuFP1gz-qURZT5_lrliudovv3hGOUf54DkvKYQwDpqe8HOKYx_xieKbtX1a5EyEm0ld2Yg41t6WjfkkVo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2156&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yVqhSKQ1sU&p=http%3A//smiles.iclou.com.br&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2156&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yVqhSKQ1sU&p=http%3A//smiles.iclou.com.br&dtd=9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 18:02:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8FE9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

92ms
91ms

Document
text/html

2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 18:02:32 GMT
expires: Fri, 03 Mar 2023 18:02:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 18:02:32 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame B684 28 KB
28 KB 52ms
52ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:20:09 GMT
x-content-type-options: nosniff
age: 178943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:20:09 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 169D 16 KB
16 KB 52ms
52ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:57:30 GMT
x-content-type-options: nosniff
age: 176702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:57:30 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/719205432236882517/ Frame 4524 4 KB
4 KB 92ms
92ms Image
image/jpeg 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/719205432236882517/14763004658117789537?w=195&h=102

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ec70a3daaf44785b4e0419fede515a97ac00a951b1d410881344f85a27a7b13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:32 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4450
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 11:40:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Mar 2024 18:02:32 GMT

GET
DATA 200
OK truncated
/ Frame 4524 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4524 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4524 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbc6e0d3c0d0c4932358e42196a9dadf310a245188a2add5a317a7fcf7946b95

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0324
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtsMfL8J0-zfpmApVTn1hU&google_cver=1

43 B
766 B

104ms
41ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtsMfL8J0-zfpmApVTn1hU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY25DA3gEwAQ&v=APEucNW1I5TYowU_EXKcKKw3RItOm2724cjOVfgxbNjg0lAdT7e51mNNTdoLIeGP7b1hhceM-Uw3KOA8i3YOReBNmoccIbgLsgCRB6MuFP1gz-qURZT5_lrliudovv3hGOUf54DkvKYQwDpqe8HOKYx_xieKbtX1a5EyEm0ld2Yg41t6WjfkkVo
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 18:02:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtsMfL8J0-zfpmApVTn1hU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0324
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAI2OB1G2.9LALoLtarN2AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtsMfL8J0-zfpmApVTn1hU&google_cver=1&google_hm=2

43 B
766 B

41ms
41ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtsMfL8J0-zfpmApVTn1hU&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY25DA3gEwAQ&v=APEucNW1I5TYowU_EXKcKKw3RItOm2724cjOVfgxbNjg0lAdT7e51mNNTdoLIeGP7b1hhceM-Uw3KOA8i3YOReBNmoccIbgLsgCRB6MuFP1gz-qURZT5_lrliudovv3hGOUf54DkvKYQwDpqe8HOKYx_xieKbtX1a5EyEm0ld2Yg41t6WjfkkVo
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 18:02:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtsMfL8J0-zfpmApVTn1hU&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0324
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEM21jEh44zJJ2lDHobVhuxI&google_cver=1

43 B
1 KB

92ms
72ms

Image
image/gif

185.89.210.153

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEM21jEh44zJJ2lDHobVhuxI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY25DA3gEwAQ&v=APEucNW1I5TYowU_EXKcKKw3RItOm2724cjOVfgxbNjg0lAdT7e51mNNTdoLIeGP7b1hhceM-Uw3KOA8i3YOReBNmoccIbgLsgCRB6MuFP1gz-qURZT5_lrliudovv3hGOUf54DkvKYQwDpqe8HOKYx_xieKbtX1a5EyEm0ld2Yg41t6WjfkkVo

Protocol

HTTP/1.1

Server

185.89.210.153 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 18:02:32 GMT
AN-X-Request-Uuid: 898896d0-a155-42a7-b428-fa4e7f1351c5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.101; 80.255.7.101; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEM21jEh44zJJ2lDHobVhuxI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0324
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcyMzE2Mzg1MjkxODA0ODYyOQ%3D%3D

170 B
243 B

78ms
78ms

Image
image/png

142.251.39.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcyMzE2Mzg1MjkxODA0ODYyOQ%3D%3D

Requested by

Protocol

Server

142.251.39.34 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 03 Mar 2023 18:02:32 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.101; 80.255.7.101; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ebcd6564-5d5a-4ea7-ab6b-4879ac115111
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcyMzE2Mzg1MjkxODA0ODYyOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js Show response
pagead2.googlesyndication.com/bg/ Frame 852B 36 KB
14 KB 53ms
52ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js

Requested by

Host: contatonline.com
URL: http://contatonline.com/?Dw0RYAT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:03:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 169161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14266
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 19:03:11 GMT

GET
H3 200 I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js Show response
pagead2.googlesyndication.com/bg/ Frame 5EBF 36 KB
14 KB 55ms
54ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:03:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 169161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14266
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 19:03:11 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4524 0
18 B 94ms
94ms Image
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5_WwNjYCZIiLGO2Z78EP6a6V0A6yy5aSbp-T7v64EM6V25n9LxABIJCwhxNglYKAgLQHoAHIzNPkA8gBCakCtMN6t-XPsT6oAwHIA8sEqgTjAU_Q7qb9fEZQcH33gI47kAboH466WmZPZj8gxfZVE4P0F6TGXajBIJkNTqLqNt7KCLv_9eWYADafEOu4o5ySERRw8w7I-QiF4YKFLNrln8OFV6Hx_K0AaFyAOv5XlMg8uBgu8MYF7Rpzy8M1UehCF8ICly-5TdTtLELF1o9-nmXn8RfI-DWy9maNQWV9StZCRA6nm2J5hPbxTi9P8xHkG_mxQ8ZQD_kHo0Fg9JKep6WuRcWMyUOt-TadiA3JkPUFC03fKHQr4NkVdClSrtZvl3u2C8csc0zjN-ocT4ZFZYLlewKGwAT74Y-4nASSBQQIBBgBkgUECAUYBKAGLoAHoLOsG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEImmP9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTg4NDcwOTIzNjI3NDgzNjgYAA&sigh=XNk588SOmqY&uach_m=[UACH]&cid=CAQSGwDUE5yma9xi-EDESkefNrUr7AN1KXapPWsV7xgB&template_id=5000&vis=1

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 03 Mar 2023 18:02:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 206 file.mp4
r2---sn-4g5edn6k.c.2mdn.net/videoplayback/id/a3d1b5ecaa4a0ba0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818572274/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame AC90 224 KB
0 84ms
40ms Media
video/mp4 2a00:1450:4001:d::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:d::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range: bytes=0-

Response headers

expires: Fri, 03 Mar 2023 18:02:32 GMT
date: Fri, 03 Mar 2023 18:02:32 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4489783/4489784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4489784
last-modified: Thu, 19 Jan 2023 10:29:30 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C977 0
20 B 84ms
84ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2262494786541&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C977 0
20 B 84ms
84ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2262494786541&version=m202301230201&ct=76&x=1&cor=15424903484656265000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C977 84 KB
35 KB 122ms
121ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DtIUDFzvl3pGp6v1KHv5lWPBpXZ0xEEotFtDgqh69DcUslb1TNP2Y2sV7y09YYvWTju2vUPoB0ac1CTgNoA-Z43ooxaq_wCwEuPWbeVXzaboZT4CNPygFm3P6239rQTO1jk_zLjw_2fBECsYILFLEgLdl5PtBGtC_y5aqoXlR_i5xLAQE&dbm_d=AKAmf-DRGZBTKEAdspfxaeHQjsw0xl7YZodSR33CxRcTF_uq2c2u4fYK9USRE1fWe4Z9oRclDbSAxcDBrQSdXR0dU7vqCtyD2bN9_wcqfUZHeilHL7nDijU5pBy3y3uIkczFjqzJ7EV2dcdveOyK2anYsGmyHxbhD7pE9SPhbIrD2dZARsATxwWCFWy_w6sq9yEwhP0oy7OzEM9BEuADM_G2U5O5OvX1bVu-nec0o2JX26GYM7PZ7N6vxZjw974fTDx_u_gANooEaG8fIN7dD_I9Je4A6DYlrQk3X_31bqG10mAirTYJqakFleB9O6g5nk7fyLt4uU9yEOKL8oi_oYoqfHcXuyiTb-JmLllHlD6cGZRsK786BQdhmyX2s0ZdSzV3mtFOD3rcsM1wJ-Q72_1L3NfZDyGgmTu6gpq4qIBGlYelcvYNoT0NrbxNySvWj4zhzPDmpLh9I-1JgGR00O9_sGfbCkOmKoSA7c_fIq0x75EanDr9f1SpojThX70EnuxA-C6yXJyP9KwvyK9rwFld1_ZMMXs7P3vGRb_Tn8o-y_V3RlblcJrcgpbfzlTBjYnTwVQ6aiUFolA6jgtp7y_zu8nB4oWfQpdU1uFOVhh9UFFuUITSU6l5QSMYyoWAVCIVMBjklwtswWuaXDld_qFFjjjqhmDZlOy6Wf7Odjpb9HnMX6JzKjBLdQy_FdzR6OFTYdTkEMrVnopOA6YOCra0y6RZALkCIhnV2LkgHMjF1M21EFn7lyM7j2CChd10MbrYnj9uYEvKPp-pl6Da5Q4Amdfsk8wdaHfjv8ZLgUFSL26zGF8Urzf0foLirWWsdPR-LAX_yjJHeaS2h5mUbfsZvN-6NymUd-jgubJcA3lpe1tsRVn4KjP2xOGj1ZkMOao9XOPNRjQ4_yfEfVqGOAVFrJ8jo-0Bv3OZKaD9nGioy2-oBjdGwVU7tj6pVjc-M_9_o3JieafpNrN755J-J_bn6WcBrFW34gt4h6a6y9M2qRY-_g93ZNHLxOnwxMaI1bSpF1iSaNO0yXdEVrG9N_35MgGs8Mo0XzdXZW_y6SUrJUgYYKdf5AF-a17Ssl0uzPVd3HPPzrOkMiaE-I8ZD74GAmJmZW7x9UJCE7ShIu4eY_lRSWmUM2UmMZdGu4BlfrdKZ2OcBTKV8vyY4I5FGvL7q78FHkYxDNZfzizzoO_e-JxuWYe0OdLbsFjXkZkJdnp_gIjB3D5Nvg_BYOtYsOGe9XAA9qveSXynQe-pIrae2mLreBMk7yD9qRKJ_cabrrOGZrnIcchVcFvpmAJWMXNpJmy7s-vc94lH-8uVE9KHCuBiYFnoxSUnV8oRKvcW1kFpmuKPrFuIbinCmsxEw2nuid6TxMQWG9zFh9oUo_mQHDcBDWGP5r6iz8NCAGIdFBPF-sNFZkRKJoJFW6XJP8ywCIb6dldQDQdRj_2lOEfzr8osP78tB9YCU_Np21nBQg1ggrtK0-GVzuhjh_SgxoSideIA7DsxMpCE-R5hNIJ8V_WH1HEnazHRYKlT_M2w0dI4TlHV8XGb9gvm6Ugg-MYJueNRx5xIRb_eKtzoDS0PLXjsaS9giUkjxsj1pqGkjRYCP0kLw4cUyh_h8z-qtRixYYk6-KuUgtyXHC7VoMf65FrBSJZZ8c7-WftVe06ZkNGtVtHpNWVULi4vVdHXtflVRamxprHTyFzMYGMRuV7TRk-KbYKJNBaBSjZnEwSwNOg85d9uHkCTRvkcRnkAz0oel2EzP6RWzRoE_c1-rQjva5IrRiqsN4R5ZSKCe2UnGCPuNwyosIcaIA94SbX4joprjJtBDQ4tfMcpS-UMg0xZI30OWNQe1h3SL8rvRCPanVDLJowMs6HvVON5p4QqWRrY2eVKVHpvKtSBxksDWOPWUbZhc0_uHHTJ0xvaVG_Xn1E_wF8rjyeNB44f6GDu39WQzle3x6XhZ4H0qhIBqYeK-ZmQ8KiEeUG8IF2tHpXvq0kpEkL6eNyb5id8j-xVugxg37JGSM6xsKfBZ7-kFPnqGmsuJw6v3yDCu9PohdITo47oUO-h5mN3AE4A00VFfvbKLv97_8FlIQMmbAoZ-k_7TzBV6CHkw62xhYFg-IF7VlXV7O00WTAXxtTOCQ_OmIOO1hW6CdyFb2vfHX8xhlxP5GlPurOLbDilmXOjg8nzBgP3HeMXP2NrCMrYiAtQHyW5bOSMPLUUD1KAD0Nmd9UWuP80cHtNHCHQy7xm-C3Diuh900LNrmdNx5gGcf5lbS-4_IjdzKiZztzG3fc6RjFCn72L_hVHET4SJKg-DK0OGbo9QFdJU44yZ5qGVMgvOAs_2SMs1hn3_fcHdRNzuL6hK_W9aR2RGqNsgXr9B633yV4PolLIBeUQvhKv-cJWz6Khye1tgfI4dFLZibeQfIOX9NpollbJym0JusmD2e1KfxpUntfwlB5mrhkOOivvZBcWtC6xsa4mhPt-vMftKRFij4wmKHBIaV2bvKm_enkHddhKLEG61cYZtUDLprSvYmaPA4TnQH4l847DXzqZz8c1iAcUYn3Hjx8QP_UvonVfLOvMF29JlNkATdk2drHjJjzxjHRBSTBnj0l8jXYNrRRAgupqEE_Oh8YLohIArNZbOID50UR8yH8v7BurdT5jurthB9iv5P4Xu9ZUn3YB-TW7koDGaFtmWggoZuinVYCz18bhiWz8j7jBvklZRQAuuhP7ZFFntRNAvzkB_V4uHWBhcsAID1SYdOlcUf0ePdAObuKHUy9fcCAN9dYp-8PBDH3p6PzgzXdpdON2iD6YL9v0B5ujXec_F_rzzzA4U7WSQgZi2QbEmA18qqDTVIk25fds08hRHrIGDCsEXLvr17zh_4jHH22Q5keZtQEavMf899T8KbP0sO6WSTTAdUS8S4SDYsc4GmRwvSRRMONWKeIXS9gGhCu9vlwpxAsIXlNZFbTMR6mwGVtShWFqc2u4JLpvmkGHNc8bttOhL9wFt8sskerCZOXOZep9Tt-3Bw2p0-q39sT-qfXye2VywEO3Tu2KsImchHT0kx1mj0DN_YTg7iySF3MXGm0vmKa6RyFlQVm-ekNOWwF_pyAUTyeRTaF2D0ekagyQy-pcYl2WcLaOsvFEGpCbAXKsbxz1lrqf5_4rVHH2Y1Yu8njtHFtEuKst3FlrBHdh06Q2FnOCC58ywg2vS5lsBqcOXJIj6IwuB05S6YcYrVGipTwFcQqMQZbwrJISzGrmEResgJhrgraR8w1dDrrrv1lMjRnlexFdX66JuWRpZ8Myx-LWgPZTd-St01bs48TK7282GEqFUtshahMySww2inNcZoMlZqmopa_se_3t0SpOLTDL49fZNNwwH6Rkd_tSl1kMi9dXKwFh07vck69oHAtsjG5qzYeh92rJnKnCMTap&cid=CAQSOwDUE5ymxsrwO_j3hoLr_xtflXnQtZpFHDyFv-Q0Ie24IN3WfeUh1yE4Z8O-AUC9G7pLN76Gap7g-z4sGAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fsmiles.iclou.com.br%2F&ds=l&xdt=1&iif=1&cor=15424903484656265000&adk=3047537735&idt=162&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e97471c9146d06632c7730c7d1dd558d35fce90e312e2cc88f724cb2fbacddf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2156&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yVqhSKQ1sU&p=http%3A//smiles.iclou.com.br&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36277
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js Show response
pagead2.googlesyndication.com/bg/ Frame DF1B 36 KB
14 KB 53ms
52ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:03:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 169161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14266
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 19:03:11 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame 298E 22 KB
9 KB 68ms
68ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677866552&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677866552004&bpp=1&bdt=2685&idt=2&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280%2C1005x124%2C180x500&nras=3&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg%2CAD37Y7sSwmYkqfHyYWDLCumFmaATTE8CcIC193DP9p0dP5MMdk2IngS7jAMmtf74jVS3966fzNLB9ccFbt5ijuI%2CAD37Y7tk1Ju37w6o1doYB7RIgRP3THtIu-rBBiI4bh1Wv1oCVgFjfueVa4EWyiUKysnzTO5s5JG21p7599Ikgsc%2CAD37Y7sPb2PYZfn3TYKip6a9R3-Y1RP8Q23V8KGEvFUUQZmypmP6SBQezqNF1X2VsZUr56R1aTWZxzCpDysJ2uWGKfxlkxUWJutZ4IZscR5X6TE%2CAD37Y7tZkcXlt5i4AvC24napMG2wq2CiaJG2EBCWiyUwMTFkKC3650GIbUtvUhtkKR-gX-KWMRCO0vjAy3xJHhFrLPjttMK1yvUBx_bforcF&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=O0i1czYvxb&p=http%3A//smiles.iclou.com.br&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15903
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Mar 2023 13:37:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 298E 8 KB
716 B 62ms
60ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Mar 2023 18:02:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 16:58:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Mar 2023 18:02:32 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/ Frame 298E 14 KB
3 KB 55ms
53ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 11:39:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 12:53:31 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/ Frame 298E 376 KB
128 KB 58ms
57ms Script
text/javascript 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d07304cca832f4d70ceafd73f39bf68de4cb3b8185f24614641e6f860118389b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 23:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154898
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131380
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 11:39:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 23:00:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 298E 20 KB
8 KB 69ms
67ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:30:01 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 298E 0
0 95ms
75ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTzD2R-U1hJZ6L0u4omQQC3hmD_twY0J4kmZTirt5Vsl7O9ZebyrJClLtyYQUVn0i_xuWl0DlbK9WZlqXCDdxG1q5Lu2w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677866552&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677866552004&bpp=1&bdt=2685&idt=2&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280%2C1005x124%2C180x500&nras=3&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg%2CAD37Y7sSwmYkqfHyYWDLCumFmaATTE8CcIC193DP9p0dP5MMdk2IngS7jAMmtf74jVS3966fzNLB9ccFbt5ijuI%2CAD37Y7tk1Ju37w6o1doYB7RIgRP3THtIu-rBBiI4bh1Wv1oCVgFjfueVa4EWyiUKysnzTO5s5JG21p7599Ikgsc%2CAD37Y7sPb2PYZfn3TYKip6a9R3-Y1RP8Q23V8KGEvFUUQZmypmP6SBQezqNF1X2VsZUr56R1aTWZxzCpDysJ2uWGKfxlkxUWJutZ4IZscR5X6TE%2CAD37Y7tZkcXlt5i4AvC24napMG2wq2CiaJG2EBCWiyUwMTFkKC3650GIbUtvUhtkKR-gX-KWMRCO0vjAy3xJHhFrLPjttMK1yvUBx_bforcF&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=O0i1czYvxb&p=http%3A//smiles.iclou.com.br&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js Show response
pagead2.googlesyndication.com/bg/ Frame 0412 36 KB
14 KB 76ms
52ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:03:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 169161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14266
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 19:03:11 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame C977 106 KB
37 KB 353ms
52ms Script
text/javascript 2a00:1450:400d:806::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: contatonline.com
URL: http://contatonline.com/?Dw0RYAT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 14:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13834
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 14:11:58 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230301/r20110914/elements/html/ Frame C977 8 KB
3 KB 60ms
53ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230301/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DtIUDFzvl3pGp6v1KHv5lWPBpXZ0xEEotFtDgqh69DcUslb1TNP2Y2sV7y09YYvWTju2vUPoB0ac1CTgNoA-Z43ooxaq_wCwEuPWbeVXzaboZT4CNPygFm3P6239rQTO1jk_zLjw_2fBECsYILFLEgLdl5PtBGtC_y5aqoXlR_i5xLAQE&dbm_d=AKAmf-DRGZBTKEAdspfxaeHQjsw0xl7YZodSR33CxRcTF_uq2c2u4fYK9USRE1fWe4Z9oRclDbSAxcDBrQSdXR0dU7vqCtyD2bN9_wcqfUZHeilHL7nDijU5pBy3y3uIkczFjqzJ7EV2dcdveOyK2anYsGmyHxbhD7pE9SPhbIrD2dZARsATxwWCFWy_w6sq9yEwhP0oy7OzEM9BEuADM_G2U5O5OvX1bVu-nec0o2JX26GYM7PZ7N6vxZjw974fTDx_u_gANooEaG8fIN7dD_I9Je4A6DYlrQk3X_31bqG10mAirTYJqakFleB9O6g5nk7fyLt4uU9yEOKL8oi_oYoqfHcXuyiTb-JmLllHlD6cGZRsK786BQdhmyX2s0ZdSzV3mtFOD3rcsM1wJ-Q72_1L3NfZDyGgmTu6gpq4qIBGlYelcvYNoT0NrbxNySvWj4zhzPDmpLh9I-1JgGR00O9_sGfbCkOmKoSA7c_fIq0x75EanDr9f1SpojThX70EnuxA-C6yXJyP9KwvyK9rwFld1_ZMMXs7P3vGRb_Tn8o-y_V3RlblcJrcgpbfzlTBjYnTwVQ6aiUFolA6jgtp7y_zu8nB4oWfQpdU1uFOVhh9UFFuUITSU6l5QSMYyoWAVCIVMBjklwtswWuaXDld_qFFjjjqhmDZlOy6Wf7Odjpb9HnMX6JzKjBLdQy_FdzR6OFTYdTkEMrVnopOA6YOCra0y6RZALkCIhnV2LkgHMjF1M21EFn7lyM7j2CChd10MbrYnj9uYEvKPp-pl6Da5Q4Amdfsk8wdaHfjv8ZLgUFSL26zGF8Urzf0foLirWWsdPR-LAX_yjJHeaS2h5mUbfsZvN-6NymUd-jgubJcA3lpe1tsRVn4KjP2xOGj1ZkMOao9XOPNRjQ4_yfEfVqGOAVFrJ8jo-0Bv3OZKaD9nGioy2-oBjdGwVU7tj6pVjc-M_9_o3JieafpNrN755J-J_bn6WcBrFW34gt4h6a6y9M2qRY-_g93ZNHLxOnwxMaI1bSpF1iSaNO0yXdEVrG9N_35MgGs8Mo0XzdXZW_y6SUrJUgYYKdf5AF-a17Ssl0uzPVd3HPPzrOkMiaE-I8ZD74GAmJmZW7x9UJCE7ShIu4eY_lRSWmUM2UmMZdGu4BlfrdKZ2OcBTKV8vyY4I5FGvL7q78FHkYxDNZfzizzoO_e-JxuWYe0OdLbsFjXkZkJdnp_gIjB3D5Nvg_BYOtYsOGe9XAA9qveSXynQe-pIrae2mLreBMk7yD9qRKJ_cabrrOGZrnIcchVcFvpmAJWMXNpJmy7s-vc94lH-8uVE9KHCuBiYFnoxSUnV8oRKvcW1kFpmuKPrFuIbinCmsxEw2nuid6TxMQWG9zFh9oUo_mQHDcBDWGP5r6iz8NCAGIdFBPF-sNFZkRKJoJFW6XJP8ywCIb6dldQDQdRj_2lOEfzr8osP78tB9YCU_Np21nBQg1ggrtK0-GVzuhjh_SgxoSideIA7DsxMpCE-R5hNIJ8V_WH1HEnazHRYKlT_M2w0dI4TlHV8XGb9gvm6Ugg-MYJueNRx5xIRb_eKtzoDS0PLXjsaS9giUkjxsj1pqGkjRYCP0kLw4cUyh_h8z-qtRixYYk6-KuUgtyXHC7VoMf65FrBSJZZ8c7-WftVe06ZkNGtVtHpNWVULi4vVdHXtflVRamxprHTyFzMYGMRuV7TRk-KbYKJNBaBSjZnEwSwNOg85d9uHkCTRvkcRnkAz0oel2EzP6RWzRoE_c1-rQjva5IrRiqsN4R5ZSKCe2UnGCPuNwyosIcaIA94SbX4joprjJtBDQ4tfMcpS-UMg0xZI30OWNQe1h3SL8rvRCPanVDLJowMs6HvVON5p4QqWRrY2eVKVHpvKtSBxksDWOPWUbZhc0_uHHTJ0xvaVG_Xn1E_wF8rjyeNB44f6GDu39WQzle3x6XhZ4H0qhIBqYeK-ZmQ8KiEeUG8IF2tHpXvq0kpEkL6eNyb5id8j-xVugxg37JGSM6xsKfBZ7-kFPnqGmsuJw6v3yDCu9PohdITo47oUO-h5mN3AE4A00VFfvbKLv97_8FlIQMmbAoZ-k_7TzBV6CHkw62xhYFg-IF7VlXV7O00WTAXxtTOCQ_OmIOO1hW6CdyFb2vfHX8xhlxP5GlPurOLbDilmXOjg8nzBgP3HeMXP2NrCMrYiAtQHyW5bOSMPLUUD1KAD0Nmd9UWuP80cHtNHCHQy7xm-C3Diuh900LNrmdNx5gGcf5lbS-4_IjdzKiZztzG3fc6RjFCn72L_hVHET4SJKg-DK0OGbo9QFdJU44yZ5qGVMgvOAs_2SMs1hn3_fcHdRNzuL6hK_W9aR2RGqNsgXr9B633yV4PolLIBeUQvhKv-cJWz6Khye1tgfI4dFLZibeQfIOX9NpollbJym0JusmD2e1KfxpUntfwlB5mrhkOOivvZBcWtC6xsa4mhPt-vMftKRFij4wmKHBIaV2bvKm_enkHddhKLEG61cYZtUDLprSvYmaPA4TnQH4l847DXzqZz8c1iAcUYn3Hjx8QP_UvonVfLOvMF29JlNkATdk2drHjJjzxjHRBSTBnj0l8jXYNrRRAgupqEE_Oh8YLohIArNZbOID50UR8yH8v7BurdT5jurthB9iv5P4Xu9ZUn3YB-TW7koDGaFtmWggoZuinVYCz18bhiWz8j7jBvklZRQAuuhP7ZFFntRNAvzkB_V4uHWBhcsAID1SYdOlcUf0ePdAObuKHUy9fcCAN9dYp-8PBDH3p6PzgzXdpdON2iD6YL9v0B5ujXec_F_rzzzA4U7WSQgZi2QbEmA18qqDTVIk25fds08hRHrIGDCsEXLvr17zh_4jHH22Q5keZtQEavMf899T8KbP0sO6WSTTAdUS8S4SDYsc4GmRwvSRRMONWKeIXS9gGhCu9vlwpxAsIXlNZFbTMR6mwGVtShWFqc2u4JLpvmkGHNc8bttOhL9wFt8sskerCZOXOZep9Tt-3Bw2p0-q39sT-qfXye2VywEO3Tu2KsImchHT0kx1mj0DN_YTg7iySF3MXGm0vmKa6RyFlQVm-ekNOWwF_pyAUTyeRTaF2D0ekagyQy-pcYl2WcLaOsvFEGpCbAXKsbxz1lrqf5_4rVHH2Y1Yu8njtHFtEuKst3FlrBHdh06Q2FnOCC58ywg2vS5lsBqcOXJIj6IwuB05S6YcYrVGipTwFcQqMQZbwrJISzGrmEResgJhrgraR8w1dDrrrv1lMjRnlexFdX66JuWRpZ8Myx-LWgPZTd-St01bs48TK7282GEqFUtshahMySww2inNcZoMlZqmopa_se_3t0SpOLTDL49fZNNwwH6Rkd_tSl1kMi9dXKwFh07vck69oHAtsjG5qzYeh92rJnKnCMTap&cid=CAQSOwDUE5ymxsrwO_j3hoLr_xtflXnQtZpFHDyFv-Q0Ie24IN3WfeUh1yE4Z8O-AUC9G7pLN76Gap7g-z4sGAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fsmiles.iclou.com.br%2F&ds=l&xdt=1&iif=1&cor=15424903484656265000&adk=3047537735&idt=162&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:14:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 19:14:37 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame C977 28 KB
11 KB 55ms
54ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10962
x-xss-protection: 0
server: cafe
etag: 11760670070698444384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 19:45:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 22E4 0
20 B 89ms
89ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BQy8BNzYCZNvPJJzB9u8Pq8aU8AcAAAAAOAHgBAI&bg=!hoWlhdHNAAbv3-2Ez987ADkAdvg8Whrz-cimQnkNwHRz2wWClIx3D5KHEQu2R1SEsjj0iQCGSigX1pAooQbnTPXKqwYtGxIJFukCAAABpVIAAAAGaAEHCgByytNNh4wjjxX7RoIsA8GeW9VKIji7mFIYv6BmVml1RdtKMfVv4xLoctwWSyo_L4dqilRX7hlumnWfmwnV8oeZGtCjbmynqXnSknhg4PqY0hJZaS42mww-WZ8NYuRj7RnnPE633Gu-qpyb2xSL9tRZ0IkbmQLOz51dp6L_KHe0R3I69GeYe7C3-rnQkbi6fqZ3DcCgrAtXMSGFvm3PWzFZZNjxWSi1wWntH-PlPYWTMCvT5dHZnFCHjPoEYg_xLvqXLSkGihx6mCR2it8i5Osx0jNr-P-fO3BVTp6tHDwIPyHDeqdD-H79YZL5WVFB3vhVf2kvILlkvVqZA6NIlwfSZl1Y2vewdcNz9GcGw9K8EaLIztB6d0S2Awp1fioOoMrREBV_6YGw_vtTGxv6BUWkMxkr63vs1wfXZaJfw_Vz5WolnFfRmylJR8EnvcnBPbammYjXV4nkcTkGL4seDCeBuGrZZytI2uuGdIAJkVj1vXNFE-3dg1C2nim-5hUKX4FBcbGsMxArCk01GEatjK0HDnrkW19MdZjrghLMpXQ55kp0iz1HPs2pMmMXB9ET-olEAAClEDYT0h8veogp4s2KItz_swlIMqLSeWFcGXrDV0Ih57iEHqIY_XjYDNAZDGxIz_B2wUjGxjAD8YLXVP-OR21Vty032QgBgYWoklucSdTVTsr0WrTTbz1zYjFYss-PiXIJ8o-UTQLSUAd0-CLJ049AlGnv_-ghZ3cNeG5p0jE4mbg_3apnd1jTD999ZQw6IP8irHQf2d6kTNON_4kZxQgMqEITfgPWs1B9J2W28wW7JKfxq7LL_kgDze1FbZcmh7eunxwaf2RA2440oGnEANK_NVjJOtPiQl2eNN03eyyOH8VNnh9AV5TZ3OhKUUTnDgRKLNta7K-MCTupxXKVB2fVIiuv5NU4yKeEuVotC0E-m2MQAifwBNaJ506uaKidsBWdO2ij8VME4AMLx0hzpy98du9EG2jufpRIkheDuEzdNQO92gpEJDb9V4sTgld-EO03q7G-eDEljoF7_wEwQdnPOLSbkYDkifLUrmj-THOInijYWIcZg8E-Y_I2w5bnuFDwND9W80i1RJQf14B6M1_7aw

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C977 41 KB
15 KB 55ms
55ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2156&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yVqhSKQ1sU&p=http%3A//smiles.iclou.com.br&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100234
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 14:11:58 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C719 1 KB
643 B 58ms
52ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2156&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yVqhSKQ1sU&p=http%3A//smiles.iclou.com.br&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 14:11:58 GMT
etag: 48472445140208031
expires: Sat, 04 Mar 2023 14:11:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 298E 0
54 B 269ms
267ms Ping
image/gif 2404:6800:4008:c13::5e

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=1~lesuf9qy&c=1333693767428&slotId=666846883714&qqid=CIqNxf6rwP0CFY_0mgodu2cAaQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c13::5e -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 298E 15 KB
16 KB 54ms
53ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 12:23:05 GMT
x-content-type-options: nosniff
age: 106767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 12:23:05 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 298E 15 KB
15 KB 57ms
56ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 13:13:56 GMT
x-content-type-options: nosniff
age: 103716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 13:13:56 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 298E 0
20 B 87ms
86ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CS-SGODYCZIqRBY_p6wS7z4HIBp_Tt9duhNrT-r4RzcvP3rkrEAEgkLCHE2CVgoCAtAegAan_5cYByAEFqAMByAObBKoEkAJP0FParOthCn-SP25CiOsCjaSgN8v_5Te95YaVsY2WDx2p8zw00s4lcC0cwRKGYmA-aak34EAOEm5gAZkBS65TdCtLbj4xBb3C6AaNwkrvQ_cdRDJqkgU7ugzDaOFTGFfvMLhKwRfq_V6HpV3Hed1ICbYE868ItUtyBWeNsWmsJczPv5BF4-7CCn-djO4hch5bbjdBh9QZ3zWzleSZUFtJsmETiiPfkRsNCFzST2sKipZP-llaKvwyR8xelDL2defJYPrLTbeZKSSAQhsiNEfPdGaDakNbvjW8rThrds5bk5OvrAsBv8972Hv4ExgDAp0fMRtwUV1Seire-jJYLHRbBSkRdFXR6RQbva5rLmxaUMAEjIiM-K4E4AQDkAYBoAZOgAe_gJq5AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbATlNGxEtgTDYgUAdgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1677866552634&ai=CS-SGODYCZIqRBY_p6wS7z4HIBp_Tt9duhNrT-r4RzcvP3rkrEAEgkLCHE2CVgoCAtAegAan_5cYByAEFqAMByAObBKoEkAJP0FParOthCn-SP25CiOsCjaSgN8v_5Te95YaVsY2WDx2p8zw00s4lcC0cwRKGYmA-aak34EAOEm5gAZkBS65TdCtLbj4xBb3C6AaNwkrvQ_cdRDJqkgU7ugzDaOFTGFfvMLhKwRfq_V6HpV3Hed1ICbYE868ItUtyBWeNsWmsJczPv5BF4-7CCn-djO4hch5bbjdBh9QZ3zWzleSZUFtJsmETiiPfkRsNCFzST2sKipZP-llaKvwyR8xelDL2defJYPrLTbeZKSSAQhsiNEfPdGaDakNbvjW8rThrds5bk5OvrAsBv8972Hv4ExgDAp0fMRtwUV1Seire-jJYLHRbBSkRdFXR6RQbva5rLmxaUMAEjIiM-K4E4AQDkAYBoAZOgAe_gJq5AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbATlNGxEtgTDYgUAdgUAdAVAfgWAYAXAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 298E 0
54 B 268ms
268ms Ping
image/gif 2404:6800:4008:c13::5e

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=2~lesuf9rv&c=1333693767428&slotId=666846883714&qqid=CIqNxf6rwP0CFY_0mgodu2cAaQ&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c13::5e -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 298E 29 KB
16 KB 69ms
67ms XHR
text/xml 142.250.102.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BcWLEt_c2kbVA-taZ1I_gIIZtO20NnffgyX86LiJBk52Ob8oxwpYiW37UoF7nmXLpa9XE_iLgTQG75B-l03pPJ0Qp2SA&cry=1&dbm_d=AKAmf-BgTzAO88nzngEIsL6aAanDLzi8sGggfiqZQb4ahoBTUaUgGbOfMN0qS_UD80Y9FO7odrEtLwOmA0p6fayXD90RCe7rkfqm4V2rk4bE9FSnH4SZ6ub19cCJsOgiHxUYIHt2tJ6NibU1s-St7axMXP7WHZv6jAw1gpzNRON3NqbDay_KGybFuEYsU2949-onwLCcBbwsPdh2SA4tgUEMHN6LILb4xSghuYXqIyyvS30pdaEeQvU0ueGysvStdNDrlAMQHweOZMtVXYPsp6HGjNyLkrCWx4svgOnIVvMmvxBp5dTwuhP2mhxnG3hWwy5jUtCRYtvSxPgDAsBE3T_PhpvBTOASkSi3-584fY7dQNpnR9tPLawIMom8RZt6nopTuVj-Dqg964K1F9eCn082xSGTWaHIHHgks6_JP6JefxT-h3Nmqf9MFvUgDBMVchWzWoO7bxnw-Kp4unGhv6Y2Csr_63omcYbImvYxC3xxLZis4HJGAU6GRVMb6QOAWi8Q4Q05NecjaAampj6vjxRxU-pefuAm3V94eAw4iUgPYOofFV3BMP198MgOrh4MZZ_L1uxFQDtDKbXegZRg725adRC0283Aq35SSrNBuMwdKI4yIhVdBP1kTn9o7eaXimTrIkzZaIVrVRR3Vt19IxDR2eYqrT80qMcvXZF_yAAYqGFJq22O9uMHCJn4gK8Y5hHNyGeEpn6NWRejFuVvVrKIshmSCQkdsMA96Dsb78IvsQh582oNfbcTwlbwV2lDwtZuCV1WElE1q3HiwEtZQeQN-Yi9dfoeMc04MXVxBjTpMQvXRsrn30OMOZ_2foAaUQad-wY7I3L6fASWlmgZPv3iPldqFDfKJh8QYxDOPA5iOLLhPVAWLsKzb5pMA3euIllEndsp17Lu3OcROvwoaryEN2i-OBMIfWuggerkxfzOkVmytRsxctRPXkaxRhcq7EbmDSxpFOZ3_0rzqcDsOTHmyFCK5K10kdmKXKVVBymNaAs1GlubPYrz8U3lJyloWM7bYjCaI7O33B-amSm5LCNKq9acrjDNGNWF8sEb6ks1pGafJ0AOqcPu8_GMBx2eCx4FJDWYpjEFnnWBnG4UsIRUXr_QWeXVXclre4tuhOOIiWhRRG3SxMymguLI9i-53XEOse1T0VVayS8uFmZ--MFvMUQayZvkMIgxdvp5kncFVjAk6oG9XF_3BNKrz2fweVxDu3fDjzrm7Xw46cOy7x9LlhDGgVEVu3noCCE2GXRnw-Q30r3sblDV6EvHxuK6eWwluI8I41ib2WPqYhiD-K3cdT0Nrt-iMME1r3g2h7sPw4aYTuf0pR3W5lL6JyG9bEl1Pca7Am9YsDx4GiOkQ7zhhDJ4sGJaXRvFLCd2KIR5fr3ZrO0wCyiNsy2Ko2h3_3rQ4jznIUVzi-ARCfT1oHT822DoVJeCIPsqx_0mUlqMgeqRMD2rovXk2ofxWEU7dSh2K6jJ3FCXT6P0K5wwH8CkiPmQnBwCmSXwuHkumhRH1-ekx-oX4g5-Q5bVEWKePkre8zQHGNuqcU9PFYyzzMUFRveFXOX2Wyh5mKn5jcWMmqfjaIUkMYHwIioP6lPSwiWtFI6pzEkpiWevBC5zq9vzDGmJhzEvq8F3gLH-XX08r3W3cW93VN4hMJ5a2nWccyNjxYLCS6ycz9W4PrDX1d9NbRbYcgsNi61uvN28k4CRuVq8MLiNu5koKZoLgQVaYa8rUj-rJH1mJKFVhjS8fzTjcpOazgmWeZL0-mK7T3oCx2H0AEDEGezM3YVta2cVVyEw9uM_X6nrfbYknF4UsyqB5jzSySgAqMywy1EQjAh_lt-v4U0JKDnY7kEJ2BYnFT8QOqzP1khruVHnaQYjh2DUPEDAG2zqVBRB8abeByhaGm-yaKJoXu6u0nEFBXvxB5ci7-j2n9HWtwCltlnBNq-snq2IyV5KLxYWzEJMtfY8mLiNeWdFANLr-2XfpNd918S9jysAIPSqsDQwlTYZO0jaWj6qiWO_XsYaV7oAFuFyEf_jL5gELZ_9ek0togJYchaCBkMkoxi3cYfwqYICMjSj1Lsrcy7RPEzwRYbrK5R-iQa_BLoG9_lqNQNZxYJOwHjnmN0lmfZs_fNiNi0bmtBlm7oKWL8cir57yeeoi0gzOmuTZX67yjP3iV0LpHwuTo2jUH6-gtFiRhKLNLDCsAdfexFjpqglzkUsRcGvBHhTvkC7Cr9gVdc9G-cDFYs8oEIPgdHoAJGBXbl9Vd8TqePythc5ib-hv_BFRGtiqJqfPuLx5zhRu82qzcy-JZqkQwOqbf6E1VYzH6ITrDb8g6n6OnklV1wPQ-mvl3_G9GyQb_fBwcx2-tsawA_pRKu7BZWxlpiWR5pkjBbiTwgkZ9qmd4o3YGJrnU37kIEw8LSdDPpeUJSDm-Z4Q7_LAf0PNFfnU5yLeMAuZAj_UxSzg2py93_lDibLLJ2Jr7cCBo2cyFFGM-CRhlBkaXBXFkMA1bp68fcB4yc6KVG9nZz-bmFnhMP1qsJDnJd70hMyOyjEtSWpo7_3FzbK3Ge0k1jhSr_tj3pQa5XTzjHlLHnQ_MTzLhVfFOoI4P_YrQYpvfpzL9MzpcvdhQhm-wO7UKAIDARmTi6ScrIAnr6fIN7qIQ6bS0ZIBtXI0MDCI9gQwKNZtqksiS8qCzHOZyP037YzaFevrJsv4eAiGmHrx0OQ9IwYYGJo4tZ71SSZbIqDNRCijf869bg8hqqSMZXnFI3Vpgd5GmEBJgCDdYXRamChhrU651TRpW-3nAfOwlfdJ4KUPPA6Hmib0KOP2yvxtQw0eiQ3VR_9GsZxGyzVst-Sp6iJk3cyVwvjo--L9onRvghMfVVFcBqS3UwdEzVx1WYPvHBCUyEFsmzsMWutOLtqy94_L2vkIxAfYw179h7Gu3fPNQ-5j18sVUO1v831O_mdIV3gpIF7ugdwDrxU92FXbNE1Q3X8O8DQan65e-8Dh6qgrR3Ipka0O3_OfJDryp_IM0E6N7z7F3B26hmTUApdGIqqSY85fvLtKkwWH0zlxCqchI-hksfzH-VQaGgAzFzQGITpI6n3_rkCc7SAkiMhrzV0YjhjkjLdu-GVFMYk8UKouqCi37MVD84fRuvUFiwNioIAxLgj2uszBcdYKCYkvElnc9AsRQ0ZbxPbExQtC1qVybQ25N1gKqw6iXvLguOt-A6lEQYPo6orqJcpXsxbVFrAR9JBIiVXWJQWnywROEjLmE93wrwxODi-vsjTTRHYh94G4FEFF3ASuc7bU_OZnkm_sXExyB-cSBtZQpe-YL0w8lRnRkzaANhZwNj2Xtuc72m0Y6QhdgpKYuwuTDzNLiEK75zN6xuKoA&cid=CAQSOwDUE5ym86c5C-yiSvmVa0NXtb9dPuiRRGJUmpBYvfFDgKRqnKOKfltRO68DVBINO-3MdS5aOpQa2kpCGAE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.102.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f156.1e100.net

Software

cafe /

Resource Hash

5523d15f25e2e7c347f40fde45d6b708587e462cc4050e92d31316b8731e4bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16268
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 298E 0
0 88ms
87ms Fetch
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CiXdAODYCZIqRBY_p6wS7z4HIBp_Tt9duhNrT-r4RzcvP3rkrEAEgkLCHE2CVgoCAtAegAan_5cYByAEFqAMBqgSNAk_QU9qs62EKf5I_bkKI6wKNpKA3y__lN73lhpWxjZYPHanzPDTSziVwLRzBEoZiYD5pqTfgQA4SbmABmQFLrlN0K0tuPjEFvcLoBo3CSu9D9x1EMmqSBTu6DMNo4VMYV-8wuErBF-r9XoelXcd53UgJtgTzrwi1S3IFZ42xaawlzM-_kEXj7sIKf52M7iFyHltuN0GH1BnfNbOV5JlQW0myYROKI9-RGw0IXNJPawqKlk_6WVoq_DJHzF6UMvZ158lg-stNt5kpJIBCG3o19aV8TGNY0YVWktRvn06Yc0BGLqtOjCldYFn7cXwaMRuMXoAZ-dX3d3xiuy1fKY2z_nEpMc2p6rkrRrAb3fDTwASMiIz4rgTgBAOIBYO9h7FIkgUGCAMQARgBkgUGCBsQAxgBkgUKCCIQAhgBSJisfJIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAHv4CauQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDe0FUYnaf83gHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbATlNGxEsgTuanh4QPYEw2IFAHYFAHQFQGAFwGyFxwKGggAEhRwdWItODg0NzA5MjM2Mjc0ODM2OBgA&sigh=5D2_4s0OnRU&uach_m=[UACH]&cid=CAQSOwDUE5ym86c5C-yiSvmVa0NXtb9dPuiRRGJUmpBYvfFDgKRqnKOKfltRO68DVBINO-3MdS5aOpQa2kpCGAE&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677866552&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677866552004&bpp=1&bdt=2685&idt=2&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280%2C1005x124%2C180x500&nras=3&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg%2CAD37Y7sSwmYkqfHyYWDLCumFmaATTE8CcIC193DP9p0dP5MMdk2IngS7jAMmtf74jVS3966fzNLB9ccFbt5ijuI%2CAD37Y7tk1Ju37w6o1doYB7RIgRP3THtIu-rBBiI4bh1Wv1oCVgFjfueVa4EWyiUKysnzTO5s5JG21p7599Ikgsc%2CAD37Y7sPb2PYZfn3TYKip6a9R3-Y1RP8Q23V8KGEvFUUQZmypmP6SBQezqNF1X2VsZUr56R1aTWZxzCpDysJ2uWGKfxlkxUWJutZ4IZscR5X6TE%2CAD37Y7tZkcXlt5i4AvC24napMG2wq2CiaJG2EBCWiyUwMTFkKC3650GIbUtvUhtkKR-gX-KWMRCO0vjAy3xJHhFrLPjttMK1yvUBx_bforcF&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=O0i1czYvxb&p=http%3A//smiles.iclou.com.br&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 03 Mar 2023 18:02:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F3C8 1 KB
643 B 59ms
54ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 14:11:58 GMT
etag: 48472445140208031
expires: Sat, 04 Mar 2023 14:11:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C977 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b23239ffe48518fe7e66e5de29a4ff533440be56478302589d45a7a6d3acb81

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 298E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12df6049ca9059f6897b350bbe900d9766a00c8f99c9e03daea0246b2c020e94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame AC90 0
45 B 268ms
267ms Ping
image/gif 2404:6800:4008:c13::5e

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=4~lesuf90l&c=7962907168148&slotId=3981453584074&qqid=CK-e-P2rwP0CFZX0mgodqjkKDw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=993&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c13::5e -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3DF0 624 B
242 B 166ms
165ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj2CRCHtHAYhJye3wEwAQ&v=APEucNUBqKspj7OXWxxSNZTLRnO6KWxMAFcmxJ1A03rc-XUlEgLRMo-kG_uqS9vGtOhPTZt1TfTjlWxuM9P1Sw_jHf8i7QkGjx7DAIiZqaVuAEeHGwXZ9YYRfp26d0DQOXB2siADa3QTXFI7LLzxGP7iimqV6YL0n6K0fO18K8EP92g2F-GIqwg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2157&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=qNFb77EU19&p=http%3A//smiles.iclou.com.br&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2157&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=qNFb77EU19&p=http%3A//smiles.iclou.com.br&dtd=5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 18:02:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 25CD 78 KB
27 KB 145ms
144ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2157&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=qNFb77EU19&p=http%3A//smiles.iclou.com.br&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 03 Mar 2023 18:02:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 25CD 3 KB
1 KB 120ms
118ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2157&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=qNFb77EU19&p=http%3A//smiles.iclou.com.br&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15903
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Mar 2023 13:37:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 25CD 20 KB
8 KB 54ms
52ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2157&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=qNFb77EU19&p=http%3A//smiles.iclou.com.br&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:30:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25CD 158 KB
48 KB 94ms
93ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2157&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=qNFb77EU19&p=http%3A//smiles.iclou.com.br&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Mar 2023 18:02:32 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 25CD 42 B
63 B 85ms
84ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AS1magQjHLY06CMlUeU9zSItBZ8uQQuetjLojzw9SLQOwn9r6RDd-ik8D1ZYnxRIHq4iAtNpqCgvtadoem16N-OVY_FOfpAiAyqQvM23PBiXc72rg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2157&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=qNFb77EU19&p=http%3A//smiles.iclou.com.br&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 25CD 0
20 B 86ms
85ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4512508421281195321&x=1&ct=76

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2157&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=qNFb77EU19&p=http%3A//smiles.iclou.com.br&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 298E 0
54 B 268ms
268ms Ping
image/gif 2404:6800:4008:c13::5e

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=3~lesuf9s1&c=1333693767428&slotId=666846883714&qqid=CIqNxf6rwP0CFY_0mgodu2cAaQ&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c13::5e -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 298E 41 KB
15 KB 53ms
53ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 18:39:21 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/fe3af6f64ed30818/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818571157/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 298E
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/fe3af6f64ed30818/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818571157/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/fe3af6f64ed30818/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818571157/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

230ms
41ms

Fetch
video/mp4

2a00:1450:4001:d::6

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/fe3af6f64ed30818/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818571157/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4653CD5CEAF06EC035D22F248C175504AE757176.1C7B4E22EE16A06A5B1A896D3463CC4319DE4BDE/key/cms1/cms_redirect/yes/mh/Ut/mip/2a01:4a0:1338:92::5/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1677866211/mv/m/mvi/1/pl/36/file/file.mp4

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:d::6 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 18:02:33 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4496762
Last-Modified: Thu, 19 Jan 2023 10:11:17 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 03 Mar 2023 18:02:33 GMT

Redirect headers

date: Fri, 03 Mar 2023 18:02:32 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/fe3af6f64ed30818/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818571157/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4653CD5CEAF06EC035D22F248C175504AE757176.1C7B4E22EE16A06A5B1A896D3463CC4319DE4BDE/key/cms1/cms_redirect/yes/mh/Ut/mip/2a01:4a0:1338:92::5/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1677866211/mv/m/mvi/1/pl/36/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9042 22 KB
8 KB 52ms
52ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 100234
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 14:11:58 GMT
expires: Fri, 01 Mar 2024 14:11:58 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET

pixel
cm.g.doubleclick.net/ Frame C719
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIn_T6lEzZxlTgKEDy-TT_M&google_cver=1&google_push=Aa02lx8GsI92EpSzIAJPhZVHPcSSTyiIQ3erP5pmqd9iwwasVpE5LA9a0z5mAaKusSTmnj6gsMgtX2mOn5o7OFtqnmQE77_xydsaZw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTEwODI1ODg5Mzg5MjM4NTczMw==&gdpr=&gdpr_consent=

0
0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame C719 0
104 B 230ms
90ms Image
text/plain 2a02:fa8:8806:16::1370

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENIxodG0izGDNn4nzPsNt-A&google_cver=1&google_push=Aa02lx-51JaLl06N54HDMr65XaU36SKd_dUx63iLWeaIkJUM3tWpmpj9zQXCpqgZ-Tje1ZgFdoc7uhc2yRiv7vOmSAXfZRP5YxUPwhg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2156&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yVqhSKQ1sU&p=http%3A//smiles.iclou.com.br&dtd=9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:32 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET

i.match
s.tribalfusion.com/z/ Frame C719
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEM-keRuJPI8a2plPvD41wP8&google_cver=1&google_push=Aa02lx90JqgUaV2lI8-uu1GNQs_LZQSdxWJ6CtzChtfw39OVWCm3NSCW0fcLPTgXpee4xaANuNVxsTBqsI_bBcgrdIBLoLgexjjXR...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEM-keRuJPI8a2plPvD41wP8&google_cver=1&google_push=Aa02lx90JqgUaV2lI8-uu1GNQs_LZQSdxWJ6CtzChtfw39OVWCm3NSCW0fcLPTgXpee4xaANuNVxsTBqsI_bBcgrdIBLoLgexjj...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C719
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDdi0fM2lYvY4r7dmk0UPcs&google_cver=1&google_push=Aa02lx-YV-QsN7nu3xYNd4GKNf2nXK5AU1lPmixUdfr7gfUO1sCCqzXvnjqkGLm2yoDhEaWsxvfLf_b4JrJsoTaLad4qBUq...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-YV-QsN7nu3xYNd4GKNf2nXK5AU1lPmixUdfr7gfUO1sCCqzXvnjqkGLm2yoDhEaWsxvfLf_b4JrJsoTaLad4qBUqclse5kKg&google_hm=eS02ZWtjb1N0RTJwR2x...

170 B
188 B

83ms
82ms

Image
image/png

142.251.39.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-YV-QsN7nu3xYNd4GKNf2nXK5AU1lPmixUdfr7gfUO1sCCqzXvnjqkGLm2yoDhEaWsxvfLf_b4JrJsoTaLad4qBUqclse5kKg&google_hm=eS02ZWtjb1N0RTJwR2xVc2o3UldRUkRSTGFmRVpPZ1hWcn5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2156&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yVqhSKQ1sU&p=http%3A//smiles.iclou.com.br&dtd=9

Protocol

Server

142.251.39.34 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 03 Mar 2023 18:02:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-YV-QsN7nu3xYNd4GKNf2nXK5AU1lPmixUdfr7gfUO1sCCqzXvnjqkGLm2yoDhEaWsxvfLf_b4JrJsoTaLad4qBUqclse5kKg&google_hm=eS02ZWtjb1N0RTJwR2xVc2o3UldRUkRSTGFmRVpPZ1hWcn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C719
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEI5XTPgJeFrRuuxBBF3ZwbE&google_cver=1&google_push=Aa02lx8h852x6GSfdhWNXHeB1yQcB15WwNG8coeacCFzaMXazqOWBC0105I6c8oblq9sJ75U-yg88TJxF6WpA97IruyBaWk...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEI5XTPgJeFrRuuxBBF3ZwbE&google_cver=1&google_push=Aa02lx8h852x6GSfdhWNXHeB1yQcB15WwNG8coeacCFzaMXazqOWBC0105I6c8oblq9sJ75U-yg88TJxF6WpA97IruyBa...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8h852x6GSfdhWNXHeB1yQcB15WwNG8coeacCFzaMXazqOWBC0105I6c8oblq9sJ75U-yg88TJxF6WpA97IruyBaWklC9gOT34

170 B
188 B

81ms
76ms

Image
image/png

142.251.39.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8h852x6GSfdhWNXHeB1yQcB15WwNG8coeacCFzaMXazqOWBC0105I6c8oblq9sJ75U-yg88TJxF6WpA97IruyBaWklC9gOT34

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2156&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yVqhSKQ1sU&p=http%3A//smiles.iclou.com.br&dtd=9

Protocol

Server

142.251.39.34 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8h852x6GSfdhWNXHeB1yQcB15WwNG8coeacCFzaMXazqOWBC0105I6c8oblq9sJ75U-yg88TJxF6WpA97IruyBaWklC9gOT34
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C719
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEApZJz6RSKlA_coe9LAyRzc&google_cver=1&google_push=Aa02lx-GfsgvgcTVyB24M0NEZW4U8pMY-dR8IyVYA-pVGt8z8BbO1jxgMC3mHnSiej_XdAwDkiK1ifaoadsu...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-GfsgvgcTVyB24M0NEZW4U8pMY-dR8IyVYA-pVGt8z8BbO1jxgMC3mHnSiej_XdAwDkiK1ifaoadsua5W7lZd-SNjb7mAkiw

170 B
188 B

77ms
77ms

Image
image/png

142.251.39.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-GfsgvgcTVyB24M0NEZW4U8pMY-dR8IyVYA-pVGt8z8BbO1jxgMC3mHnSiej_XdAwDkiK1ifaoadsua5W7lZd-SNjb7mAkiw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2156&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yVqhSKQ1sU&p=http%3A//smiles.iclou.com.br&dtd=9

Protocol

Server

142.251.39.34 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-GfsgvgcTVyB24M0NEZW4U8pMY-dR8IyVYA-pVGt8z8BbO1jxgMC3mHnSiej_XdAwDkiK1ifaoadsua5W7lZd-SNjb7mAkiw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame C719 0
45 B 284ms
73ms Image
text/plain 185.86.139.103

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKssSaNYJsVLVvRMrtScNig&google_cver=1&google_push=Aa02lx_wlQOp0eUmvCxJPt1lxn7Sxt6FASCFcbodlIO6637RkmMpKRCXHp-4-idVRt_dPBpzVIxP_AhE0FytapmrjS1WSMLiBPBaFfg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2156&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yVqhSKQ1sU&p=http%3A//smiles.iclou.com.br&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:32 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C719 0
12 B 75ms
74ms Image
text/html 142.251.39.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JJ-atMBK_d4FH4o6w2Y0r1_6wqKQNhoYoPO-YYULGD-giBRgki5pjET8liIORXHv9dZkGm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2156&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yVqhSKQ1sU&p=http%3A//smiles.iclou.com.br&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.34 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame F3C8 35 B
463 B 194ms
42ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECvAciE-Iu6UQiRuZlIoKGQ&google_cver=1&google_push=Aa02lx-U7h9tkZzy5qyDSEowCuxsQ_qg-D8WReE4YeFz3ivd_kK-IJnW57v04PfjVBWF7kqhxoSc4rOoNvOkjE1JiXQMdM-u-5KZSQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:33 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame F3C8 70 B
265 B 200ms
58ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDiMpXf2ddR93ajyDkwtYZY&google_cver=1&google_push=Aa02lx-jZsx5kjZphK-iOqTgc0BDb3h5VAIzIDkO2i_Fe_S_iqiyAcrIII1L1QlCJ7Es5Auyh70_lb1417-U3s4jxR1SlyLSDU5Ylw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677866552&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677866552004&bpp=1&bdt=2685&idt=2&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280%2C1005x124%2C180x500&nras=3&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg%2CAD37Y7sSwmYkqfHyYWDLCumFmaATTE8CcIC193DP9p0dP5MMdk2IngS7jAMmtf74jVS3966fzNLB9ccFbt5ijuI%2CAD37Y7tk1Ju37w6o1doYB7RIgRP3THtIu-rBBiI4bh1Wv1oCVgFjfueVa4EWyiUKysnzTO5s5JG21p7599Ikgsc%2CAD37Y7sPb2PYZfn3TYKip6a9R3-Y1RP8Q23V8KGEvFUUQZmypmP6SBQezqNF1X2VsZUr56R1aTWZxzCpDysJ2uWGKfxlkxUWJutZ4IZscR5X6TE%2CAD37Y7tZkcXlt5i4AvC24napMG2wq2CiaJG2EBCWiyUwMTFkKC3650GIbUtvUhtkKR-gX-KWMRCO0vjAy3xJHhFrLPjttMK1yvUBx_bforcF&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=O0i1czYvxb&p=http%3A//smiles.iclou.com.br&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 03 Mar 2023 18:02:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F3C8
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECwdH42QyS8dbd_zqH69YPE&google_cver=1&google_push=Aa02lx9-gxN3fkGsEVpvxn-5qdbymC3oy_etbkq-WPIFYvaWO0ug_8tKZ3ti8eL12mTftcX6soyUYr4oudTOeU...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNjM4MTk2NzkyMDQ2MTk3Ng%3D%3D&google_push=Aa02lx9-gxN3fkGsEVpvxn-5qdbymC3oy_etbkq-WPIFYvaWO0ug_8tKZ3ti8eL12mTftcX6soyUYr4oudTOeUUiQ0...

170 B
188 B

75ms
75ms

Image
image/png

142.251.39.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNjM4MTk2NzkyMDQ2MTk3Ng%3D%3D&google_push=Aa02lx9-gxN3fkGsEVpvxn-5qdbymC3oy_etbkq-WPIFYvaWO0ug_8tKZ3ti8eL12mTftcX6soyUYr4oudTOeUUiQ0kEqdoj11AzoA

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Server

142.251.39.34 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNjM4MTk2NzkyMDQ2MTk3Ng%3D%3D&google_push=Aa02lx9-gxN3fkGsEVpvxn-5qdbymC3oy_etbkq-WPIFYvaWO0ug_8tKZ3ti8eL12mTftcX6soyUYr4oudTOeUUiQ0kEqdoj11AzoA
Date: Fri, 03 Mar 2023 18:02:32 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F3C8
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEI5XTPgJeFrRuuxBBF3ZwbE&google_cver=1&google_push=Aa02lx_7zaCOdMQxeoi38U3r5cGIrNQUcAOY18llcTw3B6kNWK3Z4T8DuB3DzN_xx80F_pEonla0jjyYZdbrKguES4xGDni...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEI5XTPgJeFrRuuxBBF3ZwbE&google_cver=1&google_push=Aa02lx_7zaCOdMQxeoi38U3r5cGIrNQUcAOY18llcTw3B6kNWK3Z4T8DuB3DzN_xx80F_pEonla0jjyYZdbrKguES4xGD...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_7zaCOdMQxeoi38U3r5cGIrNQUcAOY18llcTw3B6kNWK3Z4T8DuB3DzN_xx80F_pEonla0jjyYZdbrKguES4xGDniCZLQcKw

170 B
188 B

83ms
76ms

Image
image/png

142.251.39.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_7zaCOdMQxeoi38U3r5cGIrNQUcAOY18llcTw3B6kNWK3Z4T8DuB3DzN_xx80F_pEonla0jjyYZdbrKguES4xGDniCZLQcKw

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Server

142.251.39.34 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_7zaCOdMQxeoi38U3r5cGIrNQUcAOY18llcTw3B6kNWK3Z4T8DuB3DzN_xx80F_pEonla0jjyYZdbrKguES4xGDniCZLQcKw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F3C8 0
12 B 80ms
79ms Image
text/html 142.251.39.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JEpQmlv_e-P1SeAIAg0f-hG7_eT0LBYE_MhBInFyWV0PLmxgrZ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.34 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 33F4 23 KB
9 KB 53ms
52ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 170591
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 18:39:21 GMT
expires: Thu, 29 Feb 2024 18:39:21 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js Show response
pagead2.googlesyndication.com/bg/ Frame 9042 36 KB
14 KB 53ms
51ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:03:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 169161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14266
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 19:03:11 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7121045156231289477/ Frame AD91 20 KB
4 KB 164ms
54ms Document
text/html 2a00:1450:400d:806::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7121045156231289477/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

569394e48ffb8bd1b90f841c42b921c9d6112e1610574b4dc52138b4b8583ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 250881
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3755
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 20:21:12 GMT
expires: Wed, 28 Feb 2024 20:21:12 GMT
last-modified: Fri, 13 Jan 2023 13:48:21 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C977 0
0 241ms
95ms Fetch
image/gif 142.250.180.226

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsseI_YdkTiUIZzYpCncG5SE9rq0JlW7coCWtQ6B2BF6xlqHFhHNm2exhiWvliLgZa4LOuGsE6lIjZuCPUZEDZCrB_r3jsPSXms5115nX0HTvQ9yA1s9-Q0QHvdc_IBWRn5vwRgzwg4UjKPMlMoWDB69WVeBahg9r9aAkcOLVuRXw7K1FskaXSduM_qXBpZP_ZM_arsPLeIH48p7y2wSkByZ-S197EiNyiWlrzqoIxZ1aVdeoJYI-iLBabK29OTYO2p3sxuHIzKS9Oy44cmAkM0zSAowjeUeJTa0hq2LcwNhw_14VFbmMb_v5jXfF4o0IRyxFzAHwvObEIj60sbMpALUU8wfy9NUED9zPYJy8NuWa7NJLTRHBTCSrYMVkUgaNVoke241xXKgrvLBqV3X9PM7e5JjdJ_zEa0dl3WYs-tUNzAJH1jgLCLZy3rZy-ZMArfeeHgIKWif-Uzlg7cuWqEmB2DvotwnWUv3qAQeGHHDsxvDc85-hrVMwXjf5Ydk5Va8h5dp9jviy0WEy4MIqQ1Ew1egjl9EsMd8EJ1efoSgBnyMWGgvk6wdtSxLOe4DoUVXBeqLWTpxIlGTfmYYdTqoDsRtFh2INtH3WvQladYwJx8SfB3-QixUgIaz4GBl_ydM7_jngb_gNBogvLmBeqSw28KPbPqh6re2meXUtiXD6VEKiLavmWnGk_Vv8szjW5ipiq0JXkQfZuiI8lqQBGMGjMIMZAH8fiBE8BgmrtKHhCDpzbSDVBVvSau1BRj8oB1rxUSnZUFqqkXCiN8a6YlaS8LBQn3ZJy7glIsJuS_Oqt4cAI16HPNMb0TlDlN0NnFMXFdz9dn0JiVWTUowez3Fg4cmqtaJxcRqpEXT_7mT8VsmBx7POXxSITITu1r1J6cGrnmdccTn6Ewta_PXxV3objXFqybA3iSHd2CtWgVx0-Hqj6P7pFNWcRITSMzg4Cwq0LBYP-IslDBd9o4547wONd-CtUawmFRPTAZvjD_AX7Z9gaZEUPxxPk6nnqGV_PjXrPMKIl-L2vnb6fgNpWeKfq4qoIyXLYqOUhSKQ83O6tg7UamHF5Kuv1x0M88ohldV-sRNlcrE4F7r1opMEkP2UdLokbjSJ3OvilM9pc28ZT1zkfCDG3NvkyAbwBtkum9U5zIwRRdaKJ8uduizZZGuQNnp8g4lSBwypjM5KR25bpjfOqSAnDEkdfKXagCN1NyKmJzMS3Uwu9WNo1ddCpoeI6IhhW1VXI0lNSW3uexJERPh4GHvP05tOItVtc5RpW_tMyPNKp97_w&sai=AMfl-YSdbyTycjpQREtBPflsapN8lhjY0y2suDMEN6hqh8Im4x88cxRpHamRxuDtA-uOksM_vEz12pmq_sE2eo9s3oW0tGSzr5EhNkW3qDGLg2CaZ58bsQurVkBrj4G0hSYKGEF_JUKNpp6UD_EO_0acySVio0JQHq0E0jqDtnqfo_PMmPm4X1XmpWITabuO6yf9MgkZfaBpw-F4Hun5vrAzcrjpRRMA-Y2UK7IA64snEm-uEXaqTlMIYA21w2wc2136lVDh&sig=Cg0ArKJSzIl2XhM7MxzBEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=428&cbvp=1&cstd=425&cisv=r20230301.12164&arae=0&ftch=1&adurl=

Requested by

Host: contatonline.com
URL: http://contatonline.com/?Dw0RYAT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 03 Mar 2023 18:02:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Mar 2023 18:02:33 GMT

GET img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=29181076;s.a=3213511;p.a=357376930;a.a=548234172;cache=3572348132;
ad.atdmt.com/i/ Frame C977 0
0

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 33F4 36 KB
14 KB 53ms
53ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:10:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 168741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 19:10:11 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 25CD 0
20 B 84ms
83ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5676320812295&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 25CD 0
20 B 84ms
84ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5676320812295&version=m202301230201&ct=76&x=1&cor=4512508421281195500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 25CD 78 KB
36 KB 157ms
156ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMbdEIJ3xUJ9mOiys-xYmc2ZpYlR22No0TzEnAUym-hdw6h2REm-2aQgXAmLcDVVt7OXPah3ewtCLvh59PG-buFBH6_w&cry=1&dbm_d=AKAmf-DSv48LrRv-x_fz8-q6TbvwbXDoeSBsKsxAY7_FUDK9zuCq8XM9AG890S6wkC8kxbmAvun984oOS3jzBO_FkjPdJHrmp6KagotlfXs5_KtCVHyvajyzbl3tTWWWVMfeaE9AREl8SpvHQErr06y2s2GGwL-Y5CTIaq5ChrtBsTIBRrPz9NPDZtl0RsE_SXum6_zq_sES9YYpgHOPPAFchgf5DuKDKYJ6hsjri9NANyVnPAKIS_HtCuoFSyXkgutLYv7kZBqYVhKlkOWi8W572CyLWCkRHuLM0jc2_NrMKF9u7AXA1gqiEtKrNguGBBUPz1hocQNOAqftuuEiirh5PoiVQmJkwbtILRvRX9LuOjaB_0Fc2s2ggy2Spw4ZBizy_AZnKs5BEXMwdiF3D3vBsGDxz3q5YoqNgm7LB6mYxfpnoWzr89ps2rc9dpjYPiGnNPxQQwepNoDn1r01Le6YoevYBUpc2mrBKZQfOaCuteFIIIPAzmKagKXlsd3haGyh7rwMvxdRQSyOEtHeGdZi5kcllRY7CSHnyepwAot1vUG5fDfcpJPeqKW8qJe5Wbw3NpdmfRGc9cyo9gS6hpevNBTNJicDyAfG7OcUOP-TfJ7HMq3_6igkrp6PIV8DhQHRSl-EB8SW3kJHjfxfS8p5CafrE8i8YeRKnVCp0yzXrWjKpYxq-p2Ek-7fYSKpHicpWU47o2b1ZIDEg5IUbMZ7MKXwIWMzKfHObrAbfvHlN-NaDb7nzku1TzME_s02B67cdYLu8PkxAADJuJrsZ6oAdAbK9VgQbCNnXMm3yfe0A9r1zVgwS5HJ9Gdy8d-PejXytG9bI1hAUW8wly0z9Yyz5eonNODaTmDh66ldk2lZaNLQnxYcfRF3_VQxEimDwItV_iwzznKQJdhZDN0sszEm5XC2U_tryd-eZ1wJJblgG9ejlx_NAgZvhztlftwVhDMvYzFkBWsQc0GVshsRDW9HMVHTSQcZgH3Krmr9Uwuk5kn5-nCpxONhWoNn3oWxwo4iLLUW9BLk-WU9DdlxgCozASVmQ5bZFWsuKKvPL1IVrLCTsa98qaJTdEmah9exCummPL97_HIyjgVCJHNH3UYYHL73nF-PlJCM1B4F-jPfbtj0E5qrDlSt4Zkq6qjxz_QtWLXwGLQXw9GGh_lxveGVRe5UqHRyeHLrjC-6vjXXBsj-QX2wYJvPTuMQbOvaR01mH5ZHXHa4wQ94WdXxALza-VS8o6sFFwQ_tteaZA3stdPal7mSZqheiRkoaA4Q0AQp_4hyAXkEDiFRKREtvG-oH9bD5G2IXjghfYIj_M7mP5uK_qqqrbgJdhJVYhyjYAt3QfOq5ojDRlCotwJx84aqw_uftv6n96cconAI1onl3YtFbPGK0IKBOLOHkYDk_6NUDH5y9h0oQJ-fldSE7U9O5rrNM-vm4G1TwHkqvrpK7nQk6ASG60LBr9lju6d2hMNl5hGX59MRGxqWXrIeaN3RDpPBRDqEBHDc_CDjuL3My_F_BTW6x6s9EQeEyvpB1Wr_WtDHz4nPwVkui7XMewq7ysuAA-MI3mY2VE6dCgKtmuIBCq15c-a8VuwsKcxWfXQda57HepQIBKACUD4J9WurAuIhBHgtSZyJpKJse5Fz9BPtoLGfcWVK1k1zHnS3Wyf3MRWcXOcWB3M961r9f7X6D-QKvjoJe13oizYpU7SkjbnJkZVp3wQQAtgPqjop9tnDRkqr3PpMDg9dMxQOCUZCbFvcYmZ6TR82kgXFU6N5dip58A6VPlmBdKTBFXzSWkCdeHb-WxY1I2pIH8FholrXUEVIZ4CCOhEBL0jxF4Uy7QTrirkFRVX-Y9aGk9MUvNQRqA52caU0cv8mD78oLx_VrGwpW22rFUfI97fei6ivuipm9ezi-NTjuVFKShEQ8rTCdrcmv5Pge4U3C1sOoMpniJU_QCMPV_-v2OFtDQG3pWwVw7vf27uH28YOGkuqG9nizTpOhusNlY4MBQEIAJ39nt6Xj-O7fL7OQMLjsHS7TMVU9AIy7m0o5dBz6kksi94kniK7yEo2DJRbj0EbdYyJ9S-j7-rxmurxYdGeepzRp9Jn2nRSC-cohhAfsPfTzQZ_G5NRbVo_39XyHuERhvWGp5GuCwJ0zOuwzljk-WMQol8foruHOjaGUqLbCu_09H5qQuuj9m0cJsIGEs33WkzCGFj81SKL7XDNQXmt7Hccg-N83eik4h9OW0ZMgbHMOfViXZtYY7oIyhRbHqKL2Z9nHpYetBUuHSdTvtTWoEs5OJCsiF2UF1OSW3badObCwWZacC91Kb23RxIIAhLBPwNBkZ-XPkvsIFO9--dp13UGYLCFeEw3dHLD46CJI9dQdwB35sqUcwOLcY25O1I221aop_1SpeaoirohIWz6x1HToPePl2D1WOjNW_crhn1AEBhmvvo8wlQ8GBQ3tm1CJC65OmWQhJM57IfRdi5SAsse-koqgIjh6d_LfRV1C6tfluGk6eo40Xt0Gdj5kWTHiL7OQAWmDlU9NwWcWDV5IAXKQwjI56lJgHUR1YHRasBzzzdzTSZx5u9Y4mqVt84sWE3ryECR_NL6ucGOQYJLlWq8vu_FlNo9_F_c9ekEUAHOLIPac4XBh6IKfqUcXzp-PfPyqBvZgpd6D6QfZmFoXtA9567m5AeGTzQV52QDcmtAHt_dmv3s5siLu0HH-FeyZTM7qwyaWi2W3vvCEpBl5s1J1gTPiv4PO-iitseOjYno0popEl5JyXo9QCZP9wHYM0hqH3dLcgIWqlfS10SBhS1Y8BzivRt7x-EMbHunDr9njxUW5DUVNuHlPOh4nONBEHdtAiUSSL1PdIzWZZh7vrg0GffZ3ek0jzQQMQfEE2F3NFdJlYLoo1RXVy0Pk_bnvbpleir0wGpIvrfQ8pWYHzOCwv3gzu_tTsoZ0F-EBC9PARvorHNE_I3hXPcKMEuOlxspmWDYSfJpAJuSvSstMtnjE3_ASxsfWVFl6vjhxLb4y0l_YYtI7oAPs2Zx_x8Nl7J5aiJ3XLkwCjje9ilu-1ARVlj-RPndhrWVMoQnWZyyzXs3m0K0kBi4dGp3SfuoXhHpPuCUb9IPCrWzhdo2QoaLXDIf8haXQKFr60rUIgRIQEoyMmJ_eRAC9onsVkLWawUQblcIv17sJqg7Jc9YjnoIcNkDNFwcyGn_-bnxrCHjZbkEed3cuNFlA98VNB8VqkhNfYypFiP8VSRjmgMIT69Vjbdf9DLKISvGpwLZov5GEpwCdd06Ck3SyJGv7KeutHZMJBL4TUnD1peB5ti45NjrFf3ZSO0krH7UYalQ7U34C-jOYHcOOxZIUqbpVut8iWYUOadumBpUcom6iXm6Yz0rMJMteRhZA_qZ8nRzv5QOhI7ItnrEv9-Pu2nkt6thuge3E9YJXc4X7auKGuWeVrZCIp64iQJ_qzmqkf2D1GCYGvCtfyLSt757tQAT_EF3Fc6a-c_OInyY3JkOWbmJTDb_YHXRSyc9kS8&cid=CAQSOwDUE5ymrBBTPTLpkJo2hUXRmTo5JmL_A89RK09R6ODJDAw-NN0BEBqo3uo8MLRLJeoZXWo0hoxDvN72GAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fsmiles.iclou.com.br%2F&ds=l&xdt=1&iif=1&cor=4512508421281195500&adk=1726166460&idt=166&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1eb978f999a9d18518d6bed354a2941013a27c3c4e340b1618bd9bdd30c1372b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2157&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=qNFb77EU19&p=http%3A//smiles.iclou.com.br&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36694
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3DF0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaa69-IUfdVc_3cvkiTbi4&google_cver=1

43 B
766 B

53ms
53ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaa69-IUfdVc_3cvkiTbi4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj2CRCHtHAYhJye3wEwAQ&v=APEucNUBqKspj7OXWxxSNZTLRnO6KWxMAFcmxJ1A03rc-XUlEgLRMo-kG_uqS9vGtOhPTZt1TfTjlWxuM9P1Sw_jHf8i7QkGjx7DAIiZqaVuAEeHGwXZ9YYRfp26d0DQOXB2siADa3QTXFI7LLzxGP7iimqV6YL0n6K0fO18K8EP92g2F-GIqwg
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 18:02:33 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaa69-IUfdVc_3cvkiTbi4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3DF0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAI2OB1G2.9LALoLtarN2AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaa69-IUfdVc_3cvkiTbi4&google_cver=1&google_hm=2

43 B
632 B

46ms
46ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaa69-IUfdVc_3cvkiTbi4&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj2CRCHtHAYhJye3wEwAQ&v=APEucNUBqKspj7OXWxxSNZTLRnO6KWxMAFcmxJ1A03rc-XUlEgLRMo-kG_uqS9vGtOhPTZt1TfTjlWxuM9P1Sw_jHf8i7QkGjx7DAIiZqaVuAEeHGwXZ9YYRfp26d0DQOXB2siADa3QTXFI7LLzxGP7iimqV6YL0n6K0fO18K8EP92g2F-GIqwg
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 18:02:33 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaa69-IUfdVc_3cvkiTbi4&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3DF0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBn8WgeKS1D0ncQ6nJOQ1_U&google_cver=1

43 B
1 KB

46ms
45ms

Image
image/gif

185.89.210.153

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBn8WgeKS1D0ncQ6nJOQ1_U&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj2CRCHtHAYhJye3wEwAQ&v=APEucNUBqKspj7OXWxxSNZTLRnO6KWxMAFcmxJ1A03rc-XUlEgLRMo-kG_uqS9vGtOhPTZt1TfTjlWxuM9P1Sw_jHf8i7QkGjx7DAIiZqaVuAEeHGwXZ9YYRfp26d0DQOXB2siADa3QTXFI7LLzxGP7iimqV6YL0n6K0fO18K8EP92g2F-GIqwg

Protocol

HTTP/1.1

Server

185.89.210.153 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 18:02:33 GMT
AN-X-Request-Uuid: 9154eb9e-5e7d-490a-89b3-1a7266a11ca7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.101; 80.255.7.101; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBn8WgeKS1D0ncQ6nJOQ1_U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3DF0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcyMzE2Mzg1MjkxODA0ODYyOQ%3D%3D

170 B
188 B

92ms
91ms

Image
image/png

142.251.39.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcyMzE2Mzg1MjkxODA0ODYyOQ%3D%3D

Requested by

Protocol

Server

142.251.39.34 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 03 Mar 2023 18:02:33 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.101; 80.255.7.101; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 78100827-f65f-467f-bf62-4138e10637bb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcyMzE2Mzg1MjkxODA0ODYyOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 e5b586feb69ac93ff6d37075693469bd.svg
s0.2mdn.net/sadbundle/7121045156231289477/images/ Frame AD91 282 B
230 B 57ms
56ms Image
image/svg+xml 2a00:1450:400d:806::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7121045156231289477/images/e5b586feb69ac93ff6d37075693469bd.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7121045156231289477/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3f314aa5110a0783d17f09e7fc1e5c8ba69bcc6d87679922e41bcef7a5af9aeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7121045156231289477/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146820
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 13:48:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Mar 2024 01:15:33 GMT

GET
H3 200 45de386729dc6ad7d42bfa448374ecd5.svg
s0.2mdn.net/sadbundle/7121045156231289477/images/ Frame AD91 31 KB
1 KB 58ms
58ms Image
image/svg+xml 2a00:1450:400d:806::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7121045156231289477/images/45de386729dc6ad7d42bfa448374ecd5.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7121045156231289477/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a330369a99bc81779b396c1fd114747e7d50f3aad10e9235f1b0c807e0b33bb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7121045156231289477/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178326
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1356
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 13:48:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Feb 2024 16:30:27 GMT

GET
H3 200 cf4af5c5fef37407a2e003c662a699e4.jpg
s0.2mdn.net/sadbundle/7121045156231289477/images/ Frame AD91 24 KB
24 KB 64ms
63ms Image
image/jpeg 2a00:1450:400d:806::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7121045156231289477/images/cf4af5c5fef37407a2e003c662a699e4.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7121045156231289477/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

afde7beca39af28ed777738ffc0251a808b7b1b0c20e4186004c1b0d32a1c33d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7121045156231289477/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:19:09 GMT
x-content-type-options: nosniff
age: 179004
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24080
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 13:48:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Feb 2024 16:19:09 GMT

GET
H3 200 5dad52ba14e40f85bdbb414ec1c24469.svg
s0.2mdn.net/sadbundle/7121045156231289477/images/ Frame AD91 814 B
462 B 77ms
74ms Image
image/svg+xml 2a00:1450:400d:806::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7121045156231289477/images/5dad52ba14e40f85bdbb414ec1c24469.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7121045156231289477/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

06dc7065967df9cd6a967cc1a90151067f06ab671582a59a2775714f8faac134

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7121045156231289477/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 13:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104155
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 433
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 13:48:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Mar 2024 13:06:38 GMT

GET
H3 200 c4b893068b3e773ac00a6c6d5aef59ea.svg
s0.2mdn.net/sadbundle/7121045156231289477/images/ Frame AD91 5 KB
2 KB 96ms
94ms Image
image/svg+xml 2a00:1450:400d:806::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7121045156231289477/images/c4b893068b3e773ac00a6c6d5aef59ea.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7121045156231289477/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a3b6e5ff21f5497e89839cdd4a974c17ab34a893c8f3d75e4abc31bd141e9fed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7121045156231289477/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26761
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1797
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 13:48:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Mar 2024 10:36:32 GMT

GET
H3 200 5936ecfab3903a5240efc1ee8b530087.jpg
s0.2mdn.net/sadbundle/7121045156231289477/images/ Frame AD91 33 KB
33 KB 78ms
76ms Image
image/jpeg 2a00:1450:400d:806::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7121045156231289477/images/5936ecfab3903a5240efc1ee8b530087.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7121045156231289477/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2411b9ac9d1a93302578327cb5f355e76048f19a7060246da905918cc2a07440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7121045156231289477/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 13:26:34 GMT
x-content-type-options: nosniff
age: 102959
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33613
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 13:48:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Mar 2024 13:26:34 GMT

GET
H3 200 1b9dc34d508eafd3365b80c3035e2a09.svg
s0.2mdn.net/sadbundle/7121045156231289477/images/ Frame AD91 834 B
463 B 96ms
94ms Image
image/svg+xml 2a00:1450:400d:806::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7121045156231289477/images/1b9dc34d508eafd3365b80c3035e2a09.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7121045156231289477/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

192f52dbe5139513f29e6371157c0231520b2b78da3764855ad22d9f3def85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7121045156231289477/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 09:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204857
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 434
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 13:48:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Feb 2024 09:08:16 GMT

GET
H3 200 1772b75152963a18258867fa4749aa71.svg
s0.2mdn.net/sadbundle/7121045156231289477/images/ Frame AD91 147 B
172 B 77ms
75ms Image
image/svg+xml 2a00:1450:400d:806::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7121045156231289477/images/1772b75152963a18258867fa4749aa71.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7121045156231289477/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

df4668564d19864070038f32a8dd0823fe46c919e651cfe913c364907c79fd51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7121045156231289477/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 12:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105141
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 13:48:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Mar 2024 12:50:12 GMT

GET
H3 200 04c48ef3d802d19c25d08572eacb5b9e.svg
s0.2mdn.net/sadbundle/7121045156231289477/images/ Frame AD91 6 KB
2 KB 100ms
98ms Image
image/svg+xml 2a00:1450:400d:806::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7121045156231289477/images/04c48ef3d802d19c25d08572eacb5b9e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7121045156231289477/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

da5709cc3f5a03dc663cfb76800465a83284624e201a205a30edbf8d3f5a4157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7121045156231289477/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118782
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2213
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 13:48:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Mar 2024 09:02:51 GMT

GET
H3 200 dbe247702dc5cff6049a03adec6720da.svg
s0.2mdn.net/sadbundle/7121045156231289477/images/ Frame AD91 2 KB
920 B 98ms
96ms Image
image/svg+xml 2a00:1450:400d:806::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7121045156231289477/images/dbe247702dc5cff6049a03adec6720da.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7121045156231289477/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

01fa2775bf913e662a2e14a23f71d03b30ea343b637c82f9cb9877abca81ab55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7121045156231289477/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179004
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 891
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 13:48:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Feb 2024 16:19:09 GMT

GET
H3 200 18b024f8507674dc99122cbde53b8c7e.svg
s0.2mdn.net/sadbundle/7121045156231289477/images/ Frame AD91 3 KB
1 KB 98ms
96ms Image
image/svg+xml 2a00:1450:400d:806::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7121045156231289477/images/18b024f8507674dc99122cbde53b8c7e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7121045156231289477/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8ca0c156193ef6f178971f94238a7573a63a4b36d1935a24673dc0c4efeb5fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7121045156231289477/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251078
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 13:48:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Feb 2024 20:17:55 GMT

GET
H3 206 file.mp4
r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/fe3af6f64ed30818/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818571157/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 298E 162 KB
0 89ms
40ms Media
video/mp4 2a00:1450:4001:d::6

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:d::6 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range: bytes=0-

Response headers

expires: Fri, 03 Mar 2023 18:02:33 GMT
date: Fri, 03 Mar 2023 18:02:33 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4496761/4496762
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4496762
last-modified: Thu, 19 Jan 2023 10:11:17 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 92AE 42 B
0 195ms
87ms Fetch
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-AciMa0v-AQms_3fgBx1hNL4fOBc34WmzjbgqZyeV_XUBPY6WugxE6nSAsOnBbTkI20l0JpJ-SuSnT5yRoqHrygmaq1_qHq-1gJdq5i2z0EUXrPtnNlE7ye7dwYJaXt1PEyJo0Q&sai=AMfl-YSyFDjb0Awo4cbXarKpWONKInmKG6jGtBGp4cTmof8O66okv8Du9H6D8U0dHfg-6t28JlRk4GAUao8G&sig=Cg0ArKJSzNzs0k7878-FEAE&cid=CAQSGwDUE5yma9xi-EDESkefNrUr7AN1KXapPWsV7xgB&id=lidar2&mcvt=1005&p=0,0,124,1005&mtos=92,677,1005,1016,1016&tos=92,585,328,11,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1677866551700&rpt=388&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B1F2 1 KB
643 B 57ms
55ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2157&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=qNFb77EU19&p=http%3A//smiles.iclou.com.br&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 14:11:58 GMT
etag: 48472445140208031
expires: Sat, 04 Mar 2023 14:11:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 25CD 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5d97b1a999d982d377172157551b35ce4adbe1a439f1535b911c35def69456f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9042 0
20 B 91ms
90ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bz9m2ODYCZOP4ENDsgAejnoiIAgAAAAA4AeAEAg&bg=!RUalRhLNAAbv3-2Ez987ADkAdvg8WiadR0GZ8oxPc10swKF5OZ1EH75dqh47Oe_AZImzuwEcCpcjd_45qkCvh5HTpNwgsbIBMhICAAAAtFIAAAACaAEHCgBQ4UwK1jsMyp22OzvELRYCee6jZYJ8XKRvzBc6qd1zb55Wx5MDOleBg3J5hjSu8u8-YbVV15Slz88Dd6pd7FxpUr8L4hKEmjRsFyo_4a2s2BCZAtzg8l1j-v5Zqt-afwELbPhUicxNb8J-Abc3vNUvQpwEW7i_sxro88KmkwQneMrisOZEjIvxgZKrp76Aqrxv5IMjExsxtlpiWmbVFHE5etVD6AD7RqBIVVhEtY9yvZeTptq1sh8yaWmn8t2POY0e-XpwXfQ0OJAEU91lSOA8vgYp2FoPnksPNYdYsmCQgWl2yLh7_4dprTmEcFkiLhwWZsQqD8Wv4kh4iorYFJIhzSBGLbEPgF5Ah3ws6zfxQRvEKoptsRVCV5sE-idXmKrnMlsE-V84-IjAl3A6jea_VKkkSXkgCN2POmObV52lVvGbOzKO5jWEqedyVciJUNCz8CBH24xwu-HnQzFJbnA8OPdAQMvA3-hwQBjyu1ePOPa1AzEVOmubJ4AGdxlBIBHIIdq-GyI24CmN2Z_tNJMVP_2B54XX1KMWEr1Fx0VLdBPXmus0SSKIzJ0ZcoEq9KpR3e0TOunZeKXSYgkjfShom3HV261Rrp7g6ZEdfHO-t-K2zRQT7QBiVpXEdfMsb8YfR1QLq8Y6yvgKwpOwrTmlTrxW-kmVQY-x_-AZcqLLNxTExCbeGpcXrAcrPSgkUAwQY3Fvi7qD0U_mGAQ7pRWI5O9K2WSQJ8iVg-r2A2zEt1jX-cjkg-ExmGEgwhwjWpWAyx3m1wlE4Xksrso93ZhSo_DFVw6QF6V8l1cYRqL2aRAH11wD_RTZ79qw5IzU8IEcLC27b-cU0bH9lABgBbZ54ZkztmtfAFHABnO0qnWQ5Gvd-jdwHS3SJX_f6AjT4ul91aJuaAWybYWhapL5t98zrJbWUmmDhZ3BxWQe50ZIdchXAjAqTo9P4o3E60dW3YHTxNt4nqYvJX58lY-8S8tpSKJA32_s6fF-fTztIHFQEZ_jKGGVRFuca8UDLek5VKxh340uISR4jvLkd_cqC2TicS-9lWCaiV9Z7_-L-aGXzGLoKyZQxvnYuU5QzFA1bsg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2156&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yVqhSKQ1sU&p=http%3A//smiles.iclou.com.br&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B684 42 B
0 117ms
87ms Fetch
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdDW76nbFQSWOa2gkvm15I-_bo9q5qYYL8ZoASmxDx9kW2lqqeFJ5Su7tOlqt-MG3lh-V6IobJbIwzKuKf0LR3KoGdxhOuSRMsBlACJ3kpDFn-dqvB5VGep16GjsiPzAoWMXknzg&sai=AMfl-YTPVKZ45u48XnslyfkWdmHpgzoJj5BGjTyp5ilPAYDXMdmMW4zBaJ2uRbeFexCdGI_rFR1f9ZrZXKKc&sig=Cg0ArKJSzA-Xp3F8LSjCEAE&cid=CAQSGwDUE5ymA4aym-0ofv1aGaBQKsRHQg5zHbsM7xgB&id=lidar2&mcvt=1036&p=0,0,280,770&mtos=1036,1036,1036,1036,1036&tos=1036,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3582736694&rs=2&la=0&cr=0&vs=4&r=v&rst=1677866550335&rpt=1818&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C977 0
0 90ms
89ms Fetch
image/gif 142.250.180.226

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsseI_YdkTiUIZzYpCncG5SE9rq0JlW7coCWtQ6B2BF6xlqHFhHNm2exhiWvliLgZa4LOuGsE6lIjZuCPUZEDZCrB_r3jsPSXms5115nX0HTvQ9yA1s9-Q0QHvdc_IBWRn5vwRgzwg4UjKPMlMoWDB69WVeBahg9r9aAkcOLVuRXw7K1FskaXSduM_qXBpZP_ZM_arsPLeIH48p7y2wSkByZ-S197EiNyiWlrzqoIxZ1aVdeoJYI-iLBabK29OTYO2p3sxuHIzKS9Oy44cmAkM0zSAowjeUeJTa0hq2LcwNhw_14VFbmMb_v5jXfF4o0IRyxFzAHwvObEIj60sbMpALUU8wfy9NUED9zPYJy8NuWa7NJLTRHBTCSrYMVkUgaNVoke241xXKgrvLBqV3X9PM7e5JjdJ_zEa0dl3WYs-tUNzAJH1jgLCLZy3rZy-ZMArfeeHgIKWif-Uzlg7cuWqEmB2DvotwnWUv3qAQeGHHDsxvDc85-hrVMwXjf5Ydk5Va8h5dp9jviy0WEy4MIqQ1Ew1egjl9EsMd8EJ1efoSgBnyMWGgvk6wdtSxLOe4DoUVXBeqLWTpxIlGTfmYYdTqoDsRtFh2INtH3WvQladYwJx8SfB3-QixUgIaz4GBl_ydM7_jngb_gNBogvLmBeqSw28KPbPqh6re2meXUtiXD6VEKiLavmWnGk_Vv8szjW5ipiq0JXkQfZuiI8lqQBGMGjMIMZAH8fiBE8BgmrtKHhCDpzbSDVBVvSau1BRj8oB1rxUSnZUFqqkXCiN8a6YlaS8LBQn3ZJy7glIsJuS_Oqt4cAI16HPNMb0TlDlN0NnFMXFdz9dn0JiVWTUowez3Fg4cmqtaJxcRqpEXT_7mT8VsmBx7POXxSITITu1r1J6cGrnmdccTn6Ewta_PXxV3objXFqybA3iSHd2CtWgVx0-Hqj6P7pFNWcRITSMzg4Cwq0LBYP-IslDBd9o4547wONd-CtUawmFRPTAZvjD_AX7Z9gaZEUPxxPk6nnqGV_PjXrPMKIl-L2vnb6fgNpWeKfq4qoIyXLYqOUhSKQ83O6tg7UamHF5Kuv1x0M88ohldV-sRNlcrE4F7r1opMEkP2UdLokbjSJ3OvilM9pc28ZT1zkfCDG3NvkyAbwBtkum9U5zIwRRdaKJ8uduizZZGuQNnp8g4lSBwypjM5KR25bpjfOqSAnDEkdfKXagCN1NyKmJzMS3Uwu9WNo1ddCpoeI6IhhW1VXI0lNSW3uexJERPh4GHvP05tOItVtc5RpW_tMyPNKp97_w&sai=AMfl-YSdbyTycjpQREtBPflsapN8lhjY0y2suDMEN6hqh8Im4x88cxRpHamRxuDtA-uOksM_vEz12pmq_sE2eo9s3oW0tGSzr5EhNkW3qDGLg2CaZ58bsQurVkBrj4G0hSYKGEF_JUKNpp6UD_EO_0acySVio0JQHq0E0jqDtnqfo_PMmPm4X1XmpWITabuO6yf9MgkZfaBpw-F4Hun5vrAzcrjpRRMA-Y2UK7IA64snEm-uEXaqTlMIYA21w2wc2136lVDh&sig=Cg0ArKJSzIl2XhM7MxzBEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=763&vt=11&dtpt=335&dett=3&cstd=425&cisv=r20230301.12164&arae=0&ftch=1&adurl=

Requested by

Host: contatonline.com
URL: http://contatonline.com/?Dw0RYAT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Mar 2023 18:02:33 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4524 42 B
0 95ms
88ms Fetch
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstV4jHnXqHc0dZsRNJbuY7BXOrOQ0uPs5cJxEFHZlD3KMpF9B6HxTip-lhyoo4ebRg_rvMNKbEZIO3kc1BFPQ5oqk_JNA7DSEHmVGpX8HVsBHuYKtxN2PDDPLDBOhgbCx2NxyIzAg&sai=AMfl-YSZS_Hf9ZOpRS57K-qlkTOmE4IDoqH9nirB1qAHrWVadZO2VEpwTso-nLdESjoOyBXrRmoCVsA99kuX&sig=Cg0ArKJSzKcL65_2cVaeEAE&cid=CAQSGwDUE5yma9xi-EDESkefNrUr7AN1KXapPWsV7xgB&id=lidar2&mcvt=1011&p=0,0,500,180&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1677866551711&rpt=426&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 169D 42 B
0 94ms
89ms Fetch
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstI41gtnw3LA_XcrhGBO4ak1WC_auEi9i5Eq9QB6ifGW7KQwmetoLSwOGVGggfRWhhEykcYDQ1mtePw_EOCM6AlPC-ezypfPVQ_5AKZaVBPlFUk-06iojCTcnmF523JVyENXGtSxQ&sai=AMfl-YSeYtG4wv8BneW237AnjFxD8e01UDO3dxww_Ig1CVys_A7pAG4qD6_yc2GjQwZQzEM8DkBr0xqKsa8L&sig=Cg0ArKJSzBO53eJxw1VmEAE&cid=CAQSGwDUE5ymg280OXO0sQwDj8cx-7aGTIOatGZunBgB&id=lidar2&mcvt=1013&p=0,0,280,336&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=291284351&rs=2&la=0&cr=0&vs=4&r=v&rst=1677866550347&rpt=1857&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 33F4 0
20 B 88ms
86ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B1lwsODYCZLWhKdOe7_UPg4OToAkAAAAAOAHgBAI&bg=!qKulq__NAAbv3-2Ez987ADkAdvg8WqUGp_CmG1rPDfPTcmyHTNKAPSjP5EWyvxM4VtrZE0f5hWVUTu33F3YM2QqEB2l2YsmCxMcCAAAAvlIAAAACaAEHCgB81s4VstePM38h22jKviV6YyzZfQIPKvo-rSdZ3Q6fu7byE8gbDAObkAUyNms0oXdHbmiJdGZeClBQ23zq2MX8ziZniI7GaAqNh1fyIwDu86btks0HdYqgf3mi2lAJ_bkheXK8V4dRY4MdOWGzdWMzSa3-gQtS8s17oQnuOpkCyU3pce4majrDtGFIcFDF1mYYUkL38XyP32gqjQdxibJP0tWS8P5nSvCT_iqOURW0286tlFNaxnFtuGCQ4ghWl0860jraW6_7TIJFAF_98xz1QJ4pzAoQvxP7kS7-tSS0PK72vzixq1JzoEU1n4RQOwT4vZfFVo1If_vKygopxuqDJ9j4WkaNjgS8M7JnCfnQMFnsakU9d9I-HqYxKx1pTypObsVmxeTDKsTkVmbJPb1ymJrEm5-oNANsV5PmeX2RE1tTzd1KpKrun4Dh7pEnCCkY-VyS7BEa7m8bMaj7fHTKaSURE3oV9G19EL8KxfdcyD3dG9aEXup9Gz7n2P0mLJ7kFYvmykHWA4XhEt05oFR9X1nVOhr5rpBYEwZXBKf33UfkacYyEHEbop3nrXd78tgaPi6iHctt3i1G2IDK1ru9baQk4Qpjdd1Wqyf9Tb5vN1FoQxmA5F88Vode95pJC-sVwu7CTsQz9DWuH2WCBPXtrQqwIHjuxXrS1PCKepcgg5S3FDyUnn6RE265W3Yqn10DXZFuBk8UBVHEXK5rWhIM9pp0J2VlgnLuo_n5XQS_N-0j_lOnmcUCELn2Wi2cK9elQqH1IrSIV4aouM2Olp2uAw5hvFlG-A68nj8ykrdGg95TMjC8lZhLKNmeSdH0pZAWZ1IszequJBAErT2iAFtEfFxPpfxDDfalPzJ91wUSFuoq5LGQz3OpRhmj-w3h8eQY2YgQhhIdeOmad6caBpQSTyp_5OrXTEWsYHEVrEwnMZWlP7Dgs2fRjF3KnsyeJ_dkfsnM7dEgFpVG29OfPSNvb-loFn1NYe6F37siJvkJiic6MNxvMHXikyKxiEHeSJirbNxv2ML9X1x-OhBjTIRYE1BxEZ_IIDVSHON9auU76SYxcruanCc4uc2jn1NkrUoSL6jKps2zBM0ViVGO6EiB0a-2gzRSijTN

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 18:02:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

pixel
cm.g.doubleclick.net/ Frame B1F2
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEI69440rGnLTrKlvoGzWV04&google_cver=1&google_push=Aa02lx9AbBLSMZyXcaONsBTpZbHbz4CW-doHjvOeD-MJjS7dRdEle4rKvN...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx9AbBLSMZyXcaONsBTpZbHbz4CW-doHjvOeD-MJjS7dRdEle4rKvNsLbQx6yzQoUCweULORyHcD4-1pHdOSVAIL5EWwXB5a&google_hm=UN4AoYaCTVjd...

0
0

GET /
d.agkn.com/pixel/2175/ Frame B1F2 0
0

GET s-3614
e.dlx.addthis.com/e/a-1189/ Frame B1F2 0
0

GET dds
rtb.openx.net/sync/ Frame B1F2 0
0

GET UCookieSetPug
image6.pubmatic.com/AdServer/ Frame B1F2 0
0

GET sync.php
pixel.rubiconproject.com/exchange/ Frame B1F2 0
0

GET usermatchredir
ssum-sec.casalemedia.com/ Frame B1F2 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B1F2 0
12 B 74ms
72ms Image
text/html 142.251.39.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JtoDY3341ZeWPFzR8mYKW4tVA3dXbzJDwTIst-XuCB4-Rke9stqNBh8znL8FTntMlJZ-JL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677866551&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677866551476&bpp=1&bdt=2157&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D734af4ea5b846fb4-22c211a541dd0012%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw&gpic=UID%3D00000bbee59453df%3AT%3D1677866550%3ART%3D1677866550%3AS%3DALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=6423860147406&frm=20&pv=1&ga_vid=47454080.1677866550&ga_sid=1677866550&ga_hid=1435441945&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759842%2C31071642%2C31071755%2C31072620%2C31071269&oid=2&psts=AD37Y7tn4VeQH3X8A6bcd_7Ig-Zt41vRNRDEOsLYf1Xf0Abh69xNNuVPp6HV-2ByBM54LOFCQcltoV_2k8ZplY5TEg&pvsid=1132299879233721&tmod=1780838314&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=qNFb77EU19&p=http%3A//smiles.iclou.com.br&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.34 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 18:02:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST printData.php
redirecionador.info/relacionados/aereo/ 0
0

GET sodar
pagead2.googlesyndication.com/getconfig/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTEwODI1ODg5Mzg5MjM4NTczMw==&gdpr=&gdpr_consent=

Domain: s.tribalfusion.com
URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEM-keRuJPI8a2plPvD41wP8&google_cver=1&google_push=Aa02lx90JqgUaV2lI8-uu1GNQs_LZQSdxWJ6CtzChtfw39OVWCm3NSCW0fcLPTgXpee4xaANuNVxsTBqsI_bBcgrdIBLoLgexjjXRMo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx90JqgUaV2lI8-uu1GNQs_LZQSdxWJ6CtzChtfw39OVWCm3NSCW0fcLPTgXpee4xaANuNVxsTBqsI_bBcgrdIBLoLgexjjXRMo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Domain: ad.atdmt.com
URL: https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=29181076;s.a=3213511;p.a=357376930;a.a=548234172;cache=3572348132;

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx9AbBLSMZyXcaONsBTpZbHbz4CW-doHjvOeD-MJjS7dRdEle4rKvNsLbQx6yzQoUCweULORyHcD4-1pHdOSVAIL5EWwXB5a&google_hm=UN4AoYaCTVjdtj5PSV4hgg

Domain: d.agkn.com
URL: https://d.agkn.com/pixel/2175/?google_gid=CAESEKCkpgKzLDrGiXfFzpQ-_e8&google_cver=1&google_push=Aa02lx8ZP7bDzhdBgpebWYknWhxn6SzX6iSovno8weuE17qaNRJEV7lio5Jk6hpPcTpEHnHapHC9LAtweWj6-f_KqB3nmvWo7jEq

Domain: e.dlx.addthis.com
URL: https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx89DeHUXaf49dzTPEZccUFDX6fwgP0g4Y4FryeJZLZNmmX7pYIQY9TJINPW3Tcp2smGeCetmak5LyjCyc1RqJSWW4xgcmGX&google_gid=CAESEKTvJ61PFH0hxhrxRBBK4sE&google_cver=1

Domain: rtb.openx.net
URL: https://rtb.openx.net/sync/dds?google_gid=CAESEGwKXel9O_VyW7RyhCB2qoM&google_cver=1&google_push=Aa02lx8k8tTomeesL6_yV9lRuaz-i2Q1Cq4UoBA1SN_o8MLqZw05GVGPgamfcHgJXukASz8VxYzuWN3zIU_23zzzVcKG_0pEUsxn

Domain: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAmNPs0k55g-L7ODRXYInn4&google_cver=1&google_push=Aa02lx_TXoBRq7bRPNhd_Tn5QNyUExDYTV_K-Y1uMCHWKOVATB-zSrxbBGivg7cSlqWAkDrZeIYaXzMiROO77zooCkecEuAYAuAp

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKKCA4bdS2JItda8Ns4Gzdk&google_cver=1&google_push=Aa02lx-vivyr-TW_jRgWkaufmAk2UEkvCoB0MXSsjPbfQsMG9vHiThTBqg_nAhY8x4nCQxhC-0HUoCg9fdYnIMV-qZ37uadNWiQ4

Domain: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECvXke24NOZk7WtYrAaNk3c&google_cver=1&google_push=Aa02lx_aJHYKhe-2Wjjo0FW0T_nLakD2PZc8Bdttn5UyFzRoSnQ9uHk3AOo97bTyhdigzh6x9rnTD6N3gdFuNqvfPEIq_dlPO5Wj

Domain: redirecionador.info
URL: http://redirecionador.info/relacionados/aereo/printData.php

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230301&st=env

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.iclou.com.br/	1970-01-20 19:26:02	Name: __gads Value: ID=734af4ea5b846fb4-22c211a541dd0012:T=1677866550:RT=1677866550:S=ALNI_MZjN5aRIgVoRwpWX9kEzuio6nk-Bw
.iclou.com.br/	1970-01-20 19:26:02	Name: __gpi Value: UID=00000bbee59453df:T=1677866550:RT=1677866550:S=ALNI_MZGkHI_XzMcKZzXlTdTaLn51MKRpw
.doubleclick.net/	1970-01-20 19:26:02	Name: IDE Value: AHWqTUluZDYOA-A8RSzfKQF5KnLyIEhkpEO1iG8WWz5oqtBNOtGIWIcVuP46ibm4-ok
.doubleclick.net/	1970-01-20 10:04:30	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=29181076;s.a=3213511;p.a=357376930;a.a=548234172;cache=3572348132; Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.atdmt.com
adservice.google.com
adservice.google.de
bid.g.doubleclick.net
cdn.jsdelivr.net
clients1.google.com
cm.g.doubleclick.net
cms.quantserve.com
contatonline.com
cse.google.com
csi.gstatic.com
d.agkn.com
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
r1---sn-4g5edn6k.c.2mdn.net
r2---sn-4g5edn6k.c.2mdn.net
redirecionador.info
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
smiles.iclou.com.br
smils.com.br
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
ad.atdmt.com
cm.g.doubleclick.net
d.agkn.com
e.dlx.addthis.com
image6.pubmatic.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
redirecionador.info
rtb.openx.net
s.tribalfusion.com
ssum-sec.casalemedia.com
13.58.124.244
142.250.102.156
142.250.180.226
142.251.39.34
185.80.39.216
185.86.139.103
185.89.210.153
213.155.156.166
2404:6800:4008:c13::5e
2606:4700:3034::6815:5f5f
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:d::6
2a00:1450:4001:d::7
2a00:1450:400d:802::200e
2a00:1450:400d:803::2002
2a00:1450:400d:804::2001
2a00:1450:400d:806::2002
2a00:1450:400d:806::2006
2a00:1450:400d:807::2002
2a00:1450:400d:807::2003
2a00:1450:400d:807::200a
2a00:1450:400d:80a::2004
2a00:1450:400d:80c::2002
2a00:1450:400d:80e::200e
2a02:fa8:8806:16::1370
2a04:4e42:400::485
2a05:d018:d29:3602:9716:bff6:4d3d:aff2
35.71.131.137
5.161.90.154
51.89.9.251
85.114.159.118
01fa2775bf913e662a2e14a23f71d03b30ea343b637c82f9cb9877abca81ab55
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
05e223fbe6c08feeaeaa01d0b922b4f7b8245272a28f2c8036e6373c194ad6c7
06dc7065967df9cd6a967cc1a90151067f06ab671582a59a2775714f8faac134
0a7cac9b8f0b40c02c190a290f821c12d3a30bdd31f99699c96afb6e011f628b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12df6049ca9059f6897b350bbe900d9766a00c8f99c9e03daea0246b2c020e94
1326ce9ca289bcdad7489f3aaa9bec025fed0b3061e558d43f6bbbbe1c4666c8
13452f6f4b6457bd22e00d4bf3d1edf3efee95f04d759718a4d3fd6dfec3d096
15e2aee274954f17977d75721fc4b0700a4c972e285195e7b44b9307e64a17dd
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
192f52dbe5139513f29e6371157c0231520b2b78da3764855ad22d9f3def85c0
1dc300ad27cf763c0f0063459213ef6ed3e91f4283909b32dcb2cd6328139781
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e09d4ccd732fa47da8eb7eb50fba480e72756bf799e9a03b5e897dfa5f4049f
1eb978f999a9d18518d6bed354a2941013a27c3c4e340b1618bd9bdd30c1372b
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
21c55d7f44b3250c7243627771305fbaa0f1fbf7ecde82865a3e33a9d4d17357
236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0
2411b9ac9d1a93302578327cb5f355e76048f19a7060246da905918cc2a07440
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2fd3ec1c9bbd8649a7df803f56aee470fa259abb0a9b70485cd51c9d1bf77a03
30fa01cd206ea32c9c62f03c9e3781a483ebcedb63c83bd8ed5d5363c8175f61
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3ea571f67616f2ef7b6acacb2a92cecf6a5035424ce962d971e3f32926202e06
3f314aa5110a0783d17f09e7fc1e5c8ba69bcc6d87679922e41bcef7a5af9aeb
418c782cd9a0f004f25873525e400620db28bc9d81b2961e5e6be9faa5a900bb
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
48a3803c66697398863063eaad8263078145e5d97110d0b777a7347640a5afc6
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5523d15f25e2e7c347f40fde45d6b708587e462cc4050e92d31316b8731e4bf4
569394e48ffb8bd1b90f841c42b921c9d6112e1610574b4dc52138b4b8583ac6
5b23239ffe48518fe7e66e5de29a4ff533440be56478302589d45a7a6d3acb81
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
652799bc78890e96d4f9a781c94b2dd548a1f3bd518ed8a4a4d0c1104de5e362
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
66cebde0f7bd64bdad237cbd413b0c0868d1261b3552a7b996246573153464ff
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6c5930653cbb87e95f3501d804c72f1a050d469663a7a492d09e136099333b10
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
6ec70a3daaf44785b4e0419fede515a97ac00a951b1d410881344f85a27a7b13
708d5c9dbe4b6a80868cef351b45d31093d8dbe6e658f893be79a485c5879adf
7a669ebd3084aafcfbdee9e8baf522b714c4a517eaba6db04026b23fde6eeddd
7c2c7484f1c2b40f0438ef572631d0bdddfe82137e5c8a727e8997ff11e0f3ed
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
82274395ae9741732320547050e84cd8ca10510c0afb8cead6eb9172aa891deb
83f2458b1a0b08e9f5732e3b0316f3b8ac618e28a75d00aeda6e6014e719f93a
8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
8ca0c156193ef6f178971f94238a7573a63a4b36d1935a24673dc0c4efeb5fb9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
97216833c4b179d99561e8d7690aca967286ef9e6c61180b9d1a2fbd24ef8d7e
9737e1f2d8e8394823b95d1c2ed3db1a65efabeb4eaf36b3d35ed053dff921b9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df
9bb6d832c5365641d58ce3d09c4aec5ad5864fc8d10e2742d518f91a3f111cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a330369a99bc81779b396c1fd114747e7d50f3aad10e9235f1b0c807e0b33bb0
a3b6e5ff21f5497e89839cdd4a974c17ab34a893c8f3d75e4abc31bd141e9fed
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d97b1a999d982d377172157551b35ce4adbe1a439f1535b911c35def69456f
a7c08902b4fc94156a09fb46bfa362cd3b236df6257a71b0cbdaf018e5a7bd08
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
af0098f9fa5d18ef5b7996ae5ea98a94b4252c1161bcca4791ebfdd0e219881b
afde7beca39af28ed777738ffc0251a808b7b1b0c20e4186004c1b0d32a1c33d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d07304cca832f4d70ceafd73f39bf68de4cb3b8185f24614641e6f860118389b
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da5709cc3f5a03dc663cfb76800465a83284624e201a205a30edbf8d3f5a4157
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de10df60b55a6e5e7e3cfb603500eef739e2c517b9234fccf340334f568e5a38
df4668564d19864070038f32a8dd0823fe46c919e651cfe913c364907c79fd51
e1f061781dd54ac94ee2245db3b03e2fe1604349e42b857a3e5c982d6cdbb5f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
e97471c9146d06632c7730c7d1dd558d35fce90e312e2cc88f724cb2fbacddf9
e9a1d5c85453407dffeddfa852d86f8db4e36d246541dd4ef152f63d0dfe2a59
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f91deff330a245fc52a9e7be9e08e57958e0cd097f5d293f06e02d5177f6c4
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68459d679310d8dea155e2c6c2e27be5fff75050494105c69cfea7b2c73dabf
f7da7a3265a7d6f483860c21d4b5447ccbeb23a9652f533cbbea8c2f8ef1c2ee
fbc6e0d3c0d0c4932358e42196a9dadf310a245188a2add5a317a7fcf7946b95
fc975dee2288ad71c4131cbbd9e8e61d9123727e03ec56dfe5e3d78d60596d51

smiles.iclou.com.br Open in urlscan Pro 5.161.90.154 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

211 Requests

82 %HTTPS

66 %IPv6

31 Domains

45 Subdomains

32 IPs

3 Countries

2325 kBTransfer

6135 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

211 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

smiles.iclou.com.br Open in urlscan Pro
5.161.90.154 Public Scan

Screenshot
Live screenshot

Full Image

211
Requests

82 %
HTTPS

66 %
IPv6

31
Domains

45
Subdomains

32
IPs

3
Countries

2325 kB
Transfer

6135 kB
Size

4
Cookies

211 HTTP transactions
13 data transactions