smiles.iclou.com.br Open in urlscan Pro
5.161.90.154 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://smilies.com.br/
Effective URL:
http://smiles.iclou.com.br/
Submission: On March 02 via api (March 2nd 2023, 8:44:07 pm UTC) from US — Scanned from DE

Summary HTTP 175 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 26 IPs in 3 countries across 24 domains to perform 175 HTTP transactions. The main IP is 5.161.90.154, located in United States and belongs to HETZNER-CLOUD2-AS, DE. The main domain is smiles.iclou.com.br.

This is the only time smiles.iclou.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	5.161.90.154 5.161.90.154	213230 (HETZNER-C...) (HETZNER-CLOUD2-AS)
1	13.58.124.244 13.58.124.244	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::6815:5f5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2 8	2a00:1450:400... 2a00:1450:400d:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
2 35	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:802::200a	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4007:814::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.102.157 142.250.102.157	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:15::6	() ()
3 5	142.251.39.66 142.251.39.66	() ()
2 4	185.80.39.216 185.80.39.216	() ()
2 3	185.83.142.19 185.83.142.19	() ()
175	26

6 5.161.90.154 (United States) 1 redirects

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.154.90.161.5.clients.your-server.de

smilies.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
smiles.iclou.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.58.124.244 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-124-244.us-east-2.compute.amazonaws.com

contatonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:5f5f (United States)

ASN13335 (CLOUDFLARENET, US)

redirecionador.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:808::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4007:814::2003 (Las Vegas, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.102.157 (United States)

ASN15169 (GOOGLE, US)
PTR: rb-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:15::6 (None, )

ASN- ()

r1---sn-4g5lzner.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.39.66 (None, ) 3 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (None, ) 2 redirects

ASN- ()

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.83.142.19 (None, ) 2 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	545 KB
31	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 bid.g.doubleclick.net — Cisco Umbrella Rank: 703 cm.g.doubleclick.net	280 KB
25	gstatic.com fonts.gstatic.com csi.gstatic.com www.gstatic.com	247 KB
15	google.com 2 redirects cse.google.com — Cisco Umbrella Rank: 2640 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 73 clients1.google.com — Cisco Umbrella Rank: 417	373 KB
11	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36 imasdk.googleapis.com — Cisco Umbrella Rank: 442	268 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	291 KB
5	iclou.com.br smiles.iclou.com.br	61 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	3 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 8947	940 B
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1090 r1---sn-4g5lzner.c.2mdn.net s0.2mdn.net Failed r3---sn-4g5edndr.c.2mdn.net Failed	949 B
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 339	49 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	605 B
1	redirecionador.info redirecionador.info	1 KB
1	contatonline.com contatonline.com	367 B
1	smilies.com.br 1 redirects smilies.com.br	236 B
0	teads.tv Failed sync.teads.tv Failed
0	1rx.io Failed sync.1rx.io Failed
0	pubmatic.com Failed image6.pubmatic.com Failed
0	openx.net Failed rtb.openx.net Failed
0	yahoo.com Failed pr-bh.ybp.yahoo.com Failed
0	bidswitch.net Failed x.bidswitch.net Failed
0	travelaudience.com Failed ads.travelaudience.com Failed
0	adsafeprotected.com Failed fw.adsafeprotected.com Failed
175	24

	Domain	Requested by
35	tpc.googlesyndication.com	2 redirects googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com smiles.iclou.com.br
24	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net smiles.iclou.com.br
18	pagead2.googlesyndication.com	smiles.iclou.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com contatonline.com
9	www.gstatic.com	googleads.g.doubleclick.net
9	fonts.gstatic.com	fonts.googleapis.com
8	www.google.com	2 redirects cse.google.com smiles.iclou.com.br googleads.g.doubleclick.net
7	csi.gstatic.com	imasdk.googleapis.com
7	fonts.googleapis.com	smiles.iclou.com.br googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
5	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
5	smiles.iclou.com.br	smiles.iclou.com.br
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	imasdk.googleapis.com	googleads.g.doubleclick.net
4	adservice.google.com	pagead2.googlesyndication.com
4	adservice.google.de	pagead2.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	cdn.jsdelivr.net	smiles.iclou.com.br
2	r1---sn-4g5lzner.c.2mdn.net	smiles.iclou.com.br
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	cse.google.com	smiles.iclou.com.br www.google.com
1	gcdn.2mdn.net	1 redirects
1	clients1.google.com	smiles.iclou.com.br
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	redirecionador.info	smiles.iclou.com.br
1	contatonline.com
1	smilies.com.br	1 redirects
0	sync.teads.tv Failed	googleads.g.doubleclick.net
0	sync.1rx.io Failed	googleads.g.doubleclick.net
0	image6.pubmatic.com Failed	googleads.g.doubleclick.net
0	rtb.openx.net Failed	googleads.g.doubleclick.net
0	pr-bh.ybp.yahoo.com Failed	googleads.g.doubleclick.net
0	x.bidswitch.net Failed	googleads.g.doubleclick.net
0	ads.travelaudience.com Failed	googleads.g.doubleclick.net
0	r3---sn-4g5edndr.c.2mdn.net Failed	googleads.g.doubleclick.net
0	s0.2mdn.net Failed	contatonline.com
0	fw.adsafeprotected.com Failed	contatonline.com
175	36

This site contains links to these domains. Also see Links.

Domain
smiles

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-02-21` - `2023-05-02`	2 months	crt.sh

This page contains 24 frames:

Primary Page: http://smiles.iclou.com.br/
Frame ID: C254051ABB2703A342F4D251BF086F5F
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html
Frame ID: DFE0112BA7CF044E0469C9659DDF8916
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&adk=1812271804&adf=3025194257&lmt=1677789843&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_l%7C308x810_r&format=0x0&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&ea=0&pra=5&wgl=1&dt=1677789842976&bpp=3&bdt=328&idt=314&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5243333977490&frm=20&pv=2&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=354
Frame ID: 538898A0DA6301DF9982A309FFAFA6C6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=3582736694&adf=865389875&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677789843&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677789843149&bpp=3&bdt=501&idt=189&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OOCNJW5N34&p=http%3A//smiles.iclou.com.br&dtd=202
Frame ID: C8B27E21842E1D5AD372022AF25C984E
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1677789843&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677789843152&bpp=1&bdt=504&idt=204&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=uoRojiQALu&p=http%3A//smiles.iclou.com.br&dtd=207
Frame ID: E9E691DF8399FB979A7E92A38DBB2389
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=530165087&adf=4093038968&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677789843&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677789843850&bpp=2&bdt=1202&idt=2&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=5jz26vLw3P&p=http%3A//smiles.iclou.com.br&dtd=7
Frame ID: 0CB9D6699703D28AFA5E318950D77F2A
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677789844&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677789844584&bpp=1&bdt=1936&idt=-M&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sFQIBunTGM&p=http%3A//smiles.iclou.com.br&dtd=7
Frame ID: E6AF2196BF0DD27399518CD335DDD348
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1677789844&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677789844584&bpp=1&bdt=1936&idt=0&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=FJdszyvFV1&p=http%3A//smiles.iclou.com.br&dtd=12
Frame ID: 7420410775119BDBDE8822D00AFED7F7
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: B13F46C61C5897FB3C57D68FC6A43CCB
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E383F60EE9D436C065D41F4351B64B2A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Frame ID: B5491F51B038709C5E63D2738B693FCD
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Frame ID: 01BF50C9CDE1215D312431ED037F6348
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Frame ID: 76CDED87C249EAF220624A261012E7AA
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677789845&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677789845083&bpp=2&bdt=2435&idt=2&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280%2C1005x124%2C180x500%2C180x360&nras=4&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&psts=AD37Y7tzSAxGUGougtvZCrWFXKft9f5L-41sQlIIoe40BhSeb_h0qbBkVGHzmMH6xqSzsLI_jvGcLLWRF7BJb_tuEg%2CAD37Y7u56YM4OAfDCUBCwTqxxliaEGTMtifVuW95jY6Bcr56RXFGsWdpRTaxBtMUoRVDfxedwcM4Hqig7n9B46M%2CAD37Y7tULERFx1sNlYONmq9eNnobOp4hM4H_ER7VGITjIQHKtdHCTaB0w3STXTm2shbuQMSCw31UQUxpZCjsdtk&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=JMJtJbwmnF&p=http%3A//smiles.iclou.com.br&dtd=13
Frame ID: 17AF5C977CE0BB7294CEA33FED3F691D
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNUvzdRS0iV5Lqff_8zkL3Pd6To_9toY0wEkTL3RJI0Jn0OgdxI8uYBNekpKFH7PzWVYi4E5YnS_bGcqVvYyPOkcIvU12CngtXJ9QKy3A3Q2BI_cSxyT9vJv-_cOdQNvr2097xCxHy7jcQ3bUi1sENObNZ-uQrcO2z4XSji6NODRSXWaZms
Frame ID: 610C54E9C7831F073B41BCBB89F4EF13
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 45F6E462781DACE344F6DDDCD59C40B4
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C31B56391D8C765F1900A5B64A992D7B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
Frame ID: 8C9BD83FD4ABEC0F0B972229FFF3BB1A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
Frame ID: 0E95734A9E9238923C631032283642AD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
Frame ID: 3F579706B45407DCA8C84B8A59B38F75
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
Frame ID: 7FD09E03D99F2BCC57FA26FBF2D3B133
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A0201D37E01AF46C6F0813F4E4399B3A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3628D313D9549C36B1E4C879CC399875
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 8130FC115F4041A3FE25AB545D9A56FB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SMILESpesquisar

Page URL History Show full URLs

http://smilies.com.br/ HTTP 302
http://contatonline.com/?Axr8vI9 Page URL
http://smiles.iclou.com.br/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

175
Requests

78 %
HTTPS

77 %
IPv6

24
Domains

36
Subdomains

26
IPs

3
Countries

2121 kB
Transfer

6617 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://smiles/
Title: Início

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://smilies.com.br/ HTTP 302
http://contatonline.com/?Axr8vI9 Page URL
http://smiles.iclou.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://smilies.com.br/ HTTP 302
http://contatonline.com/?Axr8vI9

Request Chain 45

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 72

https://gcdn.2mdn.net/videoplayback/id/a3d1b5ecaa4a0ba0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818572274/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/7B8483686F08FDEDDF432ED54D6F2063DC363BD7.71243E0F9D94CE2610D1FF309EE5B10823FE17BF/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5lzner.c.2mdn.net/videoplayback/id/a3d1b5ecaa4a0ba0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818572274/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7889D16ECADCB01CD2504464B087607D90BD2572.8493DC6D5E34F6F46C9C42BC60B1B95858109FF2/key/cms1/cms_redirect/yes/mh/s7/mip/2a01:4a0:1338:92::7/mm/42/mn/sn-4g5lzner/ms/onc/mt/1677788370/mv/u/mvi/1/pl/36/file/file.mp4

Request Chain 83

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 128

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkAeitjBQHlgJ6llzX-7MU&google_cver=1

Request Chain 129

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAEKlfrrBnBhTahgMqxwOAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkAeitjBQHlgJ6llzX-7MU&google_cver=1

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAc6CbANULqb8Jd-PdrvmHY&google_cver=1

Request Chain 131

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3NjAyNjg3NTczMzYzNzE0NA%3D%3D

Request Chain 133

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 144

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 163

https://gcdn.2mdn.net/videoplayback/id/1e2a706195bf2ad0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818571481/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/5F38002833FD2C1B05DD9AB20B0902C98B9FCED2.B22CE1DCB9774A5132662885553E2059278CC595/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5edndr.c.2mdn.net/videoplayback/id/1e2a706195bf2ad0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818571481/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/19360CF7571F42B8A08BD03C65411011B8D0B05F.79459C2DADAFF5026C55BBE6C9E3CECA06EC50E4/key/cms1/cms_redirect/yes/mh/lT/mip/2a01:4a0:1338:92::7/mm/42/mn/sn-4g5edndr/ms/onc/mt/1677788370/mv/u/mvi/3/pl/36/file/file.mp4

175 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
contatonline.com/
Redirect Chain

http://smilies.com.br/
http://contatonline.com/?Axr8vI9

110 B
367 B

318ms
140ms

Document
text/html

13.58.124.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://contatonline.com/?Axr8vI9
Protocol: HTTP/1.1
Server: 13.58.124.244 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-124-244.us-east-2.compute.amazonaws.com
Software: nginx / PHP/5.6.38
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Mar 2023 20:44:01 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.38

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Mar 2023 20:44:01 GMT
Location: http://contatonline.com/?Axr8vI9
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.29

GET
H/1.1 200
OK Primary Request / Show response
smiles.iclou.com.br/ 24 KB
7 KB 889ms
123ms Document
text/html 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx / PHP/7.4.29
Resource Hash: eec7b890011983dd43c49ab04036ea034b573a81a8db80c665b81f0619a8a676

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Mar 2023 20:44:02 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.29

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
50 KB 154ms
102ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

HTTP/1.1

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe3a4cc5d7690d7e469a3e97e352f6d87e73dc877e33f024304247a6dc88f23b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 20:44:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 50739
X-XSS-Protection: 0
Server: cafe
ETag: 940012864018600255
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Thu, 02 Mar 2023 20:44:02 GMT

GET
H/1.1 200
OK estilo-laranja.css
smiles.iclou.com.br/css/ 202 KB
27 KB 127ms
127ms Stylesheet
text/css 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smiles.iclou.com.br/css/estilo-laranja.css
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx /
Resource Hash: 418c782cd9a0f004f25873525e400620db28bc9d81b2961e5e6be9faa5a900bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 20:44:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Feb 2021 02:21:28 GMT
Server: nginx
ETag: W/"6018b728-327ff"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 139ms
51ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

708d5c9dbe4b6a80868cef351b45d31093d8dbe6e658f893be79a485c5879adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 20:44:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 20:44:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 20:44:02 GMT

GET
H/1.1 200
OK topo.jpg
smiles.iclou.com.br/images/ 24 KB
24 KB 246ms
123ms Image
image/jpeg 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://smiles.iclou.com.br/images/topo.jpg
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx /
Resource Hash: 0a7cac9b8f0b40c02c190a290f821c12d3a30bdd31f99699c96afb6e011f628b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 20:44:02 GMT
Last-Modified: Tue, 02 Feb 2021 02:21:31 GMT
Server: nginx
ETag: "6018b72b-5fdd"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24541
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK requestData.js Show response
redirecionador.info/relacionados/aereo/ 1 KB
1 KB 342ms
283ms Script
application/javascript 2606:4700:3034::6815:5f5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://redirecionador.info/relacionados/aereo/requestData.js
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:5f5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ea571f67616f2ef7b6acacb2a92cecf6a5035424ce962d971e3f32926202e06

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 20:44:02 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 11 Feb 2021 20:28:44 GMT
Server: cloudflare
ETag: W/"6025937c-43c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6aW%2Bi37g6OfMFznFU7560R%2FxTEmVvIccY8osFJQ5ZyYZK%2FaiQdEHC4o8aEn9Oh9MO98XuvL3%2BvMTclDztgv%2F4WyQrhUi0zATh9Lb2lHuiUEL2oNEk7khKMRiDhAdtYCZEqRiP3BQQHkhlDPUiRjQkJ9"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: public, max-age=315360000
CF-RAY: 7a1c79b529523681-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.3.1/dist/ 85 KB
31 KB 137ms
51ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.3.1/dist/jquery.min.js

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 735018
x-jsd-version: 3.3.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230090-FRA, cache-yyz4572-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"1538f-DcMttKqcXwPzs4xH2IPb1P7ROq4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3aBMeL3Kd6S8kY0EBIN7PdqFLBx1%2BAYChCESQjiOsZNvNsdQB%2F76hCA2treEoEfrZCHybEdyVQITl4AxV%2FlqSp1pZyjGstwaSlT3p0kHCMdmR8HV7GsaDaDyBAMh%2BEuk0uhlEQAPIgVd8ys3Tw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7a1c79b54f13915c-FRA

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
11 KB 175ms
89ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 735025
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230096-FRA, cache-yyz4521-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BrxVJFbICfpirTJ4FwEeQpW0R6gw2nceOFUDfqpDqsVGYt2r6Ta6R7la2FOIKr%2FpmBv9bY2Zqc7yPy2h0mOHsoi0%2FMj4LO1YiX5XELanOdMJxzvt0tOiexvZ2PUcfP5XmwKb%2F0xgwEBYqsm60J8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7a1c79b54f16915c-FRA

GET
H2 200 jquery.flexslider.min.js Show response
cdn.jsdelivr.net/npm/flexslider@2.7.1/ 23 KB
8 KB 135ms
49ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/flexslider@2.7.1/jquery.flexslider.min.js

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82274395ae9741732320547050e84cd8ca10510c0afb8cead6eb9172aa891deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 342865
x-jsd-version: 2.7.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230023-FRA, cache-yyz4583-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"5a97-CZSrA1me8DvhFo11qWL07JtctNM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMMCO%2F%2BdkdWgLIb8%2Bkpi8%2FrIY94v5U7NdrjYKEKAvy6box00GMgux04bhocuKOHiISDgf2woF35U1AT%2FanDNNFdH27dA5CTRE52Q4nMLO8JEN5lAyrk8fMN1KpZF4XXOimYTO0tM%2BfaAracp23k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7a1c79b55f17915c-FRA

GET
H/1.1 200
OK scripts.min.js Show response
smiles.iclou.com.br/js/ 2 KB
1 KB 124ms
123ms Script
application/javascript 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smiles.iclou.com.br/js/scripts.min.js
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx /
Resource Hash: 9737e1f2d8e8394823b95d1c2ed3db1a65efabeb4eaf36b3d35ed053dff921b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 20:44:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Feb 2021 02:21:33 GMT
Server: nginx
ETag: W/"6018b72d-919"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ads.js Show response
smiles.iclou.com.br/js/ 10 KB
2 KB 244ms
122ms Script
application/javascript 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smiles.iclou.com.br/js/ads.js
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx /
Resource Hash: 2fd3ec1c9bbd8649a7df803f56aee470fa259abb0a9b70485cd51c9d1bf77a03

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 20:44:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Feb 2021 02:21:32 GMT
Server: nginx
ETag: W/"6018b72c-27a5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
22 KB 136ms
41ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://smiles.iclou.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 14:21:04 GMT
x-content-type-options: nosniff
age: 109379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21724
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 14:21:04 GMT

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 171ms
76ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://smiles.iclou.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 12:42:14 GMT
x-content-type-options: nosniff
age: 28909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 12:42:14 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 10 KB
10 KB 190ms
96ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://smiles.iclou.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:18:51 GMT
x-content-type-options: nosniff
age: 19512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10172
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 15:18:51 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/ 360 KB
119 KB 194ms
103ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8847092362748368&plah=smiles.iclou.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6f63ffc99b8c409016c6e10dbe5e130653b2bb64442d29e6ee18e5b3ef5d6ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121313
x-xss-protection: 0
server: cafe
etag: 7702505195208193403
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 20:44:03 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/ Frame DFE0 10 KB
5 KB 128ms
40ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5031
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 19:20:12 GMT
etag: 2378337311435320485
expires: Thu, 16 Mar 2023 19:20:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cse.js Show response
cse.google.com/ 5 KB
3 KB 179ms
69ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e16091f3287ea770b873f2a8946c64570c3e51229710cb5c56cf2efed0717789

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:03 GMT
content-encoding: br
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2209
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: AqRrpS1jM/HOs1rGR0CnXerKEP/QFz7qj9ApDSZqAO+0U+KcT/h/lxA6akW4ar0kT0V1bw5MD4t8O7L7OFwM5gUAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY3ODIzMzU5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Thu, 02 Mar 2023 20:44:03 GMT

GET
H2 200 cse_element__pt_pt.js Show response
www.google.com/cse/static/element/c23214b953e32f29/ 305 KB
305 KB 192ms
62ms Script
text/javascript 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/c23214b953e32f29/cse_element__pt_pt.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68459d679310d8dea155e2c6c2e27be5fff75050494105c69cfea7b2c73dabf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 01:53:18 GMT
x-content-type-options: nosniff
age: 154245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 312031
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 20:46:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 29 Feb 2024 01:53:18 GMT

GET
H2 200 default+pt_PT.css
www.google.com/cse/static/element/c23214b953e32f29/ 41 KB
9 KB 183ms
53ms Stylesheet
text/css 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/c23214b953e32f29/default+pt_PT.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9086
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 20:46:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 28 Feb 2024 20:56:01 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 190ms
61ms Stylesheet
text/css 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:37:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 02 Mar 2023 21:27:15 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
605 B 152ms
48ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=smiles.iclou.com.br&callback=_gfp_s_&client=ca-pub-8847092362748368

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8847092362748368&plah=smiles.iclou.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a8cdb437b98ef34109aed4292ed66a432a9cd426b0fe2d6747fc6c46f0f21f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 170ms
50ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 154ms
50ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5388 370 KB
66 KB 1390ms
1389ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&adk=1812271804&adf=3025194257&lmt=1677789843&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_l%7C308x810_r&format=0x0&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&ea=0&pra=5&wgl=1&dt=1677789842976&bpp=3&bdt=328&idt=314&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5243333977490&frm=20&pv=2&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=354

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41a7dc5e797cb9512d4641995cf30c5e2f4d8b999757f8cb78270c3490390f03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 67163
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 20:44:04 GMT
expires: Thu, 02 Mar 2023 20:44:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C8B2 107 KB
33 KB 1171ms
1170ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=3582736694&adf=865389875&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677789843&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677789843149&bpp=3&bdt=501&idt=189&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OOCNJW5N34&p=http%3A//smiles.iclou.com.br&dtd=202

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abad3ad1dd4095f61287e926f58bfbf4d041e8633891304599d8bee01d02f060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33836
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 20:44:04 GMT
expires: Thu, 02 Mar 2023 20:44:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E9E6 96 KB
34 KB 1309ms
1309ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1677789843&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677789843152&bpp=1&bdt=504&idt=204&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=uoRojiQALu&p=http%3A//smiles.iclou.com.br&dtd=207

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8275a1832029640448076101960837d5de803b1db3116f50612e3282c80650ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34752
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 20:44:04 GMT
expires: Thu, 02 Mar 2023 20:44:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 140 KB
52 KB 324ms
254ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/c23214b953e32f29/cse_element__pt_pt.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a9e5151eb6e27c499d5288b1620fd017196a800d43f7d80e19a7e65b5b59668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 20:44:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
ETag: "13795198111225563038"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Accept-Ranges: bytes
Expires: Thu, 02 Mar 2023 20:44:03 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/pt_PT/ 1 KB
2 KB 62ms
61ms Image
image/png 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/pt_PT/branding.png

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1f061781dd54ac94ee2245db3b03e2fe1604349e42b857a3e5c982d6cdbb5f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 09:36:43 GMT
x-content-type-options: nosniff
age: 126440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 29 Feb 2024 09:36:43 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
127 B 345ms
256ms Image
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 20:44:03 GMT
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 108ms
107ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 107ms
106ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0CB9 75 KB
23 KB 335ms
334ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=530165087&adf=4093038968&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677789843&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677789843850&bpp=2&bdt=1202&idt=2&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=5jz26vLw3P&p=http%3A//smiles.iclou.com.br&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18a96675f4f19667b1f329c36f2c16cf3b62760f7b484946bac5aaff1d9ddcca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 23646
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 20:44:04 GMT
expires: Thu, 02 Mar 2023 20:44:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame 0CB9 22 KB
9 KB 145ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=530165087&adf=4093038968&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677789843&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677789843850&bpp=2&bdt=1202&idt=2&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=5jz26vLw3P&p=http%3A//smiles.iclou.com.br&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0CB9 8 KB
812 B 51ms
49ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 20:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 19:26:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 20:44:04 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/ Frame 0CB9 14 KB
3 KB 197ms
54ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114633
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 11:39:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 12:53:31 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/ Frame 0CB9 376 KB
128 KB 200ms
57ms Script
text/javascript 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d07304cca832f4d70ceafd73f39bf68de4cb3b8185f24614641e6f860118389b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 23:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78190
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131380
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 11:39:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 23:00:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 0CB9 20 KB
8 KB 148ms
45ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C8B2 4 KB
621 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 20:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 20:19:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 20:44:04 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 49ms
48ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 51ms
50ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E6AF 20 KB
9 KB 467ms
467ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677789844&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677789844584&bpp=1&bdt=1936&idt=-M&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sFQIBunTGM&p=http%3A//smiles.iclou.com.br&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

605be1b13501b7a1c80398c5e8849e90d770b49af06fc4599afcdfabd025f91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 8782
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 20:44:05 GMT
expires: Thu, 02 Mar 2023 20:44:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7420 103 KB
0 1582ms
1581ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1677789844&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677789844584&bpp=1&bdt=1936&idt=0&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=FJdszyvFV1&p=http%3A//smiles.iclou.com.br&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37557
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 20:44:06 GMT
expires: Thu, 02 Mar 2023 20:44:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame C8B2 2 KB
818 B 41ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C8B2 0
0 124ms
124ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcCYekwoBZL_EF8jTxwKhxLaAAteawKBun8yvrL8O6p_coNQBEAEgkLCHE2CVgoCAtAegAbC6odcDyAEJqQJ5WjZe8MCxPqgDAcgDywSqBOMBT9D_GPNQJXJONiS9zB1MlCOgE4_SRrTUbeitQCg950maCO8229IgEovNiIosNnbTuuWXoe4vkfNJ9_7hyX6M3R-b-cGEmMo4Q1S5o3zKK1rE1t3WdozPgDP8iTeAUl9x6ri7d3Jt2yz_M5N2YoqvPM8FCWtSTGlYczrNkPBl0RZ7YhBSd8D2jCSRhO5ge-q_gJPo6nknPvD6eFpBojPL9fuGMKI7Q22Y_s9Y-Z5LICLMRKtxSmWLgPDPV12A7kpx1x4AEECFtFjW48ha6I0oFXPVUar-LCuhTdpGT5iah6wUvdvABKmcqargA5IFBAgEGAGSBQQIBRgEoAYugAfF960-qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcFEO-piwHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi04ODQ3MDkyMzYyNzQ4MzY4GAA&sigh=mXzTwpJTaWQ&uach_m=[UACH]&cid=CAQSGwDUE5ymFU_jW51N33tWm3Gp8DAaqtCQLuSm1RgB&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=3582736694&adf=865389875&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677789843&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677789843149&bpp=3&bdt=501&idt=189&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OOCNJW5N34&p=http%3A//smiles.iclou.com.br&dtd=202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 20:44:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 20:44:04 GMT

GET
DATA 200
OK truncated
/ Frame C8B2 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame C8B2
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

78ms
40ms

Image
image/png

2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Protocol

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:05:25 GMT
x-content-type-options: nosniff
age: 5919
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Mar 2024 19:05:25 GMT

Redirect headers

date: Thu, 02 Mar 2023 04:37:50 GMT
x-content-type-options: nosniff
server: cafe
age: 57974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 01 Apr 2023 04:37:50 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0CB9 0
54 B 659ms
201ms Ping
image/gif 2607:f8b0:4007:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=1~lerkr5g3&c=7849246859469&slotId=3924623429734.5&qqid=CIuGoJ2Ovv0CFXPl5godlSALFg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44746068%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:814::2003 Las Vegas, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 20:44:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0CB9 15 KB
16 KB 49ms
49ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 09:37:51 GMT
x-content-type-options: nosniff
age: 558373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Feb 2024 09:37:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0CB9 15 KB
15 KB 52ms
51ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:29:06 GMT
x-content-type-options: nosniff
age: 328498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Feb 2024 01:29:06 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0CB9 0
121 B 78ms
77ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C01gPkwoBZMvwOfPKmweVwaywAeLXw9huoImvtu8Qn4W90NUkEAEgkLCHE2CVgoCAtAegAan_5cYByAEFqAMByAObBKoElQJP0Hr1ZEY34IwiUvCOJ3nYzMjsc7f2ecOhOb4j1pRFRFn8xkRtctsnhF46ltSrZVp9wU52WFUH710mPvd--La0_2tk3Lxcxdx64zzWU47cxhHpl2zdDWesvjf6V2QZBJ03qKSVuKe4CyyXVIPBG9DjKW5iK_2BCW3ApNisAWUJbsq_36UrZux2Z3sH9K7XEw47XkSchBbwLJfFmJsMmFXAqWAzp5WZpphgga3lg64CDo4bjq-0DTQJvMbYCriZI2r5GfU76DCZ3M80RcLkEZpdPqtUKwiMsT4HQWYWptTuj6yJTv9GVHwQAOxnlB1cWjdJw3CY7ia3jZCy7Zwm8ZvgVaWkMA9haJZf5kYBIo-nDLsQsG1LwATpj_LtoATgBAOQBgGgBk6AB7-AmrkCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoBmAsByAsBgAwBsBOU0bES2BMNiBQB2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1677789844620&ai=C01gPkwoBZMvwOfPKmweVwaywAeLXw9huoImvtu8Qn4W90NUkEAEgkLCHE2CVgoCAtAegAan_5cYByAEFqAMByAObBKoElQJP0Hr1ZEY34IwiUvCOJ3nYzMjsc7f2ecOhOb4j1pRFRFn8xkRtctsnhF46ltSrZVp9wU52WFUH710mPvd--La0_2tk3Lxcxdx64zzWU47cxhHpl2zdDWesvjf6V2QZBJ03qKSVuKe4CyyXVIPBG9DjKW5iK_2BCW3ApNisAWUJbsq_36UrZux2Z3sH9K7XEw47XkSchBbwLJfFmJsMmFXAqWAzp5WZpphgga3lg64CDo4bjq-0DTQJvMbYCriZI2r5GfU76DCZ3M80RcLkEZpdPqtUKwiMsT4HQWYWptTuj6yJTv9GVHwQAOxnlB1cWjdJw3CY7ia3jZCy7Zwm8ZvgVaWkMA9haJZf5kYBIo-nDLsQsG1LwATpj_LtoATgBAOQBgGgBk6AB7-AmrkCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoBmAsByAsBgAwBsBOU0bES2BMNiBQB2BQB0BUB-BYBgBcB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 20:44:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0CB9 0
234 B 640ms
197ms Ping
image/gif 2607:f8b0:4007:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=2~lerkr5hq&c=7849246859469&slotId=3924623429734.5&qqid=CIuGoJ2Ovv0CFXPl5godlSALFg&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:814::2003 Las Vegas, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 20:44:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 0CB9 29 KB
17 KB 200ms
71ms XHR
text/xml 142.250.102.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BmG6iBFcSf_6VjXXOqG7EI7gvygdeZtRy2wl7EEw3w5uzsjfQ8R_vIv4kjZRYlA0a9kl7SJWTilB2Kq-m-d60o3oEhnA&cry=1&dbm_d=AKAmf-BsQJZYCofURQFQIEAZaVp-DldA3k3jR1wc-Vtg-pOrf1CtWnLN7BfKdxRrZRkXXBshEUTNbFxynWLATkvqwxmzOY2eoBgXkJoM0guDfzzLfDugyLiEl0F6Tou_Z3TSks1o41G79HusdRb9isFoq2W8TjIqAVtAjeDUwsYckj31MlNINJt1FW0U05XXJ7OoEWVY9PnwLh0e2nmFYPtP6hp9n_LLtTrqpi7Ugb_5nK_dr_SICWRbWL5JlBF4_O2RfvzCHG6YPCou71Et8EtKGJSvvaLNOVcbWQ-PUjYrBy36cLGK0W-uTX7ez6Ip49Tarv0DXNg7sS4qrWL0n3QGySaXTYt6H-_eFn-cwRlN-428fOul-30ooXclHjqokfsMB4wyfAbanif2vlKXxvHxGwZxIlCS0gScsePbjBPGk8SqBFHuayqcUy55ct5oIuPDYQY_qu3JOI81JVrKHeL5XjCL2Z1e6tpYDrd_FZ9VZ4-LshmzQRLOD-oRd7HKSWuC6XD9H0e2EwXp1eWx77yRuGbpApFXNqvoHaAzdBGNcc3IxjeK_n62RapLFgSMCToEw40i-U60LGnVgy7Y0_wmcw2oQcJAOeEdtOFprwbAMkBoDDS4mebd3Hf3qRL0JYI0ufUa0wDsqfW2yqwcInZJ-xz8iJrpGbZUuRt9nWpm_qBFNYQDRsUKLPCrHdb621uv3cBgD76Lv3Gi-2mem0-BZ8wuYJ-F_lHqT1i8WiN6ow32QO2LCPp3SRjT70QJyClbaZ6VFJQiqYAWX38feZuqnK_iYpsyWAkDtU_tWKd2TzWO8MbZL-6juksqGCOkOaK-r6QsWw_3IbAtlBUOO75P4hYesT61YXl17Awk8AXVE59FfbI9tW6sC9j2uAY1TxCZtPoeG-gbpVsjX3PWIlKhQsUFaNzRecPHW5LDdarDTEFaHiDWiEIJbTQ9beDJoxVd3xsvpN-xt3H2_ZZBHGgOEFtUMOjHbi5FsrNh04sbbWdZWeTX2Q7l0OCZEgpj69IDlRxr_tDhy52AQK-Q6RZz_9yHGFOY9tb0vdBg_QDKDFT17eJAP1wE7M-TK2MM0r1xQbYES5BHVrdAV39jVD3hS6_PQb3__Cb7JXSJUCccFDnYR21m_jtjB7PIB241FA7f71ahJ_3KhXZihhTki_7g4knJw_w41KuLKVyQSFN41gArxWEnhsWHS_1iH2dQvPb7dwANY5ONpSxL901ifM8UHxOvHlx00SOMAZXuohlIqSnzgPdh01a1AAmGIJJdkanfupMuTfvIgPQ7s_PzuAcgHC6cOmRfR0oIshO60pwzq7ZL2uzJHvSok3GmJteBri1hVyOPnhCRukB6SDeEMITvM43raKOUuxcei4Ctu1cyHgTas4_OfE9lo0IMI2vUYzsBWtM5b7gBsT088zS1QwEV-_RFtcoIKDVsvG3qUwucVsoZBYqCoXV0U-mZhA21m7Bor0KUmui0uGcbyWRrhmDEMBiLurR7PKXs8AX-sG1z97j79WNZIEr0LuYWyR9w8AHwejUCWYLrbPnVztUT3uNYZtwKP0_2MIbHSFycWYR5zqMaoxMAg9WT9_nXfmfn2OrsOs-zeVwJzOELUBsbweZLUDg5v-H0oU9KFnrpMO8aqAl0sazl7PeypgGXC_198i47l6NXGRVS5TYS8QA6sx_ke1dk6rwuz3kr89cUm6XTiX1QrtPoHA4UUEt6t9gweeVvqEbInJantUz6pydwp_c6UKr5_raqd-2dNqfy1sk6UncO801-0bA6kj0zam--Kf2PthB14UJnSSS-vA7UbfwTrfepXhtrIsNEs_cqPP2U6USgulIDOwnaOpHqNsfH-VdY4OvJ5qv8txDoCr_CFj2DmGnIBM5Q_Ld_bGZgQRCvYABYeCTpetYeSIRYKKPjSG5of3R_bWzKSGPjkL17MhMjjFv8fwQ1X8A4RzUIu_WwodJAZ4jldjQ-BCRFs9cloQ1pUgB_VXHEJKusOKbh3lOPNvJyNegOqD16bFYD4l9oVhyWM45AZfwKdEBQV7LMWn3fIY-TlQ8F9i_vPUt-v6wD7NJSVX_Lkrz8MHVpsDDh0y8VU_jqFKE12_9eYQVI_Tyx675txkeEj6tZEwhs4oxFcK3g-rtAjG033oI9GVhD9J4rrugve17uZfF12cPW_tZPsGlBhomIMIspoGUOz8tPzVOvTLcrPK_nyo5xqiIbHJwtA6UOuCa--PkY1E2xJy3kRw1FEqdeOLZxAbOMVjz1gVxDnmWtuuWUa-incZ_fAAN_NGBqGWNKQPHD-ExeTdQsxdUWf8P0RwX4vYcfzSoZvMnhlGUVdRycDemKqFcq_DNDSuXHGyI6trTwy5th7psTSOHreOm33MtZQJJSzuOQ4RONa4zBSlcSW5W69EmNeiIqksuGTqv3rmoMY3y04ldkoFO23aU0_daLBbPyLINQ4kq_jSDu-NW5Tf31FedXKoaxqfl1xZA8CAz79REzrx7A3-a37B70vhhYNpNIVDNbPsYlXtFbrNBFJErBnydXMYN0rH9k_ada-HLU7SUM7MIewYDiCV5hEfsr_YOJW2j_gCyE8gKC-lgMcYHQDBnCnLGZnY4n0SurPtVC69KbtouVhlSzezjiMtVKm75AsdazR5XDVn9SMOhUmeymP4IRsmOqrmOfkYlGBcrTUwl_4oV2sv1RccjK1s9GgBWH5nyHHRrRC5G2wvquw2mCJ2-8LRkuXEOrifoT7cvtnXhucUdKmI5R7bWPw8k8e-PIlJkSwQ7mblshRHnEwosS2aCdcxy-MwK8WxS7cwG-_eWNP-mqCOhd7vo0l3Qk9pmHFASogQ6MyjiZSVEGYmWTtv16YeKjy4jyv0HcSNeL6-9XrXLK-VyQRB14UfLg_5I4bx5i_uQJDPfZH3veSop96dNtUEH98CIbeoZlhOUiEDHSA22Xk-84Rn53PiVnh0F2nuBPPXNFGwI2q6ShD5VxZhGC3Sdm9VfIPSeGbQH3XLebzib_9fts_9IFeU8ua_4lWtDd_fBArfsGcD8sFlrnnBz_v2n8ms7k-s9EbSnzVCWIcaGK7E4VfnfnoholbfkKONcQiF1JI2Q4Ll03ILUZHzje78VPVJfEHQKMPtD0j-8hqchWGR5cuXRn339htYpzOp1-0gz3EzRSM0A9u1Li_GfDUVXKLnlrOr_JJ4mzpHHzWDcvgFKWt0OqHhjW8aTsNXwMDreNOXpzlQg0Lx35IZ_IVTWTW5M8wJMatFGBkfHtUp2nVzABexSMP3hXYtbfoPMjNZgqJ-2x-90ELt5CU5M26xbBbYLEUEaRYsqCIw5ck3Y9Hwuv9e3x1Z1PeD6Oa5U8IjvgQOYGrT9SjLCxz6hS3Y37cPuckwyjKFBkq7W_eMLAm8vKobE3&cid=CAQSTADUE5ymwQzFkZs3zyUAdLMcbtn-HcRtrxMWis1WYfoWKVWI5n_wmtGWXuM-WuQZGjnuGnfkJfsy_BPSs5Jv29paPDYoplG-7-DBErsYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.102.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f157.1e100.net

Software

cafe /

Resource Hash

ce5202067cf740a4ac3ef8aacdc0289a3bc524b7c12e060b1bec753caf095b7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16273
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0CB9 0
0 84ms
82ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6h1_kwoBZMvwOfPKmweVwaywAeLXw9huoImvtu8Qn4W90NUkEAEgkLCHE2CVgoCAtAegAan_5cYByAEFqAMBqgSSAk_QevVkRjfgjCJS8I4nedjMyOxzt_Z5w6E5viPWlEVEWfzGRG1y2yeEXjqW1KtlWn3BTnZYVQfvXSY-9374trT_a2TcvFzF3HrjPNZTjtzGEemXbN0NZ6y-N_pXZBkEnTeopJW4p7gLLJdUg8Eb0OMpbmIr_YEJbcCk2KwBZQluyr_fpStm7HZnewf0rtcTDjteRJyEFvAsl8WYmwyYVcCpYDOnlZmmmGCBreWDrgIOjhuOr7QNNAm8xtgKuJkjavkZ9TvoMJnczzRFwuQRml0-81WZYoSb3jXTuP4BvCwojRer4OOxePKHxIU7P39Qs0DqaBYtuZ9vNRTHsj5kGB1KAGO6JU1wSoJZLsNwJM4lOCHABOmP8u2gBOAEA4gFx7OHsUiSBQYIAxABGAGSBQYIGxADGAGSBQoIIhACGAFImKx8kgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAe_gJq5AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEK6-BhiN0fzeAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBsBOU0bESyBO5qeHhA9gTDYgUAdgUAdAVAYAXAbIXHAoaCAASFHB1Yi04ODQ3MDkyMzYyNzQ4MzY4GAA&sigh=b1z50eIFEIE&uach_m=[UACH]&cid=CAQSTADUE5ymwQzFkZs3zyUAdLMcbtn-HcRtrxMWis1WYfoWKVWI5n_wmtGWXuM-WuQZGjnuGnfkJfsy_BPSs5Jv29paPDYoplG-7-DBErsYAQ&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=530165087&adf=4093038968&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677789843&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677789843850&bpp=2&bdt=1202&idt=2&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=5jz26vLw3P&p=http%3A//smiles.iclou.com.br&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 20:44:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 20:44:04 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame C8B2 22 KB
9 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame C8B2 3 KB
1 KB 48ms
45ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame C8B2 20 KB
8 KB 51ms
46ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8B2 158 KB
48 KB 374ms
201ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 20:44:04 GMT

GET
H2 200 3d1f1376e308865cf68987b0ba581d94.js Show response
www.gstatic.com/mysidia/ Frame C8B2 34 KB
14 KB 198ms
54ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3d1f1376e308865cf68987b0ba581d94.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14319
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 00:22:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 30 May 2023 18:42:40 GMT

GET
DATA 200
OK truncated
/ Frame 0CB9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0999f19a3b93b8c5c104db9849603936a3cfb3f1431c0e03d74d8cc36d13066c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 30ff74cd17fac218005202762a48c647.js Show response
www.gstatic.com/mysidia/ Frame E9E6 10 KB
5 KB 112ms
52ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/30ff74cd17fac218005202762a48c647.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1677789843&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677789843152&bpp=1&bdt=504&idt=204&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=uoRojiQALu&p=http%3A//smiles.iclou.com.br&dtd=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf604d68a81b4f3042807e4f9561e19db4130802cad8c53b39549c383a86ff77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 13:00:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4407
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 30 May 2023 13:00:41 GMT

GET
H2 200 99dc865e115b275ae9421eebd8589b76.js Show response
www.gstatic.com/mysidia/ Frame E9E6 10 KB
5 KB 162ms
103ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/99dc865e115b275ae9421eebd8589b76.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b7ed369c9ae686938e7c88b6252eafd6650c76c61e0f749c95d4c8687b35cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:15:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4662
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 30 May 2023 07:15:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E9E6 8 KB
895 B 57ms
51ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 20:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 19:21:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 20:44:04 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame E9E6 2 KB
765 B 49ms
46ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame E9E6 22 KB
9 KB 46ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame E9E6 3 KB
1 KB 50ms
47ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame E9E6 20 KB
8 KB 53ms
48ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E9E6 158 KB
49 KB 204ms
120ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 20:44:04 GMT

GET
H2 200 3d1f1376e308865cf68987b0ba581d94.js Show response
www.gstatic.com/mysidia/ Frame E9E6 34 KB
14 KB 60ms
58ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3d1f1376e308865cf68987b0ba581d94.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14319
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 00:22:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 30 May 2023 18:42:40 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/ 150 KB
51 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb2acc252c27c705c45d6416529ca9d288d8a108eca93d2a548b8526287818bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52089
x-xss-protection: 0
server: cafe
etag: 7979383033217568821
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 20:44:04 GMT

GET
DATA 200
OK truncated
/ Frame C8B2 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1c96ab2389b9943d515afe71cbea944b3e1817b128a49cfa1847338968ab23e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 0CB9 0
54 B 422ms
200ms Ping
image/gif 2607:f8b0:4007:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=3~lerkr5i6&c=7849246859469&slotId=3924623429734.5&qqid=CIuGoJ2Ovv0CFXPl5godlSALFg&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:814::2003 Las Vegas, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 20:44:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 0CB9 41 KB
15 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 04:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145539
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 04:18:25 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-4g5lzner.c.2mdn.net/videoplayback/id/a3d1b5ecaa4a0ba0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818572274/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 0CB9
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/a3d1b5ecaa4a0ba0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818572274/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r1---sn-4g5lzner.c.2mdn.net/videoplayback/id/a3d1b5ecaa4a0ba0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818572274/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

242ms
41ms

Fetch
video/mp4

2a00:1450:4001:15::6

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lzner.c.2mdn.net/videoplayback/id/a3d1b5ecaa4a0ba0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818572274/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7889D16ECADCB01CD2504464B087607D90BD2572.8493DC6D5E34F6F46C9C42BC60B1B95858109FF2/key/cms1/cms_redirect/yes/mh/s7/mip/2a01:4a0:1338:92::7/mm/42/mn/sn-4g5lzner/ms/onc/mt/1677788370/mv/u/mvi/1/pl/36/file/file.mp4

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

HTTP/1.1

Server

2a00:1450:4001:15::6 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 20:44:05 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4489784
Last-Modified: Thu, 19 Jan 2023 10:29:30 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Thu, 02 Mar 2023 20:44:05 GMT

Redirect headers

date: Thu, 02 Mar 2023 20:44:05 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-4g5lzner.c.2mdn.net/videoplayback/id/a3d1b5ecaa4a0ba0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818572274/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7889D16ECADCB01CD2504464B087607D90BD2572.8493DC6D5E34F6F46C9C42BC60B1B95858109FF2/key/cms1/cms_redirect/yes/mh/s7/mip/2a01:4a0:1338:92::7/mm/42/mn/sn-4g5lzner/ms/onc/mt/1677788370/mv/u/mvi/1/pl/36/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame B13F 23 KB
9 KB 47ms
46ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33729
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 11:21:55 GMT
expires: Fri, 01 Mar 2024 11:21:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E9E6 0
0 97ms
96ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkXoBkwoBZJjHGI271gaf7a1ApJLbom-F8KWCiRHyvIKBwAUQASCQsIcTYJWCgIC0B6ABlZLhxAPIAQGpAgE20gBfybE-qAMByAPLBKoE5AFP0LHD_2doGDcVyrNVaBRwl5b7OMbliunPyZW14ZavQ7812SNKrp8IwTlTNS6H5i6b_274ocQtL5cneO5cC4I8MCFhJCHC8gM3b0lRU4MnDI266sZHz_mwdRsGGaXfW8waetcNKpnxfSoftmFDmwQ1-x1pcHGbqBCMiRAQWHMueSIfaLo1qAOdNF6fbjx3vjM9f_pzKnttDLpg1qTAQt_Q1SimV3J38vd66DUQGYAVXSDU7quMz6eqDSQtsd9rZZuv_IcmjtXVeeFyHCzCJiQR64ZnkcgNbkrnPVIv719h70h6C0nABOrX1vXFA5IFBAgEGAGSBQQIBRgEgAfT7Z47qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQysxq0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItODg0NzA5MjM2Mjc0ODM2OBgA&sigh=md3NoeHEKjQ&uach_m=[UACH]&cid=CAQSGwDUE5ymFr1yyNG4B86BNQcy-5kKvnXQQCHf6hgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1677789843&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677789843152&bpp=1&bdt=504&idt=204&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=uoRojiQALu&p=http%3A//smiles.iclou.com.br&dtd=207
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 20:44:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E383 143 B
166 B 43ms
41ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1677789843&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677789843152&bpp=1&bdt=504&idt=204&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=uoRojiQALu&p=http%3A//smiles.iclou.com.br&dtd=207
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3426
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 19:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E9E6 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aee19b0b7300c0fb39ae40d584d1f44ac815826a9ddaeca9f50c599baf8366c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 54ms
54ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 56ms
55ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/ Frame B549 10 KB
4 KB 43ms
40ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 19:41:19 GMT
etag: 2378337311435320485
expires: Thu, 16 Mar 2023 19:41:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/ Frame 01BF 10 KB
4 KB 52ms
51ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 19:41:19 GMT
etag: 2378337311435320485
expires: Thu, 16 Mar 2023 19:41:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/ Frame 76CD 10 KB
4 KB 77ms
67ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 19:41:19 GMT
etag: 2378337311435320485
expires: Thu, 16 Mar 2023 19:41:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js Show response
pagead2.googlesyndication.com/bg/ Frame B13F 36 KB
14 KB 86ms
44ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4a8046f43db9161bd82e0dff8b0589e3d6ccd909b9ed5c44335aefbea7da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:32:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14343
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 18:32:08 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E383
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

66ms
60ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 20:44:05 GMT
expires: Thu, 02 Mar 2023 20:44:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 20:44:05 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 30ff74cd17fac218005202762a48c647.js Show response
www.gstatic.com/mysidia/ Frame B549 10 KB
4 KB 65ms
57ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/30ff74cd17fac218005202762a48c647.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf604d68a81b4f3042807e4f9561e19db4130802cad8c53b39549c383a86ff77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 13:00:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4407
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 30 May 2023 13:00:41 GMT

GET
H3 200 a7d0470ddcd0fa42353fa3e1ef0d9bb3.js Show response
www.gstatic.com/mysidia/ Frame B549 11 KB
5 KB 63ms
55ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a7d0470ddcd0fa42353fa3e1ef0d9bb3.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe210f25ffa8cb8180963416babbda9ef2f1f09110e99405e70a6a3d4ed2cff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 13:00:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4818
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 30 May 2023 13:00:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B549 8 KB
895 B 89ms
84ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 20:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 20:06:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 20:44:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame B549 2 KB
765 B 52ms
48ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame B549 22 KB
9 KB 54ms
50ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame B549 3 KB
1 KB 55ms
51ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame B549 20 KB
8 KB 56ms
52ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B549 158 KB
49 KB 137ms
133ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 20:44:05 GMT

GET
H3 200 3d1f1376e308865cf68987b0ba581d94.js Show response
www.gstatic.com/mysidia/ Frame B549 34 KB
14 KB 62ms
59ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3d1f1376e308865cf68987b0ba581d94.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14319
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 00:22:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 30 May 2023 18:42:40 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 01BF 4 KB
621 B 81ms
78ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 20:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 20:00:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 20:44:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 01BF 2 KB
765 B 70ms
66ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame 01BF 22 KB
9 KB 74ms
71ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 01BF 3 KB
1 KB 76ms
73ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 01BF 20 KB
8 KB 75ms
72ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 01BF 158 KB
48 KB 184ms
178ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 20:44:05 GMT

GET
H3 200 3d1f1376e308865cf68987b0ba581d94.js Show response
www.gstatic.com/mysidia/ Frame 01BF 34 KB
14 KB 74ms
71ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3d1f1376e308865cf68987b0ba581d94.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14319
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 00:22:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 30 May 2023 18:42:40 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 17AF 77 KB
25 KB 237ms
235ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677789845&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677789845083&bpp=2&bdt=2435&idt=2&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280%2C1005x124%2C180x500%2C180x360&nras=4&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&psts=AD37Y7tzSAxGUGougtvZCrWFXKft9f5L-41sQlIIoe40BhSeb_h0qbBkVGHzmMH6xqSzsLI_jvGcLLWRF7BJb_tuEg%2CAD37Y7u56YM4OAfDCUBCwTqxxliaEGTMtifVuW95jY6Bcr56RXFGsWdpRTaxBtMUoRVDfxedwcM4Hqig7n9B46M%2CAD37Y7tULERFx1sNlYONmq9eNnobOp4hM4H_ER7VGITjIQHKtdHCTaB0w3STXTm2shbuQMSCw31UQUxpZCjsdtk&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=JMJtJbwmnF&p=http%3A//smiles.iclou.com.br&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bce2557e101627ef4695d74ff1dcd7ddfbe992aede3578746e9ee10c0890ae2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 25509
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 20:44:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 76CD 2 KB
765 B 42ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame 76CD 22 KB
9 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 76CD 3 KB
1 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 76CD 20 KB
8 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 76CD 158 KB
48 KB 140ms
140ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 20:44:05 GMT

GET
H3 200 3d1f1376e308865cf68987b0ba581d94.js Show response
www.gstatic.com/mysidia/ Frame 76CD 34 KB
14 KB 53ms
52ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3d1f1376e308865cf68987b0ba581d94.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14319
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 00:22:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 30 May 2023 18:42:40 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 610C 624 B
242 B 84ms
79ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNUvzdRS0iV5Lqff_8zkL3Pd6To_9toY0wEkTL3RJI0Jn0OgdxI8uYBNekpKFH7PzWVYi4E5YnS_bGcqVvYyPOkcIvU12CngtXJ9QKy3A3Q2BI_cSxyT9vJv-_cOdQNvr2097xCxHy7jcQ3bUi1sENObNZ-uQrcO2z4XSji6NODRSXWaZms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677789844&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677789844584&bpp=1&bdt=1936&idt=-M&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sFQIBunTGM&p=http%3A//smiles.iclou.com.br&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677789844&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677789844584&bpp=1&bdt=1936&idt=-M&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sFQIBunTGM&p=http%3A//smiles.iclou.com.br&dtd=7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 20:44:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 45F6 78 KB
27 KB 129ms
125ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677789844&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677789844584&bpp=1&bdt=1936&idt=-M&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sFQIBunTGM&p=http%3A//smiles.iclou.com.br&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 20:44:05 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 45F6 3 KB
1 KB 44ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677789844&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677789844584&bpp=1&bdt=1936&idt=-M&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sFQIBunTGM&p=http%3A//smiles.iclou.com.br&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 45F6 20 KB
8 KB 45ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677789844&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677789844584&bpp=1&bdt=1936&idt=-M&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sFQIBunTGM&p=http%3A//smiles.iclou.com.br&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 45F6 0
0 76ms
73ms Image
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRumGIUDl5vIzfvrlTjyNoiYYE1CDRFJwp_FQAI2nRW7gi2m744GbpDtA-XP-J1FYhzgCPSHXii4ovyCkmykow5nVMFyg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677789844&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677789844584&bpp=1&bdt=1936&idt=-M&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sFQIBunTGM&p=http%3A//smiles.iclou.com.br&dtd=7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 45F6 158 KB
48 KB 112ms
110ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677789844&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677789844584&bpp=1&bdt=1936&idt=-M&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sFQIBunTGM&p=http%3A//smiles.iclou.com.br&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 20:44:05 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 45F6 42 B
63 B 76ms
73ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cb9UT_CD3y7Ie4obF0njso_9Ya1Lx8cW4x3_hVjvnlKMi5jE2HW48jpy2ZK0bKYmSWa2tc260_fnHxoRdDt4Mpq_bBFFqC_2D80nete9uJsziVdh8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677789844&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677789844584&bpp=1&bdt=1936&idt=-M&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sFQIBunTGM&p=http%3A//smiles.iclou.com.br&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 20:44:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 45F6 0
20 B 78ms
75ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5264984038530071973&x=1&ct=76

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677789844&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677789844584&bpp=1&bdt=1936&idt=-M&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sFQIBunTGM&p=http%3A//smiles.iclou.com.br&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 20:44:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C8B2 16 KB
16 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:21:08 GMT
x-content-type-options: nosniff
age: 55377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 05:21:08 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame E9E6 28 KB
28 KB 46ms
46ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:36:43 GMT
x-content-type-options: nosniff
age: 4042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 19:36:43 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame 17AF 22 KB
9 KB 50ms
47ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677789845&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677789845083&bpp=2&bdt=2435&idt=2&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280%2C1005x124%2C180x500%2C180x360&nras=4&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&psts=AD37Y7tzSAxGUGougtvZCrWFXKft9f5L-41sQlIIoe40BhSeb_h0qbBkVGHzmMH6xqSzsLI_jvGcLLWRF7BJb_tuEg%2CAD37Y7u56YM4OAfDCUBCwTqxxliaEGTMtifVuW95jY6Bcr56RXFGsWdpRTaxBtMUoRVDfxedwcM4Hqig7n9B46M%2CAD37Y7tULERFx1sNlYONmq9eNnobOp4hM4H_ER7VGITjIQHKtdHCTaB0w3STXTm2shbuQMSCw31UQUxpZCjsdtk&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=JMJtJbwmnF&p=http%3A//smiles.iclou.com.br&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 17AF 8 KB
716 B 55ms
52ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677789845&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677789845083&bpp=2&bdt=2435&idt=2&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280%2C1005x124%2C180x500%2C180x360&nras=4&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&psts=AD37Y7tzSAxGUGougtvZCrWFXKft9f5L-41sQlIIoe40BhSeb_h0qbBkVGHzmMH6xqSzsLI_jvGcLLWRF7BJb_tuEg%2CAD37Y7u56YM4OAfDCUBCwTqxxliaEGTMtifVuW95jY6Bcr56RXFGsWdpRTaxBtMUoRVDfxedwcM4Hqig7n9B46M%2CAD37Y7tULERFx1sNlYONmq9eNnobOp4hM4H_ER7VGITjIQHKtdHCTaB0w3STXTm2shbuQMSCw31UQUxpZCjsdtk&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=JMJtJbwmnF&p=http%3A//smiles.iclou.com.br&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 20:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 20:05:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 20:44:05 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/ Frame 17AF 14 KB
3 KB 55ms
52ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677789845&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677789845083&bpp=2&bdt=2435&idt=2&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280%2C1005x124%2C180x500%2C180x360&nras=4&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&psts=AD37Y7tzSAxGUGougtvZCrWFXKft9f5L-41sQlIIoe40BhSeb_h0qbBkVGHzmMH6xqSzsLI_jvGcLLWRF7BJb_tuEg%2CAD37Y7u56YM4OAfDCUBCwTqxxliaEGTMtifVuW95jY6Bcr56RXFGsWdpRTaxBtMUoRVDfxedwcM4Hqig7n9B46M%2CAD37Y7tULERFx1sNlYONmq9eNnobOp4hM4H_ER7VGITjIQHKtdHCTaB0w3STXTm2shbuQMSCw31UQUxpZCjsdtk&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=JMJtJbwmnF&p=http%3A//smiles.iclou.com.br&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114634
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 11:39:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 12:53:31 GMT

GET
H2 200 outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/ Frame 17AF 376 KB
128 KB 57ms
54ms Script
text/javascript 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677789845&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677789845083&bpp=2&bdt=2435&idt=2&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280%2C1005x124%2C180x500%2C180x360&nras=4&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&psts=AD37Y7tzSAxGUGougtvZCrWFXKft9f5L-41sQlIIoe40BhSeb_h0qbBkVGHzmMH6xqSzsLI_jvGcLLWRF7BJb_tuEg%2CAD37Y7u56YM4OAfDCUBCwTqxxliaEGTMtifVuW95jY6Bcr56RXFGsWdpRTaxBtMUoRVDfxedwcM4Hqig7n9B46M%2CAD37Y7tULERFx1sNlYONmq9eNnobOp4hM4H_ER7VGITjIQHKtdHCTaB0w3STXTm2shbuQMSCw31UQUxpZCjsdtk&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=JMJtJbwmnF&p=http%3A//smiles.iclou.com.br&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 23:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131380
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 11:39:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 23:00:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 17AF 20 KB
8 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677789845&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677789845083&bpp=2&bdt=2435&idt=2&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280%2C1005x124%2C180x500%2C180x360&nras=4&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&psts=AD37Y7tzSAxGUGougtvZCrWFXKft9f5L-41sQlIIoe40BhSeb_h0qbBkVGHzmMH6xqSzsLI_jvGcLLWRF7BJb_tuEg%2CAD37Y7u56YM4OAfDCUBCwTqxxliaEGTMtifVuW95jY6Bcr56RXFGsWdpRTaxBtMUoRVDfxedwcM4Hqig7n9B46M%2CAD37Y7tULERFx1sNlYONmq9eNnobOp4hM4H_ER7VGITjIQHKtdHCTaB0w3STXTm2shbuQMSCw31UQUxpZCjsdtk&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=JMJtJbwmnF&p=http%3A//smiles.iclou.com.br&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:29:31 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 17AF 0
0 73ms
72ms Image
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTdTMPsKIdqkECFIgZ_smXnWBJCunAsKS33-soxVIU60kX4e7WG0_ToKSWGMjO4EWEupDv3EGcoTsuizGNwpj_YR7Y8Ww
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677789845&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677789845083&bpp=2&bdt=2435&idt=2&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280%2C1005x124%2C180x500%2C180x360&nras=4&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&psts=AD37Y7tzSAxGUGougtvZCrWFXKft9f5L-41sQlIIoe40BhSeb_h0qbBkVGHzmMH6xqSzsLI_jvGcLLWRF7BJb_tuEg%2CAD37Y7u56YM4OAfDCUBCwTqxxliaEGTMtifVuW95jY6Bcr56RXFGsWdpRTaxBtMUoRVDfxedwcM4Hqig7n9B46M%2CAD37Y7tULERFx1sNlYONmq9eNnobOp4hM4H_ER7VGITjIQHKtdHCTaB0w3STXTm2shbuQMSCw31UQUxpZCjsdtk&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=JMJtJbwmnF&p=http%3A//smiles.iclou.com.br&dtd=13
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 4555314790599857429
tpc.googlesyndication.com/simgad/ Frame B549 3 KB
3 KB 52ms
50ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4555314790599857429?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3363af8f57042aa97c25136dfedfb50c82657ffd86d4a60e92494b6c7a6b2da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:12:08 GMT
x-content-type-options: nosniff
age: 138717
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3021
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 15:07:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Feb 2024 06:12:08 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B549 0
0 86ms
85ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEi5skwoBZKe9FoWqxwLb0KiwCcDmyfRu9J77iNoQoY-N-pMOEAEgkLCHE2CVgoCAtAegAbv7wtkDyAEBqQLRzaGzwMyxPqgDAaoE4wFP0CAvXC7bUMIWdkEq4d32DyLHf6kA9UI7tMHx79GsTJvUeSxka13-jrJie4nwXObRGPf8xLmlEAhHpuja9UteDzod-tE4yEzY6rq_wHBxyxPPlLytlVwFC6eFY0KoNOZR6p-qyxsII3L1J7k1Dx2ZGHPio2Q84R_5bzXR4Vu55Is3lk_H3wVr-b-xXdCHAOwvbRTy6gnt7VtywKlx2IebvPXcD1s_oygWBFdmC-YNt3WrZlvSYMZuyaZGlCitR_dJEF8Ru2BCpXqWS_Je7tj4DxMd7kaK7TQNvaNpXOKRPPTpusAE3ce_iPkDkgUECAQYAZIFBAgFGASAB6bduCOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCJ1XnSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC9AVAYAXAbIXHAoaCAASFHB1Yi04ODQ3MDkyMzYyNzQ4MzY4GAA&sigh=_-PdGMF3wXQ&uach_m=[UACH]&cid=CAQSGwDUE5ymicDSUD4rQr3SeXWa34VpS9G2CeoZKhgB&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 20:44:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C31B 143 B
166 B 51ms
43ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3427
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 19:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B549 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60e1069667daba2511eb0b7dc17a29604029127998f853c7263d5da9eb4db597

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 206 file.mp4
r1---sn-4g5lzner.c.2mdn.net/videoplayback/id/a3d1b5ecaa4a0ba0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818572274/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 0CB9 1 MB
0 92ms
44ms Media
video/mp4 2a00:1450:4001:15::6

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:15::6 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range: bytes=0-

Response headers

expires: Thu, 02 Mar 2023 20:44:05 GMT
date: Thu, 02 Mar 2023 20:44:05 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4489783/4489784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4489784
last-modified: Thu, 19 Jan 2023 10:29:30 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 610C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkAeitjBQHlgJ6llzX-7MU&google_cver=1

43 B
766 B

62ms
62ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkAeitjBQHlgJ6llzX-7MU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNUvzdRS0iV5Lqff_8zkL3Pd6To_9toY0wEkTL3RJI0Jn0OgdxI8uYBNekpKFH7PzWVYi4E5YnS_bGcqVvYyPOkcIvU12CngtXJ9QKy3A3Q2BI_cSxyT9vJv-_cOdQNvr2097xCxHy7jcQ3bUi1sENObNZ-uQrcO2z4XSji6NODRSXWaZms
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 20:44:05 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 20:44:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkAeitjBQHlgJ6llzX-7MU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 610C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAEKlfrrBnBhTahgMqxwOAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkAeitjBQHlgJ6llzX-7MU&google_cver=1

43 B
766 B

59ms
45ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkAeitjBQHlgJ6llzX-7MU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNUvzdRS0iV5Lqff_8zkL3Pd6To_9toY0wEkTL3RJI0Jn0OgdxI8uYBNekpKFH7PzWVYi4E5YnS_bGcqVvYyPOkcIvU12CngtXJ9QKy3A3Q2BI_cSxyT9vJv-_cOdQNvr2097xCxHy7jcQ3bUi1sENObNZ-uQrcO2z4XSji6NODRSXWaZms
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 20:44:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 20:44:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkAeitjBQHlgJ6llzX-7MU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 610C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAc6CbANULqb8Jd-PdrvmHY&google_cver=1

43 B
1 KB

120ms
46ms

Image
image/gif

185.83.142.19

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAc6CbANULqb8Jd-PdrvmHY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNUvzdRS0iV5Lqff_8zkL3Pd6To_9toY0wEkTL3RJI0Jn0OgdxI8uYBNekpKFH7PzWVYi4E5YnS_bGcqVvYyPOkcIvU12CngtXJ9QKy3A3Q2BI_cSxyT9vJv-_cOdQNvr2097xCxHy7jcQ3bUi1sENObNZ-uQrcO2z4XSji6NODRSXWaZms

Protocol

HTTP/1.1

Server

185.83.142.19 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 20:44:05 GMT
AN-X-Request-Uuid: 790e2ee2-4bbb-49f3-a1e5-13386eab2d69
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 20:44:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAc6CbANULqb8Jd-PdrvmHY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 610C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3NjAyNjg3NTczMzYzNzE0NA%3D%3D

170 B
243 B

76ms
75ms

Image
image/png

142.251.39.66

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3NjAyNjg3NTczMzYzNzE0NA%3D%3D

Requested by

Protocol

Server

142.251.39.66 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 20:44:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 20:44:05 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 81e7e926-0aa5-40e2-b58d-8c46313e09e8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3NjAyNjg3NTczMzYzNzE0NA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 01BF 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame 01BF
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

48ms
47ms

Image
image/png

2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:05:25 GMT
x-content-type-options: nosniff
age: 5920
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Mar 2024 19:05:25 GMT

Redirect headers

date: Thu, 02 Mar 2023 04:37:50 GMT
x-content-type-options: nosniff
server: cafe
age: 57975
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 01 Apr 2023 04:37:50 GMT

GET
DATA 200
OK truncated
/ Frame 01BF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ce28c45d8017db8cc043a676a050a5079f5ced1bf29490307c8ad1ba4f133c3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 01BF 0
18 B 111ms
110ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUrVSkwoBZKi9FoWqxwLb0KiwCe2SqqFuvYqb5JsP-fufl8ouEAEgkLCHE2CVgoCAtAegAbC6odcDyAEJqQLRzaGzwMyxPqgDAcgDywSqBOMBT9CxWuOb8F_Di3-GQv1VTf_PL62QjInfa0h5dGy14CDNrIQfUw8HIqPQyB6j3Gk7cW5x_fK3taejACrsU3UqYzWTJjSw595bDhXSRSYq7V-v9i83R3Rtizf7cgzN1-qZLjVuTzd-mRwdHulkfUOVjZX_UQcXuPP4GN888pyFzrKM0vXAFOVEwIIiLTgm69TOYxntDPQJ-OYgmoOLLDkL1X601OR25Cfu2B60B3Hp85A4TyFv_C_Sz5Ne8rWsn_79NqKYiUgFPLvokWttXxdJnELQLfgGKhF0Hjxa7EezNSmRcT3ABKmnr7vzA5IFBAgEGAGSBQQIBRgEoAYugAfF960-qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEIOEI9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTg4NDcwOTIzNjI3NDgzNjgYAA&sigh=bTeIPrMrMo4&uach_m=[UACH]&cid=CAQSGwDUE5ymicDSUD4rQr3SeXWa34VpS9G2CeoZKhgB&template_id=494&vis=1

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 20:44:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C9B 36 KB
14 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:03:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 19:03:18 GMT

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
pagead2.googlesyndication.com/bg/ Frame 0E95 36 KB
14 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:03:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 19:03:18 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 45F6 0
20 B 80ms
80ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=58502508168&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 20:44:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 45F6 0
20 B 80ms
77ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=58502508168&version=m202301230201&ct=76&x=1&cor=5264984038530072000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 20:44:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame 45F6 95 KB
38 KB 90ms
86ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BlIFif50965mPhZhfHxXzAl7AGZMWGMZSctXGPTUzh8RZg4gIjAoKG3ST6EEvDIdc089gXFTmAkeqpavZ22ZtPhm9qKtplEvo8CVnyKjUUZVpK9OLKGA9WJgW2yGn6LHsoTaZ-W_ZvzbegWAxNKlXr7FH4iB-ffSaTvEWbiCSYIdbpBAk&dbm_d=AKAmf-BEpLZjd5iVThgrqZQOj6210URqOlwVCl2gN8XKVaC_rY0XPfSHkI5y-TWvSzcOQ3gyjapfp7RtdeK4G5-f5Uemrf2r7piBfN-5QmnfhwOgaK3DsQ0EPPCE9SKQdP0PoPaevFd3F6_mzNKAxFqgj0kuiJVqLcKmhsPj_yKO_1MpYpkd-SqWdaWtESUqlulLmF58_Ayt6Q88KvVuO9ocNQwCdqk3m8kgjLaLIN-TAYRB1pfG62FBcfJEomVvF-X4bJpuX6JS0fGVHclgw8nTR53Q341Tt2N7UGfg7Xc--mt07QDjBo_vy16Yi_IhMQbKpQgTrKIhrEQLSgys_8JJ1C49Ke9AqXZZOrBYJkQk9mWn6A8xCEsUnycTpacZFsuhTC7Ap4MRoit7FnHerhwsox8nDa7-EX1hNflx3DsxMero04vlT0BtxLeGqNnZ0w6qCWZQsV3HOkhQdaw0uFnYW9Tn07qU7ja-meVbTGkVnA4VzDfuG-Lhj7EmNmJlKpKDSPDWjN3RiENK-l8DZBrRvJP1Hr_f9wNbOVEwXKlUa0o2-wbFcBdVA3HqQJvqMo2TWwGnVzyCC_IdDRnjlZhi5F5mnoD6PBUfwQODqs_RkIxQjrlG-LLlpnq3JKll3f6Norr7J5Zn9GwMXyXUaHrShtW7ybiB1ksF6gVteBDiPWZKVxtQ0XzFb8iZcBoxTDkHLdekTuaqPDCTNKrs68S2HVSJtx9BO10H3JJ0CLMeXUigCjMxf5ZR9Mnkl5yVsJhUDfb1_syzkkqOrSr4bkBQnc_Ir92L68yUAKhFcJQ_l6rjZuNJ0_kXNbvavpabPPWh3aAthKyLGASNedZ_IKsHs7ERKtyxgHinhtdUEAHRzJfZC_tXWpx5OqtasvSzUUYqsK5GAOcGACwNlh7N5_jaOLaKspHyYhsS_QbyfZChIxPJPbaP3CmRgRTUSrM2aHCzWSgPSxTGHMjYt83Y-GRAUNgvumzs7SG8c9_kWGbRpk2y_b_MZidQaSIi3qsp77aSv7hViDbwmM_UGQJQyPKOfpiplA3ZkG6eDfLjQXJYHhkV4HbFXi3Zbxj3lEQ3pIbNs45AZK6_1vP7k9G_b-56LNVfOemftXRWEMa6SP6uK8zVtmJXQ47dpAK76REgyC6MSm7jCCg90NGXDdJgdK54Zf0nijeAILr9jxSlg9cYtNHcyT8PAXkueJXcWNg1WK7lnnga60pw1HgYCUja3mNosnh-fnePFoVs_ukUpQBNnM0ep5SDrJI_fVD5LALSOxV-n-t8FGocc9eEFe4GOn56AcPPECbB93rD76I1lJm_ksuyRqz3IXFPHIl1-U23RevFMBBADWYYjY0HXB4JV_sMQieIK2a0JdkC0r0P9rKB0aXfz_7_emMiGe1TKRyVOrKn2h2CjQLaG13uAhHI8E8UNplZIXppkUnE-Hie-cqPTZ64nZvnh5ZhewckslSm1nFFQDKD7WWjTNc9Sh1cZZJ-t4kglP_lWUfGBg5mN4CY1yuquSHojxti0f0QFnq6pexn_ZSDh1EODXK5HogAKJD2a36TJWO0UZAneZN4wPqQmvB-HOBpDp127L9_77l7rr8qmfBxM4E0x6L2GAE_YPUQvop7tMnX9ccT6gjA4uewZCSmp3hDDBUvE13-b_QOOishCX6gw48eBioFCueAqNiByOB2mFj-caJzmFUXbpuwzDLif008ifj6m7rSxvQG55KnYosyjHyNDB4gUmv3d7SUp07rV6SkDcD1iv71O9xw7mCraudoopctqmNA6DSkAxvH4GdzCYGENYyAAaixRkkEFM7-_ngTt5Yrw7HWQaSBgMAmWteiKhO-uz1ncw-4EPEYSxruLohkFs2JzZ6-vMg_E8zmSafdHyxEhOrxA00ZyQHPEFhj_DMbqL1CA-70k2g_cdPp9rzUb-NTi8NwsVRogUFrnzMbPRFQgwN3fZWnC_O1750NkLXw9v0JPoTUwfgnPGgWu3IhUkgto5yf07HqsjN6Y9d-cbMnVH-z_OYUrXKtCPMtKkzoJPYue3hbeV9THqaZQQYPPt_1n9QjI8XpOd1hhwVhte3-DNuVhIaSf2KYwSwy9PGxg71xnG65j3qdTlZDoY6LfNDaphYEWh-F_uvRCps5AKd05Msf83H3nlyN0IB8rINx927V_NdOa7przYhxYNnMWs3O5VQ1dWXYORNWxjBh0frT0F4JGRDTlKLCo62SG82oAyH__HPOEyLHYyON26TWj0x4JKHtTS1vbeYNu6t1Gcdrvi65eZwnzdVRruKAEE6807C9dIcKy4p9Mu7YZKtUM1id1sQFn4_L60dyfRq15KQtOzM8R906M4329uxjBKyXn0MtvVfI7sxLHzpzO07a0JIzMX45h3yuiysrQ_aAE3QT0Z9Jnw4zFn1gcLMaE6q1os8jk4_VX-ZznLnV-py59icTY4ns-XtcC6jQV_wunO24BrGcC5Pki78wvd0hHvXkPqnbLJ_xii9TAS0y2MaORynaAugSKXHvOmvtc0FK53UCaS24R_Uum3grI27tEF4MclKxEkzhzosDK9XB0wws3n4CkBSMThEACUHtsMwqr4J8FACPlNFuhWflvcdIGGBGTcGuFHqUNN_joQcZnraOY-W0k1UiPl-JibLtahzUFvyPc_zOl5sgqzjy8fgrLPj_XtIF1IxxSbyYaYr6A5Ww17u2q8aNvQhIB-h4vWYXjm-_JGU3YaV9TmKDQ0IUWFwtSSbztshLNw2mgCLxhnrTSEWGHgkOepFacVssKT400gPpEJsxyeRSb1vcMD6_Itpq0pS9W2sc8en1o7lwSrr2eg6lr1qNKjKWBPAiiKcjPmAn6wtrKoVZaVDp05NalETK9Fmf1MHAJrRXoS-7FSwBWMv-ecfhUeRnBSkPEOredHqxPxIMx9EF5rsBsbMnGz4Kex56j81VsHcBu4bw4WTiVfHbgm7GQZ20uBeTAZjwVC5XlZLB5dTZ9TxHROFlPU1tskVCduC1coOwclLZKvcBMRfSo6L6lQqs4o6tkrVO-q45u_yF0gnSAphHEFHYQEtRWEzsOUDdpzWmy5U1k-B4-7AaL54dGfQcyLI7FInq8aZwjmXsepXjpM7KAsl4wSGyptONnI8WO9jodC8m0i4RsZ_iviV60w-QYwn7P-P-RuvL__wnKGPs0EkYoNY_UP9l0WkEHHU4H17I46fv3q_3GwbzI370oa8bkXWxijkW2-NMdXDPGDv3vYRgpaypbuz6YGYr_xdLpqOX5zfykcEk8gaCv0g3RqUctY9S7X2r_RLF0rlbSA4yeLZ_Jt6e314uV88tOkh2MfK3ywYTg2HH_bETsgZ2_T1qy7M8OFAvFaDFTvHbiPm4YXiQk8TjLKeb4DU64NXwvoU_CLbbWtNE&cid=CAQSPADUE5ymgzSN8YqA239pyrcSv-rW6U9e2B7ZWUN4yx-qzHppaRDQnaEJqKXvstikIlqb03q_r2lsmu52QRgB&dv3_ver=m202301230201&rfl=http%3A%2F%2Fsmiles.iclou.com.br%2F&ds=l&xdt=1&iif=1&cor=5264984038530072000&adk=1726166460&idt=148&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1677789844&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1677789844584&bpp=1&bdt=1936&idt=-M&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sFQIBunTGM&p=http%3A//smiles.iclou.com.br&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 20:44:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38436
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
pagead2.googlesyndication.com/bg/ Frame 3F57 36 KB
14 KB 50ms
47ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: contatonline.com
URL: http://contatonline.com/?Axr8vI9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:03:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 19:03:18 GMT

GET
H3 200 9270407986603991150
tpc.googlesyndication.com/daca_images/simgad/ Frame 76CD 13 KB
13 KB 116ms
110ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/9270407986603991150?w=180&h=360

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:05 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13277
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 01:31:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Mar 2023 20:44:05 GMT

GET
DATA 200
OK truncated
/ Frame 76CD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame C31B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

81ms
64ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 20:44:05 GMT
expires: Thu, 02 Mar 2023 20:44:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 20:44:05 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
pagead2.googlesyndication.com/bg/ Frame 7FD0 36 KB
14 KB 44ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: contatonline.com
URL: http://contatonline.com/?Axr8vI9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:03:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 19:03:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 76CD 0
18 B 95ms
94ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cav0fkwoBZKm9FoWqxwLb0KiwCbu98qlt0e6s4vEQlMv64J4OEAEgkLCHE2CVgoCAtAegAa_4lPwCyAEBqQLRzaGzwMyxPqgDAcgDywSqBPABT9CQug7nuJra8F8mq6nLcJpz_VMfwoDDZGbADFWCuMaQmjie_aApL0WcfnOqM4K6anHIin1qTXeDCD32FFyIfDmhKpxJVAfl7K2P8I34FVX5WhGUri66WTE8rp6ueGwQtPcM3GJi1zuVLBA9DajMdEV09kH6M55BQp2ztR1EOtgDX9wQl2nNNqJkYtLf__PSzi0fgMxwiEUb6PVrMvXg_yW0IhMkIVt8BBxSDfHtiQjPTijmot4YTFCQz3-bxTIv9s4JuSte5VJM_nMNObtkdFonfphOBRkKW_YsJ-pAA9PywNfzMgyZsQvWlsEwl3TowASj4Mb1qgSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHuYfrgwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD9-w_SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi04ODQ3MDkyMzYyNzQ4MzY4GAA&sigh=esFi6ReVWuE&uach_m=[UACH]&cid=CAQSGwDUE5ymicDSUD4rQr3SeXWa34VpS9G2CeoZKhgB&vis=1

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 20:44:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 17AF 0
54 B 214ms
196ms Ping
image/gif 2607:f8b0:4007:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=1~lerkr6cf&c=3291910163360&slotId=1645955081680&qqid=COTg6J2Ovv0CFYa4UQodSuEPeg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44731965%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:814::2003 Las Vegas, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 20:44:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 17AF 15 KB
16 KB 60ms
48ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 09:37:51 GMT
x-content-type-options: nosniff
age: 558374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Feb 2024 09:37:51 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 17AF 15 KB
15 KB 67ms
54ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:29:06 GMT
x-content-type-options: nosniff
age: 328499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Feb 2024 01:29:06 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 17AF 0
20 B 95ms
83ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C9M3YlQoBZKTCCIbxxgLKwr_QB-LXw9huuIuvtu8QwZG87fQvEAEgkLCHE2CVgoCAtAegAan_5cYByAEFqAMByAObBKoElQJP0PMZ3nkGNqCxSRDBCbD5CZAd4be2F0FEvSNJLJyAd4StuhIBEtS8vO3DPaMbD6PvxeX0OCuf4E5u1pHypm5k6r1zClcXKodG46SbESHLASOaZ1WMVzTrAZq2i6yqVZr-d3Jv_xIpTn-qXzYIH2udpBOvTwScWxvgqm3snXA06OXUCOyICOXz1V_uBURX5sxn3KZpQcpg1p2DVewrCQjghAn1O1UnA2v5_0t1NITCsReIHSzABcfVyGmahldhO-O8kdpFdYGU7sgnBtzdnxePhYwk5hXxI8fS8CjBwVXAi8M2k3IZz_DPfFc2lflM5DtEWQGczNi4T2v7dEVwxsuDQ7aQ0FkgNLVM05xenJPrBB02U34YwATpj_LtoATgBAOQBgGgBk6AB7-AmrkCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoBmAsByAsBgAwBsBOU0bES2BMNiBQB2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1677789845886&ai=C9M3YlQoBZKTCCIbxxgLKwr_QB-LXw9huuIuvtu8QwZG87fQvEAEgkLCHE2CVgoCAtAegAan_5cYByAEFqAMByAObBKoElQJP0PMZ3nkGNqCxSRDBCbD5CZAd4be2F0FEvSNJLJyAd4StuhIBEtS8vO3DPaMbD6PvxeX0OCuf4E5u1pHypm5k6r1zClcXKodG46SbESHLASOaZ1WMVzTrAZq2i6yqVZr-d3Jv_xIpTn-qXzYIH2udpBOvTwScWxvgqm3snXA06OXUCOyICOXz1V_uBURX5sxn3KZpQcpg1p2DVewrCQjghAn1O1UnA2v5_0t1NITCsReIHSzABcfVyGmahldhO-O8kdpFdYGU7sgnBtzdnxePhYwk5hXxI8fS8CjBwVXAi8M2k3IZz_DPfFc2lflM5DtEWQGczNi4T2v7dEVwxsuDQ7aQ0FkgNLVM05xenJPrBB02U34YwATpj_LtoATgBAOQBgGgBk6AB7-AmrkCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoBmAsByAsBgAwBsBOU0bES2BMNiBQB2BQB0BUB-BYBgBcB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677789845&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677789845083&bpp=2&bdt=2435&idt=2&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280%2C1005x124%2C180x500%2C180x360&nras=4&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&psts=AD37Y7tzSAxGUGougtvZCrWFXKft9f5L-41sQlIIoe40BhSeb_h0qbBkVGHzmMH6xqSzsLI_jvGcLLWRF7BJb_tuEg%2CAD37Y7u56YM4OAfDCUBCwTqxxliaEGTMtifVuW95jY6Bcr56RXFGsWdpRTaxBtMUoRVDfxedwcM4Hqig7n9B46M%2CAD37Y7tULERFx1sNlYONmq9eNnobOp4hM4H_ER7VGITjIQHKtdHCTaB0w3STXTm2shbuQMSCw31UQUxpZCjsdtk&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=JMJtJbwmnF&p=http%3A//smiles.iclou.com.br&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 20:44:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 17AF 0
54 B 222ms
209ms Ping
image/gif 2607:f8b0:4007:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=2~lerkr6gv&c=3291910163360&slotId=1645955081680&qqid=COTg6J2Ovv0CFYa4UQodSuEPeg&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:814::2003 Las Vegas, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 20:44:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast
bid.g.doubleclick.net/dbm/ Frame 17AF 29 KB
16 KB 89ms
76ms XHR
text/xml 142.250.102.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CpROefy16Jdi7WcfTd3QWu9AJylZ4Dm8oWVr0_QwRxj2KjV8XaPqNOR-AOIpg5JnwR5WQBpyiY_8BkaNMIgfvseEpnEw&cry=1&dbm_d=AKAmf-B3y_89eFsfXjUFDHT-dudf9mPxgQ33rSIKT9jBsIMVYVVw551MqX6UhrkhKqcxtG1Tt9RnxEtEpUUZQGqtcafEA_O9b42O0a6AjpeEMSwf4UJSWFwBRGXL4nr0sdhj4bSUET9QgWCypyBIuZFNHDFwQSjRYQl0GPBIzA_JsyhXfg7UDkQha3Bvj1VQprBISSlD9xdvvOXTFZfsBWs9_8aiplh4S9s0fmfqg9dCRgW1aHlz4u4PFpuBjRDuvZNJGfEOnGaJO_OX81S3Vquf09mTE_zjtEHwpjOJkB9FIwfSVK_uFYjW2wXYCHPk-G2jVHuxZI_bgvJdoQ8aiYqQ_1q-FRWyQAQ_BEeeCcC84UHwOguB3Qs7W3GCl3vq-fNuVDlWnwr7xphHY3GbITPMMtuK0BnXvTppr8YMWze_O_wJsC1dHzVGyjOWiKJmv86wbJPfeIoJnzy_Q9BTvX-i7LKM2yP1FFw1uoWe7B08kh2NuqDr3uNTUOoBrlL9Dqg09dYh4D8jWXU7Hw4oGBZsQ-Lxqs5naGVZzAJ3Q8ZvcmY7Q6laRAilwsqDBAlIPMYMeJJFE9fzV7JZi5jkfCM5lHNP1IYEQCinl1aRe268hL64Az5c20nTW5rqd40-LYTROofzm5nz_R5zmrGLPZngr8Eaz1HdGVnPk1h7PZwVgUjSDrWtOCcjv8p22am4DIrPf6lJlxFHbfzJlSQ01eMQGw3zhirs7nsKIy2ImwyVhdrgdKYu_lUCpS2xzc9yfdG8QfGQISEDaS3gmGcCIjXzYUrFg6rm6zpquAHUnnjy5Z_RAtvhDXZpz1q8Z-USrxOSPaNuRQftjvywv8SRbzq9nU_NLwBqyfk4nW9i7_JI4cCNo84MIiNZ7iI0bDoqLH0iL7OVI3xY1EQhmbISBqdeN1svLmPZiUl0eveV1IAUQlEe5xvz-Z6beSDWupFr2QLGKIrr55lcv-8vnuLZtAUprCVIVabl6P6Vz3xEIXPDN_TOoegl-0d9P82NM1DSV4tnpLi1bzpyvZ2q5nB2hKKhDDg5ZI3bnat7QNapphRJVyQzu9uia3mDqdpICE-2iHNoXJ9k0BAvoJKVUZiVBXBx4a5TFTR0e2A2l59LmswPEVcym2-I8ojcuTdcwWpFHBtTvwhno-sWziW_B_Q_nkho2xXZwu7_ShV_gHsXvjTgHgwQ_lPCwhJCEccuSZT9bghqsW4qSbw_9DnNbbYjPO4rwHN3XdAVRezncAxvDCCX5S9R1Zlu-AZ_IL0YiyH6DSJIuGyHy5Mqee4UsM4oywc5LfOe-lmFpOHl7liSx7iRpsp3kRKENQ22sj89Ux5ZZAzwAd6mpO-5UpS4iI8W1kgE7HWNOSX93k_QTnKdZjbmOttIZtGhbTvFV_PlFL2swie0CpUGXaOLPlQGZvuq9iAF1qCQTuhWxcZN2sYdD3Kaplz7TlX44mezXaMMIFgiidkKt2rO3seBdpAq6eu5eQ6EfBZp20ve8TVDmD5MipeEdxndoqfFW2cI38mX2MfVsgFYDKLQQtI-nhSdD_xVob6eBcSnfJ2n518KVa7weUW4tXEGY3PRxjENWGa3RkqN-u2xbFSUk2fURf4fBUv0dsTk0we4cwwuAQJHITJW0SQiPeVKqEHi4_2YmeMr9dkxPmgrPjSDoALchQJMWz7tNDG9jba2jhdSLrtSgDkEFEuUnTQsfrXvxG0pNVUZ2A3R8wg5G0ALufB-LM46vhostdtPQmsrpHriAouNJYiOYIxSFMqDZDvIUM1xITVSB2FStbkOF_vCFywXOJzS8zt2GQmh_AKyt1HxL0cxFCSp_0DsnsncLqbFwmQdFVUbeYq36Skr-kScd11tYBDdyBzqY-68hqU8BJ_ls8fL7EX_arBv7cFPUPH8Dasumpa_NbTjRdEBOZUdmAfaMWugIAPwPjGwnZmITzVkqqQH1v1uw5CSjupxWbUYsEOci_Cilo_BK03cFSLh6hCb2iFC6by_AuRMa_cyne987n-o58Rtd5v4EDFOBLudCTSYnqf_29e_ydZT24Jc8KjmutYkOqNlkq820XPvxBnAPUUMfvAmaW2MjItZi2uzqMezIRY9_A6X3grF5XwmjkHPKKhtZ5y4m57pqzo2P2a0DL_-BD2rUpXL87_vYEWbyUmdtUNC5uZ5-BqadyhTHq9lqH0jtVCumq_JwquXVYbF9OjPQ3wQS6SkezWHEQddnHHhrxfQ7M26EuBZvG47Ek_RlHChHYVUEuwia3fsn8SuCkGfmHMgiULLnhH-82kwKgRjtO3z3c9XhWlaegBqLn9xQ5HFF-53AfmJeL3yaOo_vzwjaAFlDU7rwrebTByN6qvNI7u6draoS_6uDVEPKuJ0YgsvgoOUoVLrlfcxX5-1M5FiWz08DkmCVht7u0tKQRGQQm6JEXwAX8-oHOPkepAZOuiFQlXwvrNNNEG6OCk0SGbUwUQ4Od6Pxx9azUIRDZmjWmVS6PKAOl4QE-ck6a58HVdf-WV1Q_1yh05yr5qv1Y6bU0XSzXSLIAXw-GHLYbAfn6vynPwAWx9FWpiy2dNKPMB39d2xE3HWbhC2Zh2vx23RmratAGuIY5Q_p8-H4W4DCjbzvy2y4sMtOHTJCgbOo-jEZ-FwVz_GRC0SMxbbeo4y0u_OzZJWg-nm9DKdqxTncAwcCiErkXKGe9IdHUYGwLrNlz1s2fP5-em6Qp4tz5aqX2DH0hvWr3V8P2P_isHPHmb5Tm1WF1tnXazpsbAjAgYDQ232T9PCeZpD2PKKWTzg4BJVIcUZjouK-wnKy0x5FM8HNyCKNjAcBP1Pch1xFAY9wSEO7_HUAlUHfl2ZrWeA-paj7KdBr31xdiTTqEXKVCf6v8p2tPC9atx8pLq38xCMBSNlMO8Yc0jKyEt0rdjkvBupj6ry84IlSsxm71dTlqzioKr5p9bx1Is1YlLoTWDPKxxN--4IAfBVVYGObBnlD9tdI3ptkYce-_l3unJvfUjSEEKpVp8oEaG-6TssEjRXdu72yoLmXMkBgrmdgh2Z4Js6PBBBl-GmD6Snn5BO2rdeVVcxnljb-2C6Erkd3KnMeiRuVbORu1sKkHkzVWsZIs4cH-NJ2-9oVJ5Wu_tcdiwcwNwBjwm1MTLMLp129rNV43fo0SXCul8htRFPhaAsRYS3UXNjQL6dJiwJr08nukB3a2_SI1oYPKs5iEwXisH6IUFO1v9q3v4OQxYqeDpMIL3m_-2CUCPbRir71co3bmcPMuCS5M99OGjgOb9M_f_vlz4Wv1p8uI6sACWGFQm3ZH8cBiTGhSJbVSUtOlVxSd5tHJ9kcchQlBboV_Yj63Mt0m66vHLRUinoj7T5LpDenAojW1jooB9J6Z7i54RAd_6wpbYI4ijrOB2rvTO4&cid=CAQSPADUE5ymX4iYpolXG5TroHGNd6MEgHmDlWPoyBYcWl53XjUvaZ-0_Tw22VQ2sSumKbAFXr-vD-hJONjx4RgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.102.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16257
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 17AF 0
0 95ms
84ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CahjblQoBZKTCCIbxxgLKwr_QB-LXw9huuIuvtu8QwZG87fQvEAEgkLCHE2CVgoCAtAegAan_5cYByAEFqAMBqgSSAk_Q8xneeQY2oLFJEMEJsPkJkB3ht7YXQUS9I0ksnIB3hK26EgES1Ly87cM9oxsPo-_F5fQ4K5_gTm7WkfKmbmTqvXMKVxcqh0bjpJsRIcsBI5pnVYxXNOsBmraLrKpVmv53cm__EilOf6pfNggfa52kE69PBJxbG-CqbeydcDTo5dQI7IgI5fPVX-4FRFfmzGfcpmlBymDWnYNV7CsJCOCECfU7VScDa_n_S3U0hMKxF4gdLMAFx9XIaZqGV2E747yR2kV1gZTuyCcG3N2fF4-FjHznjwSwVZRi9ilmPQIs4qh2bbwq9C37f9Q622_uv01wGRIPR5Ctzl1ea2hTSH5cE1dacwwsaZFs9JzOOIb2ngPABOmP8u2gBOAEA4gFx7OHsUiSBQYIAxABGAGSBQYIGxADGAGSBQoIIhACGAFImKx8kgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAe_gJq5AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKELiVFRiL0_zeAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBsBOU0bESyBO5qeHhA9gTDYgUAdgUAdAVAYAXAbIXHAoaCAASFHB1Yi04ODQ3MDkyMzYyNzQ4MzY4GAA&sigh=OIGDIbbTBiw&uach_m=[UACH]&cid=CAQSPADUE5ymX4iYpolXG5TroHGNd6MEgHmDlWPoyBYcWl53XjUvaZ-0_Tw22VQ2sSumKbAFXr-vD-hJONjx4RgB&vt=10

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677789845&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677789845083&bpp=2&bdt=2435&idt=2&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280%2C1005x124%2C180x500%2C180x360&nras=4&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&psts=AD37Y7tzSAxGUGougtvZCrWFXKft9f5L-41sQlIIoe40BhSeb_h0qbBkVGHzmMH6xqSzsLI_jvGcLLWRF7BJb_tuEg%2CAD37Y7u56YM4OAfDCUBCwTqxxliaEGTMtifVuW95jY6Bcr56RXFGsWdpRTaxBtMUoRVDfxedwcM4Hqig7n9B46M%2CAD37Y7tULERFx1sNlYONmq9eNnobOp4hM4H_ER7VGITjIQHKtdHCTaB0w3STXTm2shbuQMSCw31UQUxpZCjsdtk&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=JMJtJbwmnF&p=http%3A//smiles.iclou.com.br&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677789845&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677789845083&bpp=2&bdt=2435&idt=2&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280%2C1005x124%2C180x500%2C180x360&nras=4&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&psts=AD37Y7tzSAxGUGougtvZCrWFXKft9f5L-41sQlIIoe40BhSeb_h0qbBkVGHzmMH6xqSzsLI_jvGcLLWRF7BJb_tuEg%2CAD37Y7u56YM4OAfDCUBCwTqxxliaEGTMtifVuW95jY6Bcr56RXFGsWdpRTaxBtMUoRVDfxedwcM4Hqig7n9B46M%2CAD37Y7tULERFx1sNlYONmq9eNnobOp4hM4H_ER7VGITjIQHKtdHCTaB0w3STXTm2shbuQMSCw31UQUxpZCjsdtk&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=JMJtJbwmnF&p=http%3A//smiles.iclou.com.br&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 20:44:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A020 1 KB
643 B 62ms
43ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677789845&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677789845083&bpp=2&bdt=2435&idt=2&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280%2C1005x124%2C180x500%2C180x360&nras=4&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&psts=AD37Y7tzSAxGUGougtvZCrWFXKft9f5L-41sQlIIoe40BhSeb_h0qbBkVGHzmMH6xqSzsLI_jvGcLLWRF7BJb_tuEg%2CAD37Y7u56YM4OAfDCUBCwTqxxliaEGTMtifVuW95jY6Bcr56RXFGsWdpRTaxBtMUoRVDfxedwcM4Hqig7n9B46M%2CAD37Y7tULERFx1sNlYONmq9eNnobOp4hM4H_ER7VGITjIQHKtdHCTaB0w3STXTm2shbuQMSCw31UQUxpZCjsdtk&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=JMJtJbwmnF&p=http%3A//smiles.iclou.com.br&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 17:13:05 GMT
etag: 48472445140208031
expires: Fri, 03 Mar 2023 17:13:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET skeleton.js
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame 45F6 0
0

GET express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 45F6 0
0

GET
H3 200 omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230301/r20110914/elements/html/ Frame 45F6 8 KB
3 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230301/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BlIFif50965mPhZhfHxXzAl7AGZMWGMZSctXGPTUzh8RZg4gIjAoKG3ST6EEvDIdc089gXFTmAkeqpavZ22ZtPhm9qKtplEvo8CVnyKjUUZVpK9OLKGA9WJgW2yGn6LHsoTaZ-W_ZvzbegWAxNKlXr7FH4iB-ffSaTvEWbiCSYIdbpBAk&dbm_d=AKAmf-BEpLZjd5iVThgrqZQOj6210URqOlwVCl2gN8XKVaC_rY0XPfSHkI5y-TWvSzcOQ3gyjapfp7RtdeK4G5-f5Uemrf2r7piBfN-5QmnfhwOgaK3DsQ0EPPCE9SKQdP0PoPaevFd3F6_mzNKAxFqgj0kuiJVqLcKmhsPj_yKO_1MpYpkd-SqWdaWtESUqlulLmF58_Ayt6Q88KvVuO9ocNQwCdqk3m8kgjLaLIN-TAYRB1pfG62FBcfJEomVvF-X4bJpuX6JS0fGVHclgw8nTR53Q341Tt2N7UGfg7Xc--mt07QDjBo_vy16Yi_IhMQbKpQgTrKIhrEQLSgys_8JJ1C49Ke9AqXZZOrBYJkQk9mWn6A8xCEsUnycTpacZFsuhTC7Ap4MRoit7FnHerhwsox8nDa7-EX1hNflx3DsxMero04vlT0BtxLeGqNnZ0w6qCWZQsV3HOkhQdaw0uFnYW9Tn07qU7ja-meVbTGkVnA4VzDfuG-Lhj7EmNmJlKpKDSPDWjN3RiENK-l8DZBrRvJP1Hr_f9wNbOVEwXKlUa0o2-wbFcBdVA3HqQJvqMo2TWwGnVzyCC_IdDRnjlZhi5F5mnoD6PBUfwQODqs_RkIxQjrlG-LLlpnq3JKll3f6Norr7J5Zn9GwMXyXUaHrShtW7ybiB1ksF6gVteBDiPWZKVxtQ0XzFb8iZcBoxTDkHLdekTuaqPDCTNKrs68S2HVSJtx9BO10H3JJ0CLMeXUigCjMxf5ZR9Mnkl5yVsJhUDfb1_syzkkqOrSr4bkBQnc_Ir92L68yUAKhFcJQ_l6rjZuNJ0_kXNbvavpabPPWh3aAthKyLGASNedZ_IKsHs7ERKtyxgHinhtdUEAHRzJfZC_tXWpx5OqtasvSzUUYqsK5GAOcGACwNlh7N5_jaOLaKspHyYhsS_QbyfZChIxPJPbaP3CmRgRTUSrM2aHCzWSgPSxTGHMjYt83Y-GRAUNgvumzs7SG8c9_kWGbRpk2y_b_MZidQaSIi3qsp77aSv7hViDbwmM_UGQJQyPKOfpiplA3ZkG6eDfLjQXJYHhkV4HbFXi3Zbxj3lEQ3pIbNs45AZK6_1vP7k9G_b-56LNVfOemftXRWEMa6SP6uK8zVtmJXQ47dpAK76REgyC6MSm7jCCg90NGXDdJgdK54Zf0nijeAILr9jxSlg9cYtNHcyT8PAXkueJXcWNg1WK7lnnga60pw1HgYCUja3mNosnh-fnePFoVs_ukUpQBNnM0ep5SDrJI_fVD5LALSOxV-n-t8FGocc9eEFe4GOn56AcPPECbB93rD76I1lJm_ksuyRqz3IXFPHIl1-U23RevFMBBADWYYjY0HXB4JV_sMQieIK2a0JdkC0r0P9rKB0aXfz_7_emMiGe1TKRyVOrKn2h2CjQLaG13uAhHI8E8UNplZIXppkUnE-Hie-cqPTZ64nZvnh5ZhewckslSm1nFFQDKD7WWjTNc9Sh1cZZJ-t4kglP_lWUfGBg5mN4CY1yuquSHojxti0f0QFnq6pexn_ZSDh1EODXK5HogAKJD2a36TJWO0UZAneZN4wPqQmvB-HOBpDp127L9_77l7rr8qmfBxM4E0x6L2GAE_YPUQvop7tMnX9ccT6gjA4uewZCSmp3hDDBUvE13-b_QOOishCX6gw48eBioFCueAqNiByOB2mFj-caJzmFUXbpuwzDLif008ifj6m7rSxvQG55KnYosyjHyNDB4gUmv3d7SUp07rV6SkDcD1iv71O9xw7mCraudoopctqmNA6DSkAxvH4GdzCYGENYyAAaixRkkEFM7-_ngTt5Yrw7HWQaSBgMAmWteiKhO-uz1ncw-4EPEYSxruLohkFs2JzZ6-vMg_E8zmSafdHyxEhOrxA00ZyQHPEFhj_DMbqL1CA-70k2g_cdPp9rzUb-NTi8NwsVRogUFrnzMbPRFQgwN3fZWnC_O1750NkLXw9v0JPoTUwfgnPGgWu3IhUkgto5yf07HqsjN6Y9d-cbMnVH-z_OYUrXKtCPMtKkzoJPYue3hbeV9THqaZQQYPPt_1n9QjI8XpOd1hhwVhte3-DNuVhIaSf2KYwSwy9PGxg71xnG65j3qdTlZDoY6LfNDaphYEWh-F_uvRCps5AKd05Msf83H3nlyN0IB8rINx927V_NdOa7przYhxYNnMWs3O5VQ1dWXYORNWxjBh0frT0F4JGRDTlKLCo62SG82oAyH__HPOEyLHYyON26TWj0x4JKHtTS1vbeYNu6t1Gcdrvi65eZwnzdVRruKAEE6807C9dIcKy4p9Mu7YZKtUM1id1sQFn4_L60dyfRq15KQtOzM8R906M4329uxjBKyXn0MtvVfI7sxLHzpzO07a0JIzMX45h3yuiysrQ_aAE3QT0Z9Jnw4zFn1gcLMaE6q1os8jk4_VX-ZznLnV-py59icTY4ns-XtcC6jQV_wunO24BrGcC5Pki78wvd0hHvXkPqnbLJ_xii9TAS0y2MaORynaAugSKXHvOmvtc0FK53UCaS24R_Uum3grI27tEF4MclKxEkzhzosDK9XB0wws3n4CkBSMThEACUHtsMwqr4J8FACPlNFuhWflvcdIGGBGTcGuFHqUNN_joQcZnraOY-W0k1UiPl-JibLtahzUFvyPc_zOl5sgqzjy8fgrLPj_XtIF1IxxSbyYaYr6A5Ww17u2q8aNvQhIB-h4vWYXjm-_JGU3YaV9TmKDQ0IUWFwtSSbztshLNw2mgCLxhnrTSEWGHgkOepFacVssKT400gPpEJsxyeRSb1vcMD6_Itpq0pS9W2sc8en1o7lwSrr2eg6lr1qNKjKWBPAiiKcjPmAn6wtrKoVZaVDp05NalETK9Fmf1MHAJrRXoS-7FSwBWMv-ecfhUeRnBSkPEOredHqxPxIMx9EF5rsBsbMnGz4Kex56j81VsHcBu4bw4WTiVfHbgm7GQZ20uBeTAZjwVC5XlZLB5dTZ9TxHROFlPU1tskVCduC1coOwclLZKvcBMRfSo6L6lQqs4o6tkrVO-q45u_yF0gnSAphHEFHYQEtRWEzsOUDdpzWmy5U1k-B4-7AaL54dGfQcyLI7FInq8aZwjmXsepXjpM7KAsl4wSGyptONnI8WO9jodC8m0i4RsZ_iviV60w-QYwn7P-P-RuvL__wnKGPs0EkYoNY_UP9l0WkEHHU4H17I46fv3q_3GwbzI370oa8bkXWxijkW2-NMdXDPGDv3vYRgpaypbuz6YGYr_xdLpqOX5zfykcEk8gaCv0g3RqUctY9S7X2r_RLF0rlbSA4yeLZ_Jt6e314uV88tOkh2MfK3ywYTg2HH_bETsgZ2_T1qy7M8OFAvFaDFTvHbiPm4YXiQk8TjLKeb4DU64NXwvoU_CLbbWtNE&cid=CAQSPADUE5ymgzSN8YqA239pyrcSv-rW6U9e2B7ZWUN4yx-qzHppaRDQnaEJqKXvstikIlqb03q_r2lsmu52QRgB&dv3_ver=m202301230201&rfl=http%3A%2F%2Fsmiles.iclou.com.br%2F&ds=l&xdt=1&iif=1&cor=5264984038530072000&adk=1726166460&idt=148&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:35:38 GMT

GET
H3 200 abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame 45F6 28 KB
11 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:38:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10962
x-xss-protection: 0
server: cafe
etag: 11760670070698444384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:38:59 GMT

GET
DATA 200
OK truncated
/ Frame 17AF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 0CB9 0
54 B 202ms
198ms Ping
image/gif 2607:f8b0:4007:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=4~lerkr5o7&c=7849246859469&slotId=3924623429734.5&qqid=CIuGoJ2Ovv0CFXPl5godlSALFg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=993&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:814::2003 Las Vegas, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 20:44:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 17AF 0
54 B 219ms
202ms Ping
image/gif 2607:f8b0:4007:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=3~lerkr6h2&c=3291910163360&slotId=1645955081680&qqid=COTg6J2Ovv0CFYa4UQodSuEPeg&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:814::2003 Las Vegas, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 20:44:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 17AF 41 KB
15 KB 58ms
43ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 04:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145541
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 04:18:25 GMT

HEAD

file.mp4
r3---sn-4g5edndr.c.2mdn.net/videoplayback/id/1e2a706195bf2ad0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818571481/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 17AF
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/1e2a706195bf2ad0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818571481/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r3---sn-4g5edndr.c.2mdn.net/videoplayback/id/1e2a706195bf2ad0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818571481/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

GET google_pixel
ads.travelaudience.com/ Frame A020 0
0

GET sync
x.bidswitch.net/ Frame A020 0
0

GET adx
pr-bh.ybp.yahoo.com/sync/ Frame A020 0
0

GET dds
rtb.openx.net/sync/ Frame A020 0
0

GET UCookieSetPug
image6.pubmatic.com/AdServer/ Frame A020 0
0

GET rmpssp
sync.1rx.io/usersync2/ Frame A020 0
0

GET um
sync.teads.tv/ Frame A020 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A020 0
12 B 81ms
74ms Image
text/html 142.251.39.66

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L9em9IauUZitYV4_UJ2O4tjqOzYXGc3zBv5aebiYi3GmOGUHygsAqBlq2YbL6p9rbgBRLgwA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1677789845&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677789845083&bpp=2&bdt=2435&idt=2&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c688d6ca58d3ec8-227270ad3bdd00eb%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w&gpic=UID%3D00000bbdb530ffc3%3AT%3D1677789843%3ART%3D1677789843%3AS%3DALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280%2C1005x124%2C180x500%2C180x360&nras=4&correlator=5243333977490&frm=20&pv=1&ga_vid=1864907486.1677789843&ga_sid=1677789843&ga_hid=1726339460&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072727%2C31072730&oid=2&psts=AD37Y7tzSAxGUGougtvZCrWFXKft9f5L-41sQlIIoe40BhSeb_h0qbBkVGHzmMH6xqSzsLI_jvGcLLWRF7BJb_tuEg%2CAD37Y7u56YM4OAfDCUBCwTqxxliaEGTMtifVuW95jY6Bcr56RXFGsWdpRTaxBtMUoRVDfxedwcM4Hqig7n9B46M%2CAD37Y7tULERFx1sNlYONmq9eNnobOp4hM4H_ER7VGITjIQHKtdHCTaB0w3STXTm2shbuQMSCw31UQUxpZCjsdtk&pvsid=1648393550874032&tmod=1264144212&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=JMJtJbwmnF&p=http%3A//smiles.iclou.com.br&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.66 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:44:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 45F6 0
0

GET cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3628 0
0

GET
DATA 200
OK truncated
/ Frame 45F6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 8130 0
0

GET gen_204
pagead2.googlesyndication.com/pagead/ Frame B13F 0
0

GET load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 7420 0
0

GET abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame 7420 0
0

GET window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 7420 0
0

GET qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 7420 0
0

GET l
www.google.com/ads/measurement/ Frame 7420 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7420 0
0

GET 3d1f1376e308865cf68987b0ba581d94.js
www.gstatic.com/mysidia/ Frame 7420 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-8847092362748368&ias_chanId=1&ias_placementId=19422215721&bidurl=http://smiles.iclou.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hR1wpeqS74qdXzhkfx5_BR

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Domain: r3---sn-4g5edndr.c.2mdn.net
URL: https://r3---sn-4g5edndr.c.2mdn.net/videoplayback/id/1e2a706195bf2ad0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818571481/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/19360CF7571F42B8A08BD03C65411011B8D0B05F.79459C2DADAFF5026C55BBE6C9E3CECA06EC50E4/key/cms1/cms_redirect/yes/mh/lT/mip/2a01:4a0:1338:92::7/mm/42/mn/sn-4g5edndr/ms/onc/mt/1677788370/mv/u/mvi/3/pl/36/file/file.mp4

Domain: ads.travelaudience.com
URL: https://ads.travelaudience.com/google_pixel?google_gid=CAESEIEMYNK1RaeJ_jqmZ_RdRo0&google_cver=1&google_push=Aa02lx-1iXCRbruzPwW5JVmobe4vzbCdk1VxER6-FnYGQw4DF8XllNbe0_zwu-Qt24vcOw63u4HLiuTPTwKAraBeZ3Pycdlh-_Uv4H2CC1vasikd7a7wik-Vs5wxHR9qUldY9DFDefFay0hHfKo

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJ2uoOaz3MhWWTTxHiAOr3g&google_cver=1&google_push=Aa02lx-Y5zydw_qyQEFgQfUJOal60Qf-aIK2xJtMrs-0WnJhEyv1y9tTtkl-ZnKh9z1zRKrdHWxBUchfV2It7HWF2gOHRpV3b1cvdf9Q0OgJ6tYnuXoTYnZfwXl2BN0xF3lWzsDQOKreH--Fg7YO

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGh8O0xDU-xAg15BpOFnw84&google_cver=1&google_push=Aa02lx-F7bYvRsss7DhOXmNApzvVXYXBrU2GGHwV_90A9IsBCMxiMy_FkatgVcTFls5Ez6us8V5rIroMmbo46ZV8Pku4Y-OxtM1IA50uZLRZFHH-djJ17zMugjAWs-8LPyPsRX7s0SNO7xMOSk79

Domain: rtb.openx.net
URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIP1-7763zSiCQ4aztGQZ6U&google_cver=1&google_push=Aa02lx9KGipfYbQiOhD65xdKVCZKIMOvu-ypGEHMpHqhVxcbzUWCvvOiXYQZX-l9E8uVzb5b8RiHtaNGpJ0sStYozuwY3vkQSnXqpnHu9V0NwNvGsLgrxZdBxYwn-MBSZuNW7ElHnefr7-PbZI5W

Domain: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBFj58IcFiUqB1vKchXd_CA&google_cver=1&google_push=Aa02lx8l8SCu5oGU-q0PY-XCQW4cucmPeTVeoAF2ZngmJ6pamz5RAqOHWyTpxr5Iw8dONfRC1Q8RxKOR5fw4lO-vUGtOF14vrRwYj60p6p7f1vgcMynaplhKRi-5veAe6XHvSpSpqFOpRDYEXcgV

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEMCx3nMvcAAX1U9JaXNI470&google_cver=1&google_push=Aa02lx-WqDKUHjb8OpB_J7L5J9bzWHw4lDFJys98iOYflYF8k-5DRzZSXk4VIvHoShvHqKrlbd0-iF3yZOGjb-o12wTvk0z_I8YXAlwSn9TYTt8LVRpa9U0t5RXGhH7Wvugr8Uy320ladPc74btA

Domain: sync.teads.tv
URL: https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKvDEZSgXACz_vEevoHasFE&google_cver=1&google_push=Aa02lx9DnjwWQUzcmV0kRXF-yQK-bUdkER3WV-BnakqygvFxpPob8_g24Zw5hEHePHtzru60gMIUaOdYd8HxASg3HLXfJTgFONtBCLp4mXA7_a_wavwODsFEvzBlP6wzGBpoKgvbarEKp9BZGuNE7w

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BgQlKlAoBZI_tMMWlrAS6yrHwDAAAAAA4AeAEAg&bg=!Y2ClYDTNAAbv3-2Ez987ADkAdvg8Wm9TqvEJNcDJVWiTTbgC-b3DgXFoQZ3-lc2Tm1nPKvrTXvlOmbzvcrlSVXaTTiJeFPJiuBwCAAADPVIAAAALaAEHmQLG8ny44-g6y7vUdp0me_W8PPu1_7Rtc27z-eil59pFxnjWwSFXI7iBJyRekEDdQffSmKkPp-_0N37UGWXYPZSRjFYyslrFdOY79aMb1bervpn8TbelkMJxVwAaZv2PEniiXNffZOGSQONUdWx_3jR-7_Wjn0CzEX8j5mm2I1S8CFi3HOZrIp1AKIj6Qdk-DXW7MsCvyWqp-ti8SZ9y3WCEX_w3ifIxqAcrMJZJApPYC5IFGbvGvHCXqd3IbGzFkbTkh3zsgJvGAWWsGtRDGyx3F9FfkEOo5x0npbUxW78sQxmYKK3IQOtOxpsRI6-Myjgz3LzLLnUBHdGkXFzHNJVLNC90ldE22TlwrpIOd0-_Uki8lAMG8V5fu_kJQs4i9JnFkaiM3JH3AK_SWNm8nNGXCRNtK9rheRVN8bK51eOa1TZ5bsjE3NUPCguLawTy8P0YnT8B7Gq8dhTFUUG9qb4SEYj6jwN7o5oU1XxnkVaEHPx74o7CV8wEXdE4wJSXhrQpLELRer0pFe8ovVs4pDuCgjso2YDlLcPHFs0ozKqTA8xBJJYK8q8cvYp9W-ZdXxtPExrwAIuJxAsdZV3rV8Smeu5GsVvJ8xLBoS38uFLr5QIUCU7iygBj8kFUTEK8sbS2BQyHLhnVkvTX5-O48-HD7NAbsleyIXTNhoSMNiiQETmWs3M8CxX6vU65vSsh9k2TQtllIyNsWrspxxi6PneeQeewWezQqUKRzGSopsn3yQNxloNGWYU9xS7M37ykyTwpIItNL5jfqbKNC9h3v96odL2Q4LvTU1TlYABkUPuyrORe6PE3XgFpZAQ3mue3DSwBpgC67CwZTUCnLmatxRL1RwZ0x3EaxYr3PkKnceMeGxvvibds8YegzKcSOxh5CDSCdzaS1UUxsaCzqecrKAIMFBXCYRwdiNqBiYusKgN2ydnyGAmOPUs

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Domain: www.google.com
URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7eA4ntcxWxw7I26JXCJZ0m4kbAmEmpJzW2J8a8RZvZH2_c5OBw6PUAvBoR7zXETRrD2zDxEv-16aPmDVNJAn-S6FPRA

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3d1f1376e308865cf68987b0ba581d94.js?tag=mysidia_one_click_handler_one_afma_2019

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.iclou.com.br/	1970-01-20 19:24:45	Name: __gads Value: ID=8c688d6ca58d3ec8-227270ad3bdd00eb:T=1677789843:RT=1677789843:S=ALNI_MY5Ud_xSH19Jh5egLsZ80HyZr8U5w
.iclou.com.br/	1970-01-20 19:24:45	Name: __gpi Value: UID=00000bbdb530ffc3:T=1677789843:RT=1677789843:S=ALNI_MbVQgDNWjImnaAF6PD4DR6-tPhHBA
.doubleclick.net/	1970-01-20 19:24:45	Name: IDE Value: AHWqTUlQgkqR16iSzHwVgmaZMwuD-IfR1EYapZmpJuZT3_RJdsm4lJOyNvRj8GGklfk
.doubleclick.net/	1970-01-20 10:03:13	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 12:12:45	Name: uuid2 Value: 6876026875733637144

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.travelaudience.com
adservice.google.com
adservice.google.de
bid.g.doubleclick.net
cdn.jsdelivr.net
clients1.google.com
cm.g.doubleclick.net
contatonline.com
cse.google.com
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
googleads.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
r1---sn-4g5lzner.c.2mdn.net
r3---sn-4g5edndr.c.2mdn.net
redirecionador.info
rtb.openx.net
s0.2mdn.net
smiles.iclou.com.br
smilies.com.br
sync.1rx.io
sync.teads.tv
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ads.travelaudience.com
fw.adsafeprotected.com
image6.pubmatic.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
r3---sn-4g5edndr.c.2mdn.net
rtb.openx.net
s0.2mdn.net
sync.1rx.io
sync.teads.tv
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
13.58.124.244
142.250.102.157
142.251.39.66
185.80.39.216
185.83.142.19
2606:4700:3034::6815:5f5f
2606:4700::6810:5814
2607:f8b0:4007:814::2003
2a00:1450:4001:15::6
2a00:1450:4001:806::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2001
2a00:1450:400d:802::200a
2a00:1450:400d:803::200e
2a00:1450:400d:806::2002
2a00:1450:400d:806::2003
2a00:1450:400d:808::2004
2a00:1450:400d:80a::2002
5.161.90.154
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
0999f19a3b93b8c5c104db9849603936a3cfb3f1431c0e03d74d8cc36d13066c
0a7cac9b8f0b40c02c190a290f821c12d3a30bdd31f99699c96afb6e011f628b
0a8cdb437b98ef34109aed4292ed66a432a9cd426b0fe2d6747fc6c46f0f21f0
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18a96675f4f19667b1f329c36f2c16cf3b62760f7b484946bac5aaff1d9ddcca
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2fd3ec1c9bbd8649a7df803f56aee470fa259abb0a9b70485cd51c9d1bf77a03
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672
3ea571f67616f2ef7b6acacb2a92cecf6a5035424ce962d971e3f32926202e06
418c782cd9a0f004f25873525e400620db28bc9d81b2961e5e6be9faa5a900bb
41a7dc5e797cb9512d4641995cf30c5e2f4d8b999757f8cb78270c3490390f03
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
605be1b13501b7a1c80398c5e8849e90d770b49af06fc4599afcdfabd025f91a
60e1069667daba2511eb0b7dc17a29604029127998f853c7263d5da9eb4db597
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a9e5151eb6e27c499d5288b1620fd017196a800d43f7d80e19a7e65b5b59668
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6ce28c45d8017db8cc043a676a050a5079f5ced1bf29490307c8ad1ba4f133c3
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
708d5c9dbe4b6a80868cef351b45d31093d8dbe6e658f893be79a485c5879adf
7b7ed369c9ae686938e7c88b6252eafd6650c76c61e0f749c95d4c8687b35cce
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
82274395ae9741732320547050e84cd8ca10510c0afb8cead6eb9172aa891deb
8275a1832029640448076101960837d5de803b1db3116f50612e3282c80650ea
8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd
9737e1f2d8e8394823b95d1c2ed3db1a65efabeb4eaf36b3d35ed053dff921b9
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a3363af8f57042aa97c25136dfedfb50c82657ffd86d4a60e92494b6c7a6b2da
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6f63ffc99b8c409016c6e10dbe5e130653b2bb64442d29e6ee18e5b3ef5d6ae
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
abad3ad1dd4095f61287e926f58bfbf4d041e8633891304599d8bee01d02f060
aee19b0b7300c0fb39ae40d584d1f44ac815826a9ddaeca9f50c599baf8366c5
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bce2557e101627ef4695d74ff1dcd7ddfbe992aede3578746e9ee10c0890ae2a
bf604d68a81b4f3042807e4f9561e19db4130802cad8c53b39549c383a86ff77
c1c96ab2389b9943d515afe71cbea944b3e1817b128a49cfa1847338968ab23e
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ce5202067cf740a4ac3ef8aacdc0289a3bc524b7c12e060b1bec753caf095b7b
d07304cca832f4d70ceafd73f39bf68de4cb3b8185f24614641e6f860118389b
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e16091f3287ea770b873f2a8946c64570c3e51229710cb5c56cf2efed0717789
e1f061781dd54ac94ee2245db3b03e2fe1604349e42b857a3e5c982d6cdbb5f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
eec7b890011983dd43c49ab04036ea034b573a81a8db80c665b81f0619a8a676
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68459d679310d8dea155e2c6c2e27be5fff75050494105c69cfea7b2c73dabf
f6c4a8046f43db9161bd82e0dff8b0589e3d6ccd909b9ed5c44335aefbea7da1
fb2acc252c27c705c45d6416529ca9d288d8a108eca93d2a548b8526287818bc
fe210f25ffa8cb8180963416babbda9ef2f1f09110e99405e70a6a3d4ed2cff9
fe3a4cc5d7690d7e469a3e97e352f6d87e73dc877e33f024304247a6dc88f23b

smiles.iclou.com.br Open in urlscan Pro 5.161.90.154 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

175 Requests

78 %HTTPS

77 %IPv6

24 Domains

36 Subdomains

26 IPs

3 Countries

2121 kBTransfer

6617 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

175 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

smiles.iclou.com.br Open in urlscan Pro
5.161.90.154 Public Scan

Screenshot
Live screenshot

Full Image

175
Requests

78 %
HTTPS

77 %
IPv6

24
Domains

36
Subdomains

26
IPs

3
Countries

2121 kB
Transfer

6617 kB
Size

5
Cookies

175 HTTP transactions
10 data transactions