urlscan.io logo urlscan.io
SecurityTrails logo

www.semdinheiro.com.br Open in urlscan Pro
2606:4700:3037::6815:3a9a  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.semdinheiro.com.br/
Submission: On September 07 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 5 countries across 15 domains to perform 105 HTTP transactions. The main IP is 2606:4700:3037::6815:3a9a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.semdinheiro.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 9th 2020. Valid for: a year.
This is the only time www.semdinheiro.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    2606:4700:3037::6815:3a9a (United States)

ASN13335 (CLOUDFLARENET, US)
www.semdinheiro.com.br
16    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
11    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
googleads4.g.doubleclick.net
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
9    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
4    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
3    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
24    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.dk
8    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
cdn.ampproject.org
2    172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f3.1e100.net
p4-bcxem4fqnq4je-qfoviwag75a54lw4-if-v6exp3-v4.metric.gstatic.com
4    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
cm.g.doubleclick.net
5    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
3    185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
8    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    108.128.170.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-170-1.eu-west-1.compute.amazonaws.com
beacon.krxd.net
Domain Requested by
24 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.semdinheiro.com.br
b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
cdn.ampproject.org
16 pagead2.googlesyndication.com www.semdinheiro.com.br
pagead2.googlesyndication.com
tpc.googlesyndication.com
b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
8 s0.2mdn.net www.semdinheiro.com.br
s0.2mdn.net
b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.semdinheiro.com.br
googleads.g.doubleclick.net
b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
8 securepubads.g.doubleclick.net www.semdinheiro.com.br
securepubads.g.doubleclick.net
6 cdn.ampproject.org securepubads.g.doubleclick.net
6 www.semdinheiro.com.br www.semdinheiro.com.br
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 www.google.com 1 redirects tpc.googlesyndication.com
www.semdinheiro.com.br
b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
3 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 googleads4.g.doubleclick.net www.semdinheiro.com.br
2 p4-bcxem4fqnq4je-qfoviwag75a54lw4-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-bcxem4fqnq4je-qfoviwag75a54lw4-if-v6exp3-v4.metric.gstatic.com
2 b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com www.semdinheiro.com.br
1 beacon.krxd.net b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
1 adservice.google.dk securepubads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google.de
1 stats.g.doubleclick.net www.google-analytics.com
105 23

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-09 -
2021-10-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.dk
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh

This page contains 15 frames:

Primary Page: https://www.semdinheiro.com.br/
Frame ID: 57B713B70FBD306806260ABFDF77C5EB
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html
Frame ID: FE0BCF6062B9BA8F11A0FCFA3CABFC9D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1863532356489327&output=html&adk=1812271804&adf=3025194257&lmt=1630717854&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.semdinheiro.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630990005735&bpp=3&bdt=2546&idt=63&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=537052575721&frm=20&pv=2&ga_vid=389853215.1630990006&ga_sid=1630990006&ga_hid=693542467&ga_fc=0&ga_wpids=UA-1684555-35&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062369%2C31060033%2C31062297&oid=3&pvsid=1298605677734924&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
Frame ID: 0C116124D38A6A1740DE179A5FD891C9
Requests: 1 HTTP requests in this frame

Frame: https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3D6E81D588E5F7127CCF88905DB0BC83
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1886433F1CF5D7572EECB332F69FEC95
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C934C510A062FAF6E4FE4ED17FF12610
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1
Frame ID: 924893E40BFFF7716647370B774389F0
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 532C55D3F4F835C78B1083ED2AF78730
Requests: 2 HTTP requests in this frame

Frame: https://p4-bcxem4fqnq4je-qfoviwag75a54lw4-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 3B1EF06143A2373E78935477879D1292
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs
Frame ID: 574555FD5F89606878513143AE2A8982
Requests: 24 HTTP requests in this frame

Frame: https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E80CBF78D67589D46A10CBDD38625882
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIYqt--ogEwAQ&v=APEucNWqXkB7e3dgtryhz7Sw8Q7JE4LXAOO1nXG6eFHJPaXir09A9Mqo-ONbesXlut83jfoo3AwLVjOcmuK6ozjL7wMLBueJnreul6owMnJFxnoEiFrCkhcDPKEkYM5lRBO0FtIeulb5Dz5TdKPDk02PdXJZK-AtLItFpLEqV0bQAhKHqG9-fas
Frame ID: 05F03C538B536D44A4FEED27EBD4E5F5
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/10160029/1626153496107/Mercedes_C_Class_300x250_V1.html
Frame ID: 70453DDB0CB1E416A6DC52DBB7C41165
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 695C4608D0502CB79E9F8230DF5C46EB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js
Frame ID: 381CCC328498143ADFF6D3D022909684
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sem Dinheiro | Empréstimos e economia doméstica!

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /react.*\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

105
Requests

100 %
HTTPS

68 %
IPv6

15
Domains

23
Subdomains

20
IPs

5
Countries

1267 kB
Transfer

3501 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 80
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDnQZX9zXQCaURfjrzD47bs&google_cver=1
Request Chain 81
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YTbutoVi.kZ5oNod6pEy-QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDnQZX9zXQCaURfjrzD47bs&google_cver=1&google_hm=2 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDnQZX9zXQCaURfjrzD47bs&google_cver=1&google_hm=2&C=1
Request Chain 82
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDiTKrnjgo_kLlsRzaig31U&google_cver=1
Request Chain 83
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ2MTE0Njk0MDk3MTQ2MTQ1MQ%3D%3D

105 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.semdinheiro.com.br/ 		46 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.semdinheiro.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:3a9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f706606d4c1d2ffd2e5098a949a1e1773cb9953e61203b700a24cfff74f4e905

Request headers

:method
GET
:authority
www.semdinheiro.com.br
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:46:43 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=691200
expires
Sat, 04 Sep 2021 01:20:52 GMT
vary
Accept-Encoding,User-Agent
last-modified
Sat, 04 Sep 2021 01:10:54 GMT
cf-cache-status
HIT
age
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njas7D3c%2Fgg1iVUNeg05EGF6d5jke0QULy%2BCzjwUILO7Sw8gtECFZQd8F2SlsjbcVeGg5vo3mMOJMONycIFMY5hOs8zh2NkY6Cl9kPiGVdaGVarhL8%2FNon%2FZJazCAxYQ%2Be0j7H0SgBsXrYuwEgxPQodcweh3"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68ad4b7fd8ba4a6e-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
49 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50014
x-xss-protection
0
server
cafe
etag
16429506049953775710
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 04:46:43 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		0
25 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"980 / 379 of 1000 / last-modified: 1630706924"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24939
x-xss-protection
0
expires
Tue, 07 Sep 2021 04:46:43 GMT
compostos-e1606510087753-90x90.webp
www.semdinheiro.com.br/y/933/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.semdinheiro.com.br/y/933/compostos-e1606510087753-90x90.webp
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:3a9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d5568c97549dd22dc3969a529ea49e28f116d62d7248de3d3499eec4299680

Request headers

:path
/y/933/compostos-e1606510087753-90x90.webp
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.semdinheiro.com.br
referer
https://www.semdinheiro.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:46:44 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Jan 2021 13:14:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXoVjemn7mXjDQcB0juM2sMujkV%2FKXODN7%2FLYxIlADIkz0Fjv5qUyUh6b3DhwUTwm3wjhXSQjyHlrnpjGCYNva%2FYBMS%2FNx7cU%2FDoaiJ%2BEEMFWuUvnCiphiDqTjEnjTDN5S5PH0mxu8DlhJKEpYDvJAMdQHG1"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
68ad4b806cf50746-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1664
expires
Wed, 07 Sep 2022 04:46:43 GMT
dinheiro-cpf-e1606413878413-90x90.webp
www.semdinheiro.com.br/y/752/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.semdinheiro.com.br/y/752/dinheiro-cpf-e1606413878413-90x90.webp
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:3a9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdc907d023e27d4d57ce19176f3b380a1edef640497836659b2381b0bbcc56d5

Request headers

:path
/y/752/dinheiro-cpf-e1606413878413-90x90.webp
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.semdinheiro.com.br
referer
https://www.semdinheiro.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:46:43 GMT
cf-cache-status
MISS
last-modified
Mon, 04 Jan 2021 22:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9i87ZXicAiYB4bcFlayK92E%2BanG39qTUavKM0%2FNe82UB%2F3WmxnaVW%2FOkkiNpw7p1m31twWN02aqBRRi9OmCm7HYMWa7vwqy6yccBIuaNwz2TP45Gwh0ju3rmqwTMVgv5%2BVyWJ6ASNUI2rzHMRhfXpBVJBwl"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
68ad4b806cf80746-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1070
expires
Wed, 07 Sep 2022 04:46:43 GMT
tipo-investidor-e1606413713571-90x90.webp
www.semdinheiro.com.br/y/526/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.semdinheiro.com.br/y/526/tipo-investidor-e1606413713571-90x90.webp
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:3a9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e894d700ed15093f56d683c11b94ddba4a3ac4364f6328289e6011fae5a2234f

Request headers

:path
/y/526/tipo-investidor-e1606413713571-90x90.webp
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.semdinheiro.com.br
referer
https://www.semdinheiro.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:46:43 GMT
cf-cache-status
MISS
last-modified
Thu, 31 Dec 2020 17:48:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqDk9%2BeuGyOpryPtML9r%2B79QbTRDgk8QlEPimGO1%2FtD9VkZTogEuQFWKve%2BdI6%2Bi7sOIv5XyoOYgSfqYJUoliB58SsofoIabsSttw%2F2ScPMa1I93UCu57FWT5undW9C2sscgWMcXQdJVqyGEO3ALOksX%2Fiim"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
68ad4b806cf40746-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1260
expires
Wed, 07 Sep 2022 04:46:43 GMT
multiplicador-dinheiro-e1606334219856-90x90.webp
www.semdinheiro.com.br/y/358/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.semdinheiro.com.br/y/358/multiplicador-dinheiro-e1606334219856-90x90.webp
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:3a9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a47b7875f70657c2f4cf31eee41926903a29284f8484067367566bbb541ea6b0

Request headers

:path
/y/358/multiplicador-dinheiro-e1606334219856-90x90.webp
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.semdinheiro.com.br
referer
https://www.semdinheiro.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:46:43 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Dec 2020 22:41:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZF1GTkZPLsA91l5C%2BxW6aIl7IA3vMqJ%2FR02sc06jKO%2BKbk8fIzJOkzMyqoLjFKVhb8OPcj4f4Gdyuv3sKIZiIE6GBC7O%2BfNcwwi7M3PyiBk%2FsG7fezKUBMwk3%2BybSncQ%2FlNpFFMYyRmkQdWbCskT6s87atmD"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
68ad4b806cfb0746-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1498
expires
Wed, 07 Sep 2022 04:46:43 GMT
pix-seguranca-e1606334089337-90x90.webp
www.semdinheiro.com.br/y/317/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.semdinheiro.com.br/y/317/pix-seguranca-e1606334089337-90x90.webp
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:3a9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a66c6f0bef24c44e0e1d6fa6b255760094f9c282cbb12a71fb734043530f3244

Request headers

:path
/y/317/pix-seguranca-e1606334089337-90x90.webp
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.semdinheiro.com.br
referer
https://www.semdinheiro.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:46:44 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Dec 2020 13:59:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKxIKIEXjdt5bxkQ4F6aQcwNF65Be5zd1pDJ61bM%2F7sC70VLIb4dlvxVT3n6HDouEIffEc8xEATmwQWnKvzmtbXmK8F1A9M9O%2B%2FhDl32LtV3u6SxT9p%2FrFCeiTRIoKMzKvmx%2F5lA3awr6JN7s4EIrSV8rb%2BK"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
68ad4b806cfd0746-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1282
expires
Wed, 07 Sep 2022 04:46:44 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		138 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80892379c6819fd3fac2bc7e5dd0334f26d3685b0045a92874781e3e18722f2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49528
x-xss-protection
0
server
cafe
etag
9183445149347914575
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 04:46:45 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
ed2e3a62be83ddda79eb1312d3da002272b51c438c3e41db9590d8040f213bc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"980 / 608 of 1000 / last-modified: 1630707028"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24940
x-xss-protection
0
expires
Tue, 07 Sep 2021 04:46:45 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
7188
date
Tue, 07 Sep 2021 02:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 07 Sep 2021 04:46:57 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-1684555-35&cid=389853215.1630990006&jid=1926525336&gjid=1505150468&_gid=536578855.1630990006&_u=IGBAgEABAAAAAE~&z=1950980797
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 07 Sep 2021 04:46:45 GMT
content-type
text/plain
access-control-allow-origin
https://www.semdinheiro.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=693542467&t=pageview&_s=1&dl=https%3A%2F%2Fwww.semdinheiro.com.br%2F&ul=en-us&de=UTF-8&dt=Sem%20Dinheiro%20%7C%20Empr%C3%A9stimos%20e%20economia%20dom%C3%A9stica!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=1926525336&gjid=1505150468&cid=389853215.1630990006&tid=UA-1684555-35&_gid=536578855.1630990006&z=2050544062
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Sep 2021 22:01:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
24327
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-1684555-35&cid=389853215.1630990006&jid=1926525336&_u=IGBAgEABAAAAAE~&z=2025198506
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Sep 2021 04:46:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-1684555-35&cid=389853215.1630990006&jid=1926525336&_u=IGBAgEABAAAAAE~&z=2025198506
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Sep 2021 04:46:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/ 		250 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=pub-1863532356489327&plah=www.semdinheiro.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb658d8af264091d320d32e952cb1756ea0145c2f6497b182a39e7ce4e466653
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95178
x-xss-protection
0
server
cafe
etag
9330497266985682447
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 04:46:45 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/ Frame FE0B 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210831/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.semdinheiro.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.semdinheiro.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 06 Sep 2021 16:02:37 GMT
expires
Mon, 20 Sep 2021 16:02:37 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
45848
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_2021083101.js
securepubads.g.doubleclick.net/gpt/ 		333 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
821bdc4f69b0d71c8ee65e9e97c232e0a127004991b92133da9019dbe8f90047
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 31 Aug 2021 08:39:05 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119248
x-xss-protection
0
expires
Tue, 07 Sep 2021 04:46:45 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		80 B
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.semdinheiro.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
2dcabc8d3763ed42152f14999c355cc9a5d4cea098faf887f35e8cf83a9d6b9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Sep 2021 04:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78
x-xss-protection
0
expires
Tue, 07 Sep 2021 04:46:45 GMT
cookie.js
partner.googleadservices.com/gampad/ 		208 B
442 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.semdinheiro.com.br&callback=_gfp_s_&client=ca-pub-1863532356489327
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=pub-1863532356489327&plah=www.semdinheiro.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
151780b49b7b13d9539db0642f2d707e82bee0ff903bd4d2628ee6b9beda1771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.semdinheiro.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=pub-1863532356489327&plah=www.semdinheiro.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Sep 2021 04:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.semdinheiro.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=pub-1863532356489327&plah=www.semdinheiro.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Sep 2021 04:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0C11 		86 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1863532356489327&output=html&adk=1812271804&adf=3025194257&lmt=1630717854&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.semdinheiro.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630990005735&bpp=3&bdt=2546&idt=63&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=537052575721&frm=20&pv=2&ga_vid=389853215.1630990006&ga_sid=1630990006&ga_hid=693542467&ga_fc=0&ga_wpids=UA-1684555-35&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062369%2C31060033%2C31062297&oid=3&pvsid=1298605677734924&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=pub-1863532356489327&plah=www.semdinheiro.com.br
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f724c98781d62c7fde69384bebad645d727d4a17bbc004e858f99b15385441b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1863532356489327&output=html&adk=1812271804&adf=3025194257&lmt=1630717854&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.semdinheiro.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630990005735&bpp=3&bdt=2546&idt=63&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=537052575721&frm=20&pv=2&ga_vid=389853215.1630990006&ga_sid=1630990006&ga_hid=693542467&ga_fc=0&ga_wpids=UA-1684555-35&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062369%2C31060033%2C31062297&oid=3&pvsid=1298605677734924&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.semdinheiro.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.semdinheiro.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 07 Sep 2021 04:46:46 GMT
server
cafe
content-length
29285
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 07-Sep-2021 05:01:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 07 Sep 2021 04:46:46 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210831&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=pub-1863532356489327&plah=www.semdinheiro.com.br
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6448ef071c7a1ac9dbf3c12b7a5752eb6f999bf6939d049b53f058233e1f5c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Sep 2021 04:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8675
x-xss-protection
0
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=pub-1863532356489327&plah=www.semdinheiro.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:46:45 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630496339498273"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27562
x-xss-protection
0
expires
Tue, 07 Sep 2021 04:46:45 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=pub-1863532356489327&plah=www.semdinheiro.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Tue, 07 Sep 2021 04:46:45 GMT
integrator.js
adservice.google.dk/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.dk/adsid/integrator.js?domain=www.semdinheiro.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Sep 2021 04:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.semdinheiro.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Sep 2021 04:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1298605677734924&correlator=1298932732007091&output=ldjh&impl=fif&eid=31062461%2C21068030%2C44749397%2C31060033%2C31062297&vrg=2021083101&ptt=17&sc=1&sfv=1-0-38&ecs=20210907&iu_parts=1027564%2Csd-d-hc1q&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&eri=1&cust_params=wpType%3Dhome&cookie=ID%3D533c3e6ecd44039e-22fc3d5ce1ca00ac%3AT%3D1630990005%3ART%3D1630990005%3AS%3DALNI_MalaQWLqTf8F2NsJlZ0aVmrxO2eiQ&bc=31&abxe=1&lmt=1630717854&dt=1630990005904&dlt=1630990003189&idt=2690&frm=20&biw=1600&bih=1200&oid=3&adxs=454&adys=448&adks=1158973388&ucis=1&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.semdinheiro.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=787x3204&msz=336x280&ga_vid=389853215.1630990006&ga_sid=1630990006&ga_hid=693542467&ga_fc=false&ga_wpids=UA-1684555-35&fws=4&ohw=787&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
1c484500d1720fd68f0bd563a9d57de71f11f4cf889ac62322a96b7d313b9f8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:46:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.semdinheiro.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3D6E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.semdinheiro.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.semdinheiro.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 07 Sep 2021 04:46:45 GMT
expires
Wed, 07 Sep 2022 04:46:45 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		407 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1298605677734924&correlator=3353858871352714&output=ldjh&impl=fif&eid=31062461%2C21068030%2C44749397%2C31060033%2C31062297&vrg=2021083101&ptt=17&sc=1&sfv=1-0-38&ecs=20210907&iu_parts=1027564%2Csd-d-as1q&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=wpType%3Dhome&cookie=ID%3D533c3e6ecd44039e-22fc3d5ce1ca00ac%3AT%3D1630990005%3ART%3D1630990005%3AS%3DALNI_MalaQWLqTf8F2NsJlZ0aVmrxO2eiQ&bc=31&abxe=1&lmt=1630717854&dt=1630990005908&dlt=1630990003189&idt=2690&frm=20&biw=1600&bih=1200&oid=3&adxs=1040&adys=592&adks=966959738&ucis=2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.semdinheiro.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=357x3204&msz=300x250&ga_vid=389853215.1630990006&ga_sid=1630990006&ga_hid=693542467&ga_fc=false&ga_wpids=UA-1684555-35&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ea42299d7703348435f334f4e389bae68f34540aa47645b654bedfa08a7cacb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:46:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34181
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.semdinheiro.com.br
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1886 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.semdinheiro.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.semdinheiro.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 06 Sep 2021 22:24:50 GMT
expires
Tue, 06 Sep 2022 22:24:50 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
22915
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame C934 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4ba4f03d644108ae2dff304721f52e1effe1cb008696b92fe123a8a6c588a651
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-35gRIF/cTFUfJA3+dutc7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.semdinheiro.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.semdinheiro.com.br/

Response headers

expires
Tue, 07 Sep 2021 04:46:45 GMT
date
Tue, 07 Sep 2021 04:46:45 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-35gRIF/cTFUfJA3+dutc7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js
pagead2.googlesyndication.com/bg/ Frame 1886 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 01:18:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
12509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13264
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 12:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Sep 2022 01:18:16 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210831&jk=1298605677734924&bg=!YmGlYSXNAAYJpm41CaY7ACkAdvg8WmJZ6AEKq7SbKHjQvasyzJ0Bp3hQmLcnh5UT-A5yCdayh4IokwIAAABXUgAAAAtoAQcKAHvxqCbWdER_bTkpEWXnW2wr17OJFwQ9VYeYtHkVPk_g1iXG7wCmeMzkB7n4S9tdfYVN8n-M3rJRmaOVQcNYthYo89bvlqZBCxPxe0YRNCX557wgE36ilOcn-s33Nm3F5jNQQ65ZRPKl8ymnzqwW2qBMfOxfGDpr4_BldnmZAnPb89Rf1ruw2Oata6nDzR1f-hN6o_g2pZIc1ziGG3VU_sBBFJBgqWSXVs9BtcJv0yw_kz6rUXZS7wEQehQy8gLTbRlqjNzszxHVFs8DhflvQWMH8cDkKhUeXFTSUH4FVNK8OrWAOAX-BKG_D9e8MmTz1Iwm5vWv7oeCVPFT-QzxvN9aytytk1gEKzEf3pbk6nxJnYESvXCJoaCogei4YsP4Te6x1jrEopwEsDgxnG_8YekcqdRO1HnmRmnS11h5EDrLtFub65czPZsJNeZtKiWBS8vw2spZ3JfHk4l4A6zbUvD2b0pVwnchHbRUTEWUncraDZW30Ar4RcevKbThlOwHe7faRVkK-5Qpez6nt-7-ZPKPXT8afb0P7dBU9qyVXZrIV3PglWeZiwTxZhMYhlB5SBYNLoqpImTfQR3wDrkklwpkayuA4rK1HcELuQvYSyVK5_6iHNx02m5C_oRE7zHDlPb2hdXfrFbnFErVsE_huBp4TsvusVPYmYKcb9cq9y-214RnExwLJEkHmS1SfdqATWURaVf8gB3Xg_4BnHskv9Pa-fAafK7t57-Jr_95XeCYspsrJ3pCeK7zrY91rwCIjqvAK0ZI-g1PI-_kHkhWvPam9cmlIPjUqV88RpGgd1t12IodkqMqUBbaNaNb_sAeV0kAQlU8swGfH3JWM1npoCzKko3pfizkxy-VZzRMycdAInYQEtyIkfTtHhEz7xBMDCb5A3DiW4kPypoiyzv_UVD_HH1wrxH0Z4MnWRlCM8u6jN88Bt-q6wVdo8MQxWiFQPlBoJF4LdsNeu177JyWurfzxyMuaM2komo-Fmk-G1pqB8o
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/ 		145 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=pub-1863532356489327&plah=www.semdinheiro.com.br
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50f36dfa6fece434e88e474d214553f6dc1972a8b05f4cdcc3db65890644bd7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53147
x-xss-protection
0
server
cafe
etag
6967682741169739163
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 04:46:46 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.semdinheiro.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=pub-1863532356489327&plah=www.semdinheiro.com.br
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Sep 2021 04:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.semdinheiro.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=pub-1863532356489327&plah=www.semdinheiro.com.br
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Sep 2021 04:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/ Frame 9248 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=pub-1863532356489327&plah=www.semdinheiro.com.br
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.semdinheiro.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.semdinheiro.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 06 Sep 2021 06:38:13 GMT
expires
Mon, 20 Sep 2021 06:38:13 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
79713
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 9248 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C3ervte42Ye34M4HO7_UP4LO3kA6wvaDfZOrFmN-hDuiqtpWLAxABIJi10ANglQKgAanZ-JUDyAECqQKqt8Yvs-uzPqgDAcgDyQSqBOQBT9C1BualySDFzK_h5qiIv5haX6_iymxP5GRr88W-ndFbMHXJRLRdDh4HtE9GQ4TGWKAKkKM2DpYQM4DcIUylPMluRisMeIDJm10ZiXYZHwvLpXgk2UPwodCnqUDazshOV5Ktuj8QOvwq2eQzr3nRI8Jya1z7DeE5cR7iAGRhmp8ETM3-OBgmQym_RialPoh12mFn3DCZRME18Y2QajDFZ6hEq42_08xBm0GF9KvJ4l1zlHmQUBz2EtKUWr15QZArW7pm2z0vBEsefmaASXStdgiJ0Jk8t8pM4GBHBd52jzkHAtuhwASky-H5zAOSBQQIBBgBkgUECAUYBKAGAoAHv6aHaqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwHyBwQQ0IRN0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTE4NjM1MzIzNTY0ODkzMjcYAA&sigh=_hsiQUX-1PA
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 07 Sep 2021 04:46:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 07 Sep 2021 04:46:46 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/ Frame 9248 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:26:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1230
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7645
x-xss-protection
0
server
cafe
etag
13200147268341533873
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Sep 2021 04:26:16 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 9248 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:36:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
621
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Sep 2021 04:36:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9248 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:46:46 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630496346997469"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Tue, 07 Sep 2021 04:46:46 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 9248 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 03:43:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3786
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Sep 2021 03:43:40 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 9248 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
331c8dbc087f677d4eca8035d19626c0662a712b95d0d78bbeba05b7c3bbe7dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 03:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3958
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10845
x-xss-protection
0
server
cafe
etag
14737611871312058204
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Sep 2021 03:40:48 GMT
9479488712761976943
tpc.googlesyndication.com/simgad/ Frame 9248 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9479488712761976943?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlC1fjPkDvTfgkGqjm_TPLlpTMjsw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eecc32061bb50dc4ee7b9861db5cc784198d65c6b798ed3b4e393b6b692d5798
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 23:02:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Jun 2021 14:05:49 GMT
server
sffe
age
20631
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7554
x-xss-protection
0
expires
Tue, 06 Sep 2022 23:02:55 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 532C 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 07 Sep 2021 04:02:16 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2670
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
redir.html
p4-bcxem4fqnq4je-qfoviwag75a54lw4-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 3B1E 		247 B
807 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-bcxem4fqnq4je-qfoviwag75a54lw4-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
37a317c7f29c9b687bb4a8df1b351714f6e1dd46f65bf335e68ef9aed42950c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
p4-bcxem4fqnq4je-qfoviwag75a54lw4-if-v6exp3-v4.metric.gstatic.com
:scheme
https
:path
/v6exp3/redir.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-3CCxbX6960K6T3-s3A2fwQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
content-length
205
date
Tue, 07 Sep 2021 04:46:46 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 532C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkTlroH60I8d8b0NoCxrgjOi5XKZba7BmMAhfLS2lngC_dax4ynjd57Pydre-Y
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 07 Sep 2021 04:46:46 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 07-Sep-2021 05:46:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 07 Sep 2021 04:46:46 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 07 Sep 2021 04:46:46 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 9248 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75cbe22db5f876e3a148bc521d3fe66468f8dbf4edb943c17da2ce21747b3a11

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012108170213000/ Frame 5745 		188 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
86302
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55333
x-xss-protection
0
server
sffe
date
Mon, 06 Sep 2021 04:48:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"55ff93a1040e5c38"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Sep 2022 04:48:24 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 5745 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108170213000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
460010
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4999
x-xss-protection
0
server
sffe
date
Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6b551ff8c0a78d7e"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Sep 2022 20:59:56 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 5745 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108170213000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
460010
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28538
x-xss-protection
0
server
sffe
date
Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"523ca413d5eb4bb0"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Sep 2022 20:59:56 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 5745 		70 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108170213000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a213b67eebe575881cc62cd8800129e15d9ca92049b2e37832bf83d9fa2ed79e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
165294
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16652
x-xss-protection
0
server
sffe
date
Sun, 05 Sep 2021 06:51:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b7d23c40180897d5"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 05 Sep 2022 06:51:52 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 5745 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108170213000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
460010
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1653
x-xss-protection
0
server
sffe
date
Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a4d9605fb26cf0ce"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Sep 2022 20:59:56 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 5745 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108170213000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
87111
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12821
x-xss-protection
0
server
sffe
date
Mon, 06 Sep 2021 04:34:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bd81b3ba02634f28"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Sep 2022 04:34:55 GMT
truncated
/ Frame 5745 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f3f47ae8d1ec1b01d85be83a62ea8386a2136f153d8ef048922a3a883832737

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
BG-01.jpg
tpc.googlesyndication.com/sadbundle/17964242127399080331/ Frame 5745 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17964242127399080331/BG-01.jpg
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76e4ffff7a5aba26ad0e079bf40d373014354f10a188b249d9f68565a1c36ab9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 11:11:10 GMT
x-content-type-options
nosniff
age
63336
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25923
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 08:40:15 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Sep 2022 11:11:10 GMT
Logo-01.svg
tpc.googlesyndication.com/sadbundle/17964242127399080331/ Frame 5745 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17964242127399080331/Logo-01.svg
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fea1263b193ed6d4fa7a73f21ca4bd22ccafde631b5a67283e803d42d6c13d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 14:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138287
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1032
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 08:40:15 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 05 Sep 2022 14:21:59 GMT
Book_S2.png
tpc.googlesyndication.com/sadbundle/17964242127399080331/ Frame 5745 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17964242127399080331/Book_S2.png
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e4e2c62246285fe96599c8ee4b6a0299b5d235f8052f89be8847ca0881d08b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 15:11:07 GMT
x-content-type-options
nosniff
age
48939
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53202
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 08:40:15 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Sep 2022 15:11:07 GMT
Blue_Botton.svg
tpc.googlesyndication.com/sadbundle/17964242127399080331/ Frame 5745 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17964242127399080331/Blue_Botton.svg
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89344e694dd6171ddc0306fa7da74126e4c07134f24dc667a8693f3ee053a33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 14:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137494
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1264
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 08:40:15 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 05 Sep 2022 14:35:12 GMT
T1-01-01.svg
tpc.googlesyndication.com/sadbundle/17964242127399080331/ Frame 5745 		2 KB
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17964242127399080331/T1-01-01.svg
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed63e9f503e7399c37453aec708e33592825f45fb9b7ff9f3e3b61cc212f7a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 14:21:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138329
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
910
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 08:40:15 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 05 Sep 2022 14:21:17 GMT
T1-02-01.svg
tpc.googlesyndication.com/sadbundle/17964242127399080331/ Frame 5745 		1 KB
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17964242127399080331/T1-02-01.svg
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eb595a034aae0e708414f2eb5581eeae6fda8f2ef6623ca6963f453689d4156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 07:55:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
334260
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
597
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 08:40:15 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Sep 2022 07:55:46 GMT
Red_Botton.svg
tpc.googlesyndication.com/sadbundle/17964242127399080331/ Frame 5745 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17964242127399080331/Red_Botton.svg
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fa643b0a6558388fdc9c181ee28b171bb8f233c7566b51811ea21e2c6345532
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 07:36:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1263
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 08:40:15 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Sep 2022 07:36:10 GMT
T2-01-01.svg
tpc.googlesyndication.com/sadbundle/17964242127399080331/ Frame 5745 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17964242127399080331/T2-01-01.svg
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ed355324a83393e0bd1a28583ade2864bb1062a9a2c2cc7821963aec420c0bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 01:29:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11849
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1098
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 08:40:15 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Sep 2022 01:29:17 GMT
T2-02-01.svg
tpc.googlesyndication.com/sadbundle/17964242127399080331/ Frame 5745 		2 KB
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17964242127399080331/T2-02-01.svg
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbbb7987b6be3a749b1aba66bf151578e2c2f96873cb690caa531d238ef09c70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 01:33:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11620
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
815
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 08:40:15 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Sep 2022 01:33:06 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5745 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Sep 2021 14:44:53 GMT
x-content-type-options
nosniff
server
cafe
age
50513
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2886
x-xss-protection
0
expires
Tue, 07 Sep 2021 14:44:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5745 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Sep 2021 19:50:12 GMT
x-content-type-options
nosniff
server
cafe
age
32194
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 07 Sep 2021 19:50:12 GMT
l
www.google.com/ads/measurement/ Frame 5745 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSAgiQCSHGBddKL3clodeEAzIVsBH8ehP-V_TgW1xXzCl-oeocI8UFs7Ed2F2aHR9nUvzW2StiLwUctxDjd1wIyOQogDA
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 5745 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cqiu5te42Yen0Ovig7_UP_4OSqA7asMDwZLy5iujrDqCHgOyQAhABIJi10ANg0YG5gtAHoAGC76PeA8gBCakCxGJt59FwhT7gAgCoAwHIAwiqBIcCT9BZ4DlkQINbUMyN79GEWFs1ygl2K68KL7Q0DxW7n6qA622Klp33Xe8OKWOw8PE-x-ShQbutOhrUPd42kNX775fRudln1aoC8Nlxqvi9TMhaKNLREJgsKJwBQOuPPLwsf6u5G2z_PGV33dT4sZrGHJCcTerJ3ad4BTHXvKT395UvuKvDtNTQl9lJYOmiDQbMd9OYgTmjH-ZM56Po-oFtCaIQv8YtL7xtJjdoXvOFAdddgIiwEENBmC3v1pgCaTYZ0UFDzvIydpfAVgJeRkbF4PKjkQDdWrwo3uRQNpveSLMukXpmn9ZqpmtcrB46Fl_y8aRwbGO8uMMlWErCYbNcWOZ0yd5eqeXABOLEkPTKA-AEAaAGLoAH5pDcIagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQ_LYj0ggJCIjhgBAQARgdgAoByAsB2BMD0BUBmBYBgBcBshceChwIABIUcHViLTE4NjM1MzIzNTY0ODkzMjcYvJYH&sigh=JA00UxaUb-A&template_id=419
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
container.html
b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E80C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.semdinheiro.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.semdinheiro.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 07 Sep 2021 04:46:45 GMT
expires
Wed, 07 Sep 2022 04:46:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
iframe.html
p4-bcxem4fqnq4je-qfoviwag75a54lw4-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 3B1E 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-bcxem4fqnq4je-qfoviwag75a54lw4-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-bcxem4fqnq4je-qfoviwag75a54lw4-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-bcxem4fqnq4je-qfoviwag75a54lw4-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
e0b11737994bb85724bbbd13f2fcc1495b59b320179704797a3f84a16cf29d3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
p4-bcxem4fqnq4je-qfoviwag75a54lw4-if-v6exp3-v4.metric.gstatic.com
:scheme
https
:path
/v6exp3/iframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://p4-bcxem4fqnq4je-qfoviwag75a54lw4-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://p4-bcxem4fqnq4je-qfoviwag75a54lw4-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-tFr4aOaOvyNYzRo35goZgA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
content-length
1860
date
Tue, 07 Sep 2021 04:46:46 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 05F0 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIYqt--ogEwAQ&v=APEucNWqXkB7e3dgtryhz7Sw8Q7JE4LXAOO1nXG6eFHJPaXir09A9Mqo-ONbesXlut83jfoo3AwLVjOcmuK6ozjL7wMLBueJnreul6owMnJFxnoEiFrCkhcDPKEkYM5lRBO0FtIeulb5Dz5TdKPDk02PdXJZK-AtLItFpLEqV0bQAhKHqG9-fas
Requested by
Host: b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
URL: https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CPvS4AEQho6NjgIYqt--ogEwAQ&v=APEucNWqXkB7e3dgtryhz7Sw8Q7JE4LXAOO1nXG6eFHJPaXir09A9Mqo-ONbesXlut83jfoo3AwLVjOcmuK6ozjL7wMLBueJnreul6owMnJFxnoEiFrCkhcDPKEkYM5lRBO0FtIeulb5Dz5TdKPDk02PdXJZK-AtLItFpLEqV0bQAhKHqG9-fas
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkTlroH60I8d8b0NoCxrgjOi5XKZba7BmMAhfLS2lngC_dax4ynjd57Pydre-Y; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 07 Sep 2021 04:46:46 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 07 Sep 2021 04:46:46 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E80C 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFxamBXtMY0393_Ltu1IDg5zf_vVfItWzhngX2OpvHckyEC7bvy-Iz5_Fmiwb8fH9p3xqGqzqP7fNOvKTZDL3v8Q-8mVPESFnuvRiQaCDiDJn_P3CWtgJaywp3zkYvuuv6UD_-iwl5wwC8sR19PLQVEvuGwA&dbm_d=AKAmf-C1w7TcmPQFq6wykfCmQJevM6i-bT1TpvmBA0RaHGdi1XD4Y-HEsVsaEsNWC4_8vxfAw8VOrAb46csmbHQYgWzCPHNp0q9Cv6Np2Q6aAOOvhMdgvzIMuiz-dM6rfLMtbDx18a4_FhQ8-KwSsNdfUg8RQPEOJKetDRPJaYEVidEpFqRi2RXe8LY-7OdYaEb8kOf4ETUceH_-LxfvPRSwX4ZZq9ckHK0WqO4MX8gOSqUGSnF8MP1yUtdS9D7gYZgCiiwD2XgE1LXwONUOtgQq-jh9jiA3wmXh53z1Q-aZP5GFo2-njb4q1L9TtLzz1ROzeiA8f44xHKicmZ4jAGxe1njlbLk7JFwHSLmH_ragyS7EGImnGWPY3oK26RdByrRshDE6x5L370XzXCyxYPCZ29jbZwct1h7KIJNF2VjBQ4R71McydxgnvCY8WkjW-8fTSBrNu4Ri8TZ2Wm8k0lg2-_QiGbhSRvzE8LqcZ0WPwSafym2kYQMbLFlzn6rir2Fy0DS31D8vQ68mO3o9bVeti6iIJFNnQNfdaBZU58GKyFPAlUaJhp_tf3vC1Sq8gZd6O5szC-fwb1ylIlL-UvY3oWItbF38lFKPGuf1Y0YBoDYAwR26N2d97-Px1AiCxCojt6MzW2hlQISCs_uxFmYhEVJCPJlT1mSFWA80R9v3CdpNGlfwhv3V9BPGXDLJygUlnizVkxarzby7euFGFjWVn5ejYMMBipoZHHQtzjIMp_AGQ1lwKQDiliillO1A1PDgmerSof7IrOwPwpFc9Scwxk-Stb682u2QS8CwWDWyPTP3i-KjD1DKZrZGKHzDfN-qWKR2XzBza3-eHezDPFTBU3py7_FUW10fkzwzJJ2WCH2gtFWeQpYpKl3KWmaJlO-ziZWOIw0hLv0tHli0EX9cc2bXizVWRajMM_8zFFE6fn3d_cz_h08_TTNZT5JZkQn1agpEunZ7hgP6XTQp_XC6s_Cun44_WEVg96VLZkELbwu1-RoIaiLK6p3JBw3jKhCtJnigMbpR5kc4keVOQQsMQVj1F214hD0UO1bBtleUH-ioqEflfODGgfGUuugNpv6EH7ZgKAz_-ALR5dV4hlPBnO5Ti4BsI8i4wHMeSKydrkuaKSClHjgdYlYlS93Z4_ybdhkbKNPjbY5zFgjZYrMVflKOgqGIfF44yb4Yt4p__ALR3zu17DQHtakRJcM9JTeIpBEoSiAhShhGH5aTSvwUnankkUJoBNvU-cl3W0sMpSNffWr6dS-Pj-ky947Z6NJ167QGM92CDnXtyTdwX6Ur711IavRqSU5mOl9zit9jBwIdkzImcUFiht_enxYfF24dCmvClYHl5kwAu0ZBrbYeIfX3VF4A7W4wXTx3Qj5cu7tvwkHGnSrukpiAYP-kP4tSUNrVCVfbnCstgiZUH-uf-8yXz-ko2O9LYWAbUDTKUbh6Cj4P3ll2ccAtOSHB92jnmtpo9rzpIa77LDKpqz5zYnNSs9A7Djc3DzqjDhLtDKa-TLbLk_yDV99D2akI2ftCy8qvj8bjF6fov2lbT6-cKlik4AwY6Ub74QXh70YmCJp7mM1RQEVNolGjgas4i1tsdWSnMdQS7S_GXTHI_oA71YMQNZe4TsBWxmx_eeWSyTO4ZQQmQJJ5aBNreV7mFB5gvufSHm4qRwzGhMwzgFp9qXeceQ9XRG9RoaTQgPzJjgDdviimwLKKrDx2aacjFmjWCWg9vtxk_YyDkgJIbS-Zh_G7ov-qXqODYvk_r3Zhz3YscvVCOjgfImUjWSQ6pBB-KX1fbgfxioNOmwSfMCkeU3K1CbptX8XiD048Axzrye2f3e0MxHelTEP7NZQK3pDIULIfRctdMAx4vPQAkPGpzfljdEz92TGcw50ICOEOSgDnaINjcHeUgVxzwi39eS6_OtyAl81gfz9igoFP8FK5wBZ3zU21XYRVr5mMwHlBbv1CXMrO1ng4nObcJfel5xA2JrTAW8tMkxCNTPBYcu1HODLtuyeqqrbLTxqmydG17YCpV4ipKrlOPR4WfkAyuS1lPRu-x7S1AGTjfBRjoMZS_nt_ZWRq_x1qTfKmaKZGKEWDOy1Xg3iDM82gBHJZSOJLm4CNgYUBxg8gsnGbii6Csnu3R4nVNCZvhCtyyHAvjKSWo1Zle25x2WeWFqP2P6odGjn5r1deDm_-EEcrq_HxCFW1XQwErklIQUZRpedMxdDISCYYYyFn4P-RXL1RgUdaqGHWl4wNMNbd8r-6NGzvPgIwpDINELuRat4x7laAn2OMKmIpHxWB8u-YiSq1xdrun-pOJvdnrc47Kpw0ckGHW4JlcHYvuZaFJLEzYZoswy8HcH_cfKA1omXGJJhy2jjX9d1n7SsoFT8fN9cPtGr6SPGphbaayZE50Da7zG4iEj7nyrmrcnee7KURc8SCMF4tH1Vu1Dpl-cqLY7vfrYyddrWPtWGdtEglGwh0VLkMQTQNNqmwmg9-s6lx68yHnq-mAmWQ542US-VZ00JycMTEtvKPdKCX3Xswzf4q1UDJ41evrF_I0LI8aAL6gpieEoWVup-isNeQrXJyIX__mOgMrNs1pLDShRYpmIlzM34V52XWPwKpuakOnydcO2vy1B4ZeJbFbG2Peu8kWPG3DQ0kf-HNQBkLA1gtXUYXLCZmMbGkKd23FUrVJQ_ooguTxsmDqkXuTHW4PL-bJ5LZSjroUe5mB_MlgjPl_fCmAFqUzsqsj4g5L8PnirsM7qp_WCAL7y6Kn3itrDQZbVzW25WRFzUfpcBx-o1_bS0mI7gBK1HX-U2_eKoC-EQOe9Yf3GtXavYXNZB9fSYcycyQE5MpV7RT7lvdAuac3HvB2KiKRsqw2Ay5lVRVZF5LMyObc7QZaVxgip3HkwNCWwYey3qCCdD3fkUdG7b93wNedBDhSG_sR2pe5qpcgT-DRKeoa07JRwtJOunkMNrz4jZiIiptga_-oTCVdYcbdE2W3Nx8568RA7jABD0LLspfeR-NJs_8Iik-3dJIEAVA4O6TDSmwVTxe2eIrEf6i2eY3pzj457ZvIp65JdFto9fAVPyR2Colsm-P3gmEsc1o6SRlVpYVhQcvCgurr9iasPxvnsffjcDtcX7oqK0uyp5b9yUnzdqx1HUX76hj_mZkNvcXYK2qROo-Ybxfbcf2Ppihm_resQxQWOpmoeBiQoVqaoqE34V7PS_2vzMIqcdtQpYFxqZjs9M--9PCWXGwmmzl1_O0ifRn8NxjWB12giur9pXFJ0SZGHBdcIx9&cid=CAASFeRo7D_XMHHlg6gV65RobInwQyOx6w&rfl=1%2Chttps%253A%252F%252Fwww.semdinheiro.com.br%252F%240
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33ce4f7878eef46d87e204217f8661b2a68814b5bffbd862fdfe2f47ae3e20df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Sep 2021 04:46:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28977
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E80C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CQIE7vmmuq6mo5y1JK5ZF8tLci8SmpkXVO0A3-D57wt_XEszkf1A1tSsCzv9ox0v9ZzFTMSu42OU0rbbtJqM2VCobZvJvzMBCQZ0JYfU9yD8obNb0
Requested by
Host: b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
URL: https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Sep 2021 04:46:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame E80C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/window_focus_fy2019.js
Requested by
Host: b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
URL: https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:36:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
621
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Sep 2021 04:36:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E80C 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
URL: https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:46:46 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630496346997469"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Tue, 07 Sep 2021 04:46:46 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame E80C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
URL: https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 03:43:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3786
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Sep 2021 03:43:40 GMT
l
www.google.com/ads/measurement/ Frame E80C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT3VrSftp6KsIQBUa9--MC3O57KrMX7DjUz7kkDZPYMJZqyD1g_siVLAwqlCR2Z9JKWSaaDcrM3ySg275sr55loL489YA
Requested by
Host: b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
URL: https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5745 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Sep 2021 14:44:53 GMT
x-content-type-options
nosniff
server
cafe
age
50513
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2886
x-xss-protection
0
expires
Tue, 07 Sep 2021 14:44:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5745 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Sep 2021 19:50:12 GMT
x-content-type-options
nosniff
server
cafe
age
32194
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 07 Sep 2021 19:50:12 GMT
rum
dsum-sec.casalemedia.com/ Frame 05F0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDnQZX9zXQCaURfjrzD47bs&google_cver=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDnQZX9zXQCaURfjrzD47bs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIYqt--ogEwAQ&v=APEucNWqXkB7e3dgtryhz7Sw8Q7JE4LXAOO1nXG6eFHJPaXir09A9Mqo-ONbesXlut83jfoo3AwLVjOcmuK6ozjL7wMLBueJnreul6owMnJFxnoEiFrCkhcDPKEkYM5lRBO0FtIeulb5Dz5TdKPDk02PdXJZK-AtLItFpLEqV0bQAhKHqG9-fas
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Sep 2021 04:46:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 07 Sep 2021 04:46:47 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Sep 2021 04:46:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDnQZX9zXQCaURfjrzD47bs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 05F0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YTbutoVi.kZ5oNod6pEy-QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDnQZX9zXQCaURfjrzD47bs&google_cver=1&google_hm=2
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDnQZX9zXQCaURfjrzD47bs&google_cver=1&google_hm=2&C=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDnQZX9zXQCaURfjrzD47bs&google_cver=1&google_hm=2&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIYqt--ogEwAQ&v=APEucNWqXkB7e3dgtryhz7Sw8Q7JE4LXAOO1nXG6eFHJPaXir09A9Mqo-ONbesXlut83jfoo3AwLVjOcmuK6ozjL7wMLBueJnreul6owMnJFxnoEiFrCkhcDPKEkYM5lRBO0FtIeulb5Dz5TdKPDk02PdXJZK-AtLItFpLEqV0bQAhKHqG9-fas
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Sep 2021 04:46:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 07 Sep 2021 04:46:47 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 07 Sep 2021 04:46:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDnQZX9zXQCaURfjrzD47bs&google_cver=1&google_hm=2&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
324
Expires
Tue, 07 Sep 2021 04:46:47 GMT
setuid
ib.adnxs.com/ Frame 05F0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDiTKrnjgo_kLlsRzaig31U&google_cver=1
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDiTKrnjgo_kLlsRzaig31U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIYqt--ogEwAQ&v=APEucNWqXkB7e3dgtryhz7Sw8Q7JE4LXAOO1nXG6eFHJPaXir09A9Mqo-ONbesXlut83jfoo3AwLVjOcmuK6ozjL7wMLBueJnreul6owMnJFxnoEiFrCkhcDPKEkYM5lRBO0FtIeulb5Dz5TdKPDk02PdXJZK-AtLItFpLEqV0bQAhKHqG9-fas
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Sep 2021 04:46:46 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d1fb0274-8171-47e2-bbe9-d03763b524e4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Sep 2021 04:46:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDiTKrnjgo_kLlsRzaig31U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 05F0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ2MTE0Njk0MDk3MTQ2MTQ1MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ2MTE0Njk0MDk3MTQ2MTQ1MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIYqt--ogEwAQ&v=APEucNWqXkB7e3dgtryhz7Sw8Q7JE4LXAOO1nXG6eFHJPaXir09A9Mqo-ONbesXlut83jfoo3AwLVjOcmuK6ozjL7wMLBueJnreul6owMnJFxnoEiFrCkhcDPKEkYM5lRBO0FtIeulb5Dz5TdKPDk02PdXJZK-AtLItFpLEqV0bQAhKHqG9-fas
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Sep 2021 04:46:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 07 Sep 2021 04:46:46 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9857bded-a5e1-4e89-93a1-485b821732c3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ2MTE0Njk0MDk3MTQ2MTQ1MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame E80C 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
Referer
https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 16:12:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45258
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Sep 2021 16:12:28 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/elements/html/ Frame E80C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFxamBXtMY0393_Ltu1IDg5zf_vVfItWzhngX2OpvHckyEC7bvy-Iz5_Fmiwb8fH9p3xqGqzqP7fNOvKTZDL3v8Q-8mVPESFnuvRiQaCDiDJn_P3CWtgJaywp3zkYvuuv6UD_-iwl5wwC8sR19PLQVEvuGwA&dbm_d=AKAmf-C1w7TcmPQFq6wykfCmQJevM6i-bT1TpvmBA0RaHGdi1XD4Y-HEsVsaEsNWC4_8vxfAw8VOrAb46csmbHQYgWzCPHNp0q9Cv6Np2Q6aAOOvhMdgvzIMuiz-dM6rfLMtbDx18a4_FhQ8-KwSsNdfUg8RQPEOJKetDRPJaYEVidEpFqRi2RXe8LY-7OdYaEb8kOf4ETUceH_-LxfvPRSwX4ZZq9ckHK0WqO4MX8gOSqUGSnF8MP1yUtdS9D7gYZgCiiwD2XgE1LXwONUOtgQq-jh9jiA3wmXh53z1Q-aZP5GFo2-njb4q1L9TtLzz1ROzeiA8f44xHKicmZ4jAGxe1njlbLk7JFwHSLmH_ragyS7EGImnGWPY3oK26RdByrRshDE6x5L370XzXCyxYPCZ29jbZwct1h7KIJNF2VjBQ4R71McydxgnvCY8WkjW-8fTSBrNu4Ri8TZ2Wm8k0lg2-_QiGbhSRvzE8LqcZ0WPwSafym2kYQMbLFlzn6rir2Fy0DS31D8vQ68mO3o9bVeti6iIJFNnQNfdaBZU58GKyFPAlUaJhp_tf3vC1Sq8gZd6O5szC-fwb1ylIlL-UvY3oWItbF38lFKPGuf1Y0YBoDYAwR26N2d97-Px1AiCxCojt6MzW2hlQISCs_uxFmYhEVJCPJlT1mSFWA80R9v3CdpNGlfwhv3V9BPGXDLJygUlnizVkxarzby7euFGFjWVn5ejYMMBipoZHHQtzjIMp_AGQ1lwKQDiliillO1A1PDgmerSof7IrOwPwpFc9Scwxk-Stb682u2QS8CwWDWyPTP3i-KjD1DKZrZGKHzDfN-qWKR2XzBza3-eHezDPFTBU3py7_FUW10fkzwzJJ2WCH2gtFWeQpYpKl3KWmaJlO-ziZWOIw0hLv0tHli0EX9cc2bXizVWRajMM_8zFFE6fn3d_cz_h08_TTNZT5JZkQn1agpEunZ7hgP6XTQp_XC6s_Cun44_WEVg96VLZkELbwu1-RoIaiLK6p3JBw3jKhCtJnigMbpR5kc4keVOQQsMQVj1F214hD0UO1bBtleUH-ioqEflfODGgfGUuugNpv6EH7ZgKAz_-ALR5dV4hlPBnO5Ti4BsI8i4wHMeSKydrkuaKSClHjgdYlYlS93Z4_ybdhkbKNPjbY5zFgjZYrMVflKOgqGIfF44yb4Yt4p__ALR3zu17DQHtakRJcM9JTeIpBEoSiAhShhGH5aTSvwUnankkUJoBNvU-cl3W0sMpSNffWr6dS-Pj-ky947Z6NJ167QGM92CDnXtyTdwX6Ur711IavRqSU5mOl9zit9jBwIdkzImcUFiht_enxYfF24dCmvClYHl5kwAu0ZBrbYeIfX3VF4A7W4wXTx3Qj5cu7tvwkHGnSrukpiAYP-kP4tSUNrVCVfbnCstgiZUH-uf-8yXz-ko2O9LYWAbUDTKUbh6Cj4P3ll2ccAtOSHB92jnmtpo9rzpIa77LDKpqz5zYnNSs9A7Djc3DzqjDhLtDKa-TLbLk_yDV99D2akI2ftCy8qvj8bjF6fov2lbT6-cKlik4AwY6Ub74QXh70YmCJp7mM1RQEVNolGjgas4i1tsdWSnMdQS7S_GXTHI_oA71YMQNZe4TsBWxmx_eeWSyTO4ZQQmQJJ5aBNreV7mFB5gvufSHm4qRwzGhMwzgFp9qXeceQ9XRG9RoaTQgPzJjgDdviimwLKKrDx2aacjFmjWCWg9vtxk_YyDkgJIbS-Zh_G7ov-qXqODYvk_r3Zhz3YscvVCOjgfImUjWSQ6pBB-KX1fbgfxioNOmwSfMCkeU3K1CbptX8XiD048Axzrye2f3e0MxHelTEP7NZQK3pDIULIfRctdMAx4vPQAkPGpzfljdEz92TGcw50ICOEOSgDnaINjcHeUgVxzwi39eS6_OtyAl81gfz9igoFP8FK5wBZ3zU21XYRVr5mMwHlBbv1CXMrO1ng4nObcJfel5xA2JrTAW8tMkxCNTPBYcu1HODLtuyeqqrbLTxqmydG17YCpV4ipKrlOPR4WfkAyuS1lPRu-x7S1AGTjfBRjoMZS_nt_ZWRq_x1qTfKmaKZGKEWDOy1Xg3iDM82gBHJZSOJLm4CNgYUBxg8gsnGbii6Csnu3R4nVNCZvhCtyyHAvjKSWo1Zle25x2WeWFqP2P6odGjn5r1deDm_-EEcrq_HxCFW1XQwErklIQUZRpedMxdDISCYYYyFn4P-RXL1RgUdaqGHWl4wNMNbd8r-6NGzvPgIwpDINELuRat4x7laAn2OMKmIpHxWB8u-YiSq1xdrun-pOJvdnrc47Kpw0ckGHW4JlcHYvuZaFJLEzYZoswy8HcH_cfKA1omXGJJhy2jjX9d1n7SsoFT8fN9cPtGr6SPGphbaayZE50Da7zG4iEj7nyrmrcnee7KURc8SCMF4tH1Vu1Dpl-cqLY7vfrYyddrWPtWGdtEglGwh0VLkMQTQNNqmwmg9-s6lx68yHnq-mAmWQ542US-VZ00JycMTEtvKPdKCX3Xswzf4q1UDJ41evrF_I0LI8aAL6gpieEoWVup-isNeQrXJyIX__mOgMrNs1pLDShRYpmIlzM34V52XWPwKpuakOnydcO2vy1B4ZeJbFbG2Peu8kWPG3DQ0kf-HNQBkLA1gtXUYXLCZmMbGkKd23FUrVJQ_ooguTxsmDqkXuTHW4PL-bJ5LZSjroUe5mB_MlgjPl_fCmAFqUzsqsj4g5L8PnirsM7qp_WCAL7y6Kn3itrDQZbVzW25WRFzUfpcBx-o1_bS0mI7gBK1HX-U2_eKoC-EQOe9Yf3GtXavYXNZB9fSYcycyQE5MpV7RT7lvdAuac3HvB2KiKRsqw2Ay5lVRVZF5LMyObc7QZaVxgip3HkwNCWwYey3qCCdD3fkUdG7b93wNedBDhSG_sR2pe5qpcgT-DRKeoa07JRwtJOunkMNrz4jZiIiptga_-oTCVdYcbdE2W3Nx8568RA7jABD0LLspfeR-NJs_8Iik-3dJIEAVA4O6TDSmwVTxe2eIrEf6i2eY3pzj457ZvIp65JdFto9fAVPyR2Colsm-P3gmEsc1o6SRlVpYVhQcvCgurr9iasPxvnsffjcDtcX7oqK0uyp5b9yUnzdqx1HUX76hj_mZkNvcXYK2qROo-Ybxfbcf2Ppihm_resQxQWOpmoeBiQoVqaoqE34V7PS_2vzMIqcdtQpYFxqZjs9M--9PCWXGwmmzl1_O0ifRn8NxjWB12giur9pXFJ0SZGHBdcIx9&cid=CAASFeRo7D_XMHHlg6gV65RobInwQyOx6w&rfl=1%2Chttps%253A%252F%252Fwww.semdinheiro.com.br%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
922
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Sep 2021 04:31:24 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/ Frame E80C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFxamBXtMY0393_Ltu1IDg5zf_vVfItWzhngX2OpvHckyEC7bvy-Iz5_Fmiwb8fH9p3xqGqzqP7fNOvKTZDL3v8Q-8mVPESFnuvRiQaCDiDJn_P3CWtgJaywp3zkYvuuv6UD_-iwl5wwC8sR19PLQVEvuGwA&dbm_d=AKAmf-C1w7TcmPQFq6wykfCmQJevM6i-bT1TpvmBA0RaHGdi1XD4Y-HEsVsaEsNWC4_8vxfAw8VOrAb46csmbHQYgWzCPHNp0q9Cv6Np2Q6aAOOvhMdgvzIMuiz-dM6rfLMtbDx18a4_FhQ8-KwSsNdfUg8RQPEOJKetDRPJaYEVidEpFqRi2RXe8LY-7OdYaEb8kOf4ETUceH_-LxfvPRSwX4ZZq9ckHK0WqO4MX8gOSqUGSnF8MP1yUtdS9D7gYZgCiiwD2XgE1LXwONUOtgQq-jh9jiA3wmXh53z1Q-aZP5GFo2-njb4q1L9TtLzz1ROzeiA8f44xHKicmZ4jAGxe1njlbLk7JFwHSLmH_ragyS7EGImnGWPY3oK26RdByrRshDE6x5L370XzXCyxYPCZ29jbZwct1h7KIJNF2VjBQ4R71McydxgnvCY8WkjW-8fTSBrNu4Ri8TZ2Wm8k0lg2-_QiGbhSRvzE8LqcZ0WPwSafym2kYQMbLFlzn6rir2Fy0DS31D8vQ68mO3o9bVeti6iIJFNnQNfdaBZU58GKyFPAlUaJhp_tf3vC1Sq8gZd6O5szC-fwb1ylIlL-UvY3oWItbF38lFKPGuf1Y0YBoDYAwR26N2d97-Px1AiCxCojt6MzW2hlQISCs_uxFmYhEVJCPJlT1mSFWA80R9v3CdpNGlfwhv3V9BPGXDLJygUlnizVkxarzby7euFGFjWVn5ejYMMBipoZHHQtzjIMp_AGQ1lwKQDiliillO1A1PDgmerSof7IrOwPwpFc9Scwxk-Stb682u2QS8CwWDWyPTP3i-KjD1DKZrZGKHzDfN-qWKR2XzBza3-eHezDPFTBU3py7_FUW10fkzwzJJ2WCH2gtFWeQpYpKl3KWmaJlO-ziZWOIw0hLv0tHli0EX9cc2bXizVWRajMM_8zFFE6fn3d_cz_h08_TTNZT5JZkQn1agpEunZ7hgP6XTQp_XC6s_Cun44_WEVg96VLZkELbwu1-RoIaiLK6p3JBw3jKhCtJnigMbpR5kc4keVOQQsMQVj1F214hD0UO1bBtleUH-ioqEflfODGgfGUuugNpv6EH7ZgKAz_-ALR5dV4hlPBnO5Ti4BsI8i4wHMeSKydrkuaKSClHjgdYlYlS93Z4_ybdhkbKNPjbY5zFgjZYrMVflKOgqGIfF44yb4Yt4p__ALR3zu17DQHtakRJcM9JTeIpBEoSiAhShhGH5aTSvwUnankkUJoBNvU-cl3W0sMpSNffWr6dS-Pj-ky947Z6NJ167QGM92CDnXtyTdwX6Ur711IavRqSU5mOl9zit9jBwIdkzImcUFiht_enxYfF24dCmvClYHl5kwAu0ZBrbYeIfX3VF4A7W4wXTx3Qj5cu7tvwkHGnSrukpiAYP-kP4tSUNrVCVfbnCstgiZUH-uf-8yXz-ko2O9LYWAbUDTKUbh6Cj4P3ll2ccAtOSHB92jnmtpo9rzpIa77LDKpqz5zYnNSs9A7Djc3DzqjDhLtDKa-TLbLk_yDV99D2akI2ftCy8qvj8bjF6fov2lbT6-cKlik4AwY6Ub74QXh70YmCJp7mM1RQEVNolGjgas4i1tsdWSnMdQS7S_GXTHI_oA71YMQNZe4TsBWxmx_eeWSyTO4ZQQmQJJ5aBNreV7mFB5gvufSHm4qRwzGhMwzgFp9qXeceQ9XRG9RoaTQgPzJjgDdviimwLKKrDx2aacjFmjWCWg9vtxk_YyDkgJIbS-Zh_G7ov-qXqODYvk_r3Zhz3YscvVCOjgfImUjWSQ6pBB-KX1fbgfxioNOmwSfMCkeU3K1CbptX8XiD048Axzrye2f3e0MxHelTEP7NZQK3pDIULIfRctdMAx4vPQAkPGpzfljdEz92TGcw50ICOEOSgDnaINjcHeUgVxzwi39eS6_OtyAl81gfz9igoFP8FK5wBZ3zU21XYRVr5mMwHlBbv1CXMrO1ng4nObcJfel5xA2JrTAW8tMkxCNTPBYcu1HODLtuyeqqrbLTxqmydG17YCpV4ipKrlOPR4WfkAyuS1lPRu-x7S1AGTjfBRjoMZS_nt_ZWRq_x1qTfKmaKZGKEWDOy1Xg3iDM82gBHJZSOJLm4CNgYUBxg8gsnGbii6Csnu3R4nVNCZvhCtyyHAvjKSWo1Zle25x2WeWFqP2P6odGjn5r1deDm_-EEcrq_HxCFW1XQwErklIQUZRpedMxdDISCYYYyFn4P-RXL1RgUdaqGHWl4wNMNbd8r-6NGzvPgIwpDINELuRat4x7laAn2OMKmIpHxWB8u-YiSq1xdrun-pOJvdnrc47Kpw0ckGHW4JlcHYvuZaFJLEzYZoswy8HcH_cfKA1omXGJJhy2jjX9d1n7SsoFT8fN9cPtGr6SPGphbaayZE50Da7zG4iEj7nyrmrcnee7KURc8SCMF4tH1Vu1Dpl-cqLY7vfrYyddrWPtWGdtEglGwh0VLkMQTQNNqmwmg9-s6lx68yHnq-mAmWQ542US-VZ00JycMTEtvKPdKCX3Xswzf4q1UDJ41evrF_I0LI8aAL6gpieEoWVup-isNeQrXJyIX__mOgMrNs1pLDShRYpmIlzM34V52XWPwKpuakOnydcO2vy1B4ZeJbFbG2Peu8kWPG3DQ0kf-HNQBkLA1gtXUYXLCZmMbGkKd23FUrVJQ_ooguTxsmDqkXuTHW4PL-bJ5LZSjroUe5mB_MlgjPl_fCmAFqUzsqsj4g5L8PnirsM7qp_WCAL7y6Kn3itrDQZbVzW25WRFzUfpcBx-o1_bS0mI7gBK1HX-U2_eKoC-EQOe9Yf3GtXavYXNZB9fSYcycyQE5MpV7RT7lvdAuac3HvB2KiKRsqw2Ay5lVRVZF5LMyObc7QZaVxgip3HkwNCWwYey3qCCdD3fkUdG7b93wNedBDhSG_sR2pe5qpcgT-DRKeoa07JRwtJOunkMNrz4jZiIiptga_-oTCVdYcbdE2W3Nx8568RA7jABD0LLspfeR-NJs_8Iik-3dJIEAVA4O6TDSmwVTxe2eIrEf6i2eY3pzj457ZvIp65JdFto9fAVPyR2Colsm-P3gmEsc1o6SRlVpYVhQcvCgurr9iasPxvnsffjcDtcX7oqK0uyp5b9yUnzdqx1HUX76hj_mZkNvcXYK2qROo-Ybxfbcf2Ppihm_resQxQWOpmoeBiQoVqaoqE34V7PS_2vzMIqcdtQpYFxqZjs9M--9PCWXGwmmzl1_O0ifRn8NxjWB12giur9pXFJ0SZGHBdcIx9&cid=CAASFeRo7D_XMHHlg6gV65RobInwQyOx6w&rfl=1%2Chttps%253A%252F%252Fwww.semdinheiro.com.br%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1054
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9263
x-xss-protection
0
server
cafe
etag
16747441857000454541
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Sep 2021 04:29:12 GMT
Mercedes_C_Class_300x250_V1.html
s0.2mdn.net/10160029/1626153496107/ Frame 7045 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10160029/1626153496107/Mercedes_C_Class_300x250_V1.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71bed259a5c134d82bc77a990c61e0b625b60504cc73e6ea7853ab552ef70aa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/10160029/1626153496107/Mercedes_C_Class_300x250_V1.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2497
date
Mon, 06 Sep 2021 22:07:20 GMT
expires
Tue, 07 Sep 2021 22:07:20 GMT
last-modified
Tue, 13 Jul 2021 05:18:16 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
23966
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame E80C 		0
333 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuKst-cZt-JNoDXFlHFT3AoX3n0WdEMMLKteLNjQRaCF7m0-v2C8tjP9rnrvJQEfD-LXUlbP_nRWNw10OQe4eWY3ETIp4DE52RMtl2k9EbzFRG6XOeHkxHcrnTvn0hgsSBPfJsEPSa_qfmVoxrsQO0IUl53v7zwIp-N8f72siuImdETbklt4R5oq-x4QrYSuth7Mbj6BtNkSWWbz0rxiTy2ADY_hsH35EL9juuQ4uHhv1SZkT6_z4Q0MMfuRy0G6bPosOotegNWTCg-F1UhbN-f39xEO-vnM6XOPbTXBq6bFKQ58l4UF1XorCatod49EdTA8YoZagDNGVaWPcO6boO7FOhbDWtXYbGoyCn1CVDi5CqNIraERPbxsONVZobWcGC3b5XiH7ItN03d9qxwuGVh2RTuEgIZy_-xOPl-b_jTiF8WgRzw9kozeIEl_zHfrn0XrE-IxaYaQDHWemBlu8IQmmt4EFRuHu8vtBlcLw1GWyk2AEBMGTckEbl5VljvrksiAsifXoasj6v7Ao-y3b8BliNmIXRx0vYHACzo-Ap0P52pUeg-8rM5HO0Vcu4zvIkj29z0UaNnjuogRK-n51pSSPjvzM1-5r5sV8oZo7vg4DlPUT_9K4felwM1pBeXYYlTV9y9lAxLIjsAn0LphLMjOlAyJoh_4Y452aV2oLHZEnCH2TCAUlTsmXoFpze2N8kZXfZn8XifKFvQti92wfB6lPeL9-mzk_0oYJEv6TAzkjRz_GtPAbVfk-_-VjGjbghSmRImEjSe0LwRgxD3grjY7I11fRQK0gvU0ga2A3oCXYHTkfw7q50uAMPyPQmXavjFSH1WgM9X43-trZeBPihIV5VQFZP2O7lJhbRWXe1aZl322w0HSwfPFcPA-_R_j84i7BuCOYubK1xuIigVdm-s9DNy8ml_QiyGTHA7TtbpEVVFpCL5W_zxSPJ_XqgwbRJeZFogELDG_or6lMd-7C_W6Xx6VNzMYfSehAjb2FuhWH3I9ABr6C4Dpce6ZwJNh7-Sj_WaAkCtesqzAGKtjaahVrGE8vqp_1LRj6o7mhWTthvWfckSss5CEtVQvvw9GbkwwPj2VMABR1fSmsMHHr4zt8eB1vlj9XipyxVKSUjcsgSFMSIBphGw-7bpZDAIv9yZM8-Li6uNI_YOeRqWZVEV-tIVrzWkOHRw5fl-AvTVHrVobU0&sai=AMfl-YQDRs36Cm1A9mkeSAJXgD__OmqYz8YnPwNXeQ97lpKWvcZuiWXixDJ6lv1Dq230bP1uMjChMA8nWcC_RNjFYJ4tqM9gn4Q6QapBfM1PHpAd9MPKvWrU3x-7XeqnmvQu_RMfeqJJn8UuCJANjXnxvaOifvVlc5aCPb5AKwY&sig=Cg0ArKJSzI3i0tsQr5qIEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=109&cbvp=1&cstd=106&cisv=r20210831.53849&adurl=
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 07 Sep 2021 04:46:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ad_impression.gif
beacon.krxd.net/ Frame E80C 		0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=u0zbj4cak&_knopii=1&campaignid=25571035&advertiserid=10160029&placementid=299567081&adid=492764826&creativeid=154283578&siteid=6333601
Requested by
Host: b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
URL: https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.170.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-170-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:46:46 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1630990006
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by
beacon-n002-dub-prod.krxd.net
x-no-pii
1
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E80C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
URL: https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 10:19:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 05 Sep 2022 10:19:53 GMT
truncated
/ Frame E80C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4ebda81225658f0c044005f6a8c01245ed52947c7c37a8d426af9abff126e0a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 695C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sun, 05 Sep 2021 10:19:55 GMT
expires
Mon, 05 Sep 2022 10:19:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
152811
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js
pagead2.googlesyndication.com/bg/ Frame 381C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 01:18:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
12510
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13264
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 12:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Sep 2022 01:18:16 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 7045 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10160029/1626153496107/Mercedes_C_Class_300x250_V1.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1626153496107/Mercedes_C_Class_300x250_V1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Sep 2021 04:46:46 GMT
Mercedes_C_Class_300x250_V1.js
s0.2mdn.net/10160029/1626153496107/ Frame 7045 		233 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10160029/1626153496107/Mercedes_C_Class_300x250_V1.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10160029/1626153496107/Mercedes_C_Class_300x250_V1.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92ddf1dcd26899a93869ea0f82ff3b9ac87db0592de5b21d430183b732bd2733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1626153496107/Mercedes_C_Class_300x250_V1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 22:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24271
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33169
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 05:18:16 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 07 Sep 2021 22:02:15 GMT
img_1_300x600.jpg
s0.2mdn.net/10160029/1626153496107/images/ Frame 7045 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10160029/1626153496107/images/img_1_300x600.jpg
Requested by
Host: b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
URL: https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4758605b7e8246a3a082bd5fe596e4748246977eadea9b28a3bf0be1adaa8300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1626153496107/Mercedes_C_Class_300x250_V1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 22:01:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 05:18:16 GMT
server
sffe
age
24314
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37015
x-xss-protection
0
expires
Tue, 07 Sep 2021 22:01:33 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E80C 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuKst-cZt-JNoDXFlHFT3AoX3n0WdEMMLKteLNjQRaCF7m0-v2C8tjP9rnrvJQEfD-LXUlbP_nRWNw10OQe4eWY3ETIp4DE52RMtl2k9EbzFRG6XOeHkxHcrnTvn0hgsSBPfJsEPSa_qfmVoxrsQO0IUl53v7zwIp-N8f72siuImdETbklt4R5oq-x4QrYSuth7Mbj6BtNkSWWbz0rxiTy2ADY_hsH35EL9juuQ4uHhv1SZkT6_z4Q0MMfuRy0G6bPosOotegNWTCg-F1UhbN-f39xEO-vnM6XOPbTXBq6bFKQ58l4UF1XorCatod49EdTA8YoZagDNGVaWPcO6boO7FOhbDWtXYbGoyCn1CVDi5CqNIraERPbxsONVZobWcGC3b5XiH7ItN03d9qxwuGVh2RTuEgIZy_-xOPl-b_jTiF8WgRzw9kozeIEl_zHfrn0XrE-IxaYaQDHWemBlu8IQmmt4EFRuHu8vtBlcLw1GWyk2AEBMGTckEbl5VljvrksiAsifXoasj6v7Ao-y3b8BliNmIXRx0vYHACzo-Ap0P52pUeg-8rM5HO0Vcu4zvIkj29z0UaNnjuogRK-n51pSSPjvzM1-5r5sV8oZo7vg4DlPUT_9K4felwM1pBeXYYlTV9y9lAxLIjsAn0LphLMjOlAyJoh_4Y452aV2oLHZEnCH2TCAUlTsmXoFpze2N8kZXfZn8XifKFvQti92wfB6lPeL9-mzk_0oYJEv6TAzkjRz_GtPAbVfk-_-VjGjbghSmRImEjSe0LwRgxD3grjY7I11fRQK0gvU0ga2A3oCXYHTkfw7q50uAMPyPQmXavjFSH1WgM9X43-trZeBPihIV5VQFZP2O7lJhbRWXe1aZl322w0HSwfPFcPA-_R_j84i7BuCOYubK1xuIigVdm-s9DNy8ml_QiyGTHA7TtbpEVVFpCL5W_zxSPJ_XqgwbRJeZFogELDG_or6lMd-7C_W6Xx6VNzMYfSehAjb2FuhWH3I9ABr6C4Dpce6ZwJNh7-Sj_WaAkCtesqzAGKtjaahVrGE8vqp_1LRj6o7mhWTthvWfckSss5CEtVQvvw9GbkwwPj2VMABR1fSmsMHHr4zt8eB1vlj9XipyxVKSUjcsgSFMSIBphGw-7bpZDAIv9yZM8-Li6uNI_YOeRqWZVEV-tIVrzWkOHRw5fl-AvTVHrVobU0&sai=AMfl-YQDRs36Cm1A9mkeSAJXgD__OmqYz8YnPwNXeQ97lpKWvcZuiWXixDJ6lv1Dq230bP1uMjChMA8nWcC_RNjFYJ4tqM9gn4Q6QapBfM1PHpAd9MPKvWrU3x-7XeqnmvQu_RMfeqJJn8UuCJANjXnxvaOifvVlc5aCPb5AKwY&sig=Cg0ArKJSzI3i0tsQr5qIEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=295&vt=11&dtpt=186&dett=3&cstd=106&cisv=r20210831.53849&adurl=
Requested by
Host: www.semdinheiro.com.br
URL: https://www.semdinheiro.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 07 Sep 2021 04:46:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img_2_300x600.jpg
s0.2mdn.net/10160029/1626153496107/images/ Frame 7045 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10160029/1626153496107/images/img_2_300x600.jpg
Requested by
Host: b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
URL: https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c3b88fa54ad6fc2f560c7ab544817fb893af1d3834b8f967e7cb36d29f0ec8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1626153496107/Mercedes_C_Class_300x250_V1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:39:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 05:18:16 GMT
server
sffe
age
422
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36053
x-xss-protection
0
expires
Wed, 08 Sep 2021 04:39:45 GMT
4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js
pagead2.googlesyndication.com/bg/ Frame 695C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 01:18:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
12511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13264
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 12:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Sep 2022 01:18:16 GMT
img_3_300x600.jpg
s0.2mdn.net/10160029/1626153496107/images/ Frame 7045 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10160029/1626153496107/images/img_3_300x600.jpg
Requested by
Host: b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
URL: https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6f1a3dc3de1842403be71171bb68558b6d162df76e919ca44822853e6c38951
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1626153496107/Mercedes_C_Class_300x250_V1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 06:53:01 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 05:18:16 GMT
server
sffe
age
78826
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35230
x-xss-protection
0
expires
Tue, 07 Sep 2021 06:53:01 GMT
MB_Icon.png
s0.2mdn.net/10160029/1626153496107/images/ Frame 7045 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10160029/1626153496107/images/MB_Icon.png
Requested by
Host: b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
URL: https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3daf558c21ccdc448007ab7e08b3e10159aac6e5055ac13567742197d1cbd0fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1626153496107/Mercedes_C_Class_300x250_V1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 22:07:20 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 05:18:16 GMT
server
sffe
age
23967
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2765
x-xss-protection
0
expires
Tue, 07 Sep 2021 22:07:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 695C 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfGFHtu42YaSuKtH43gPCpZ64BgAAAAA4AeAEAg&bg=!bG-lbyvNAAYJpm41CaY7ACkAdvg8WtbVacuafzPzYp6KTH7lWXi9WEAJXme67ZpGLm_36rhxdUjn2AIAAAESUgAAACBoAQcKAMxOfNpURfmf8sgVVZlk4JcBuHXNEuKPLvVZHTgM6n3CmSE6Rx743wIpUjUwMhXY10lqXKPD4eSztyRCH_VpF9RJJJ04z4W-meL8Dz9_9spq6Tu1TbyHJl8PtCOepBNEdVeD3mfMd2Blpq8_8ahJ5jPGJAs6stsM2Ls4ctgzcCt9RywieDlCNoJKhTIpkjKfvRi3j5vdjR48MR31auXoO5bhBnArAietPZ85NSKIsLk9mFhpfPLq7-MkKT7YJqRqakCF2ycQYUZcQq0GR8GZAsodbtyHsrKEWt_HvIvOUNRfNKEXkIsD4NaVWa_aqgLKZmNuQsB4-l1_pk6OhtMqKxovPJ-RSDCEPpAEiP-tocZtNSyeuA5-oFVTcYjp-sRipMlTgDBUsRslYuH0KUE_NZ07VHdgIExOr9t3Xrj2T7xQ6cHGdknnSSTaWxPTGHmTzv1S2PH2UAnN9uznXXpd69rJVKzIJLy4aEYDySMDVbF2-vjK7XraMK4mmOYFzLBT7RMfdzxeDPVtbyBjhA5KAO9R3OsfrStwF3v-EAMyQ1tNQ8Gp-85q4ULCG5LYdr6yPPINMeS64xNoDCQ9wERf8G_16QplBsu17fwMXOVDdxpueQPgg2-epeDFd-R1IVRgpZBOZWupW7ub5IOUhdVWLjsSMIFJK_kA2FowItbwbzJq6omyMl2r2zCi5qPKJldfPDB2MYrr7CpJsOIP_wgaSr5jcRZNg5WqT92Ec6nrMweJlurnEoUnhBn1z8JMyRMc9vc9K-HnHU1LPOx2HkOB3Xv-RxjzzWbx6ocZUsOsSXzTrtYS4k6KrB4xnXricVGWNFIIvX2HR4qBIKVhLCNFKll-TE6M-N3S19CwWQm6NMRFxjzw32CZNbFmdBHmdA8BJo02FWGed7JZDOUdD-dgBINZivrEnjpoUfZSRrT-4ctW0xLDTU22YXXpB7XLOJi6_ZIZXjx8sjUEFvuewqk1aFGcPxVKQm3K7ZpMpaoqPO2w8B8y3eqGDdmXEmdN6uW2BFF9vNNELSoQtkJNGRgTf39WEwWT92z2sUt1YDMuRHmQ40wR4FW_Ar13FYizZ3YNgZghbOT9dJG3JeQ-8I4OzpVEvQHUrtFcm2cLonKt3wYVYER9e-rigzi9NUD-xUTvSKaOLRquWd_IUhW0Mv2oQE9AfloyAIL1MgMbEDz5Zf9ZcEPiJDJJILO-1SHNSMCNqdecC1-PsyinTZY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Sep 2021 04:46:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9248 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdYJWN8COrD_aHTxSwaV7czqd-ebwXkjhTDjEer2Rn2n0J9iBCfAgeQtb_26EmPxdOgcqML6sb_PN-lQElPD5VxwYwabrLzv8musP2jmH3sgfTKrcLq2HCty6QmQ&sai=AMfl-YQK5bpRLc5TCFBxzaTbvMMXf-tR566jzY0ihnKZUdCjzUNWx26N-k2HlleHKgTJ1hE41NOuAIVljr2t&sig=Cg0ArKJSzL-yM4Sw-OVlEAE&id=lidar2&mcvt=1000&p=1106,298,1230,1303&mtos=93,770,1000,1082,1264&tos=93,677,230,82,182&v=20210901&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1812271801&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630990006292&rpt=110&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Sep 2021 04:46:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5745 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CHu9Mte42Yen0Ovig7_UP_4OSqA7asMDwZLy5iujrDqCHgOyQAhABIJi10ANg0YG5gtAHoAGC76PeA8gBCakCxGJt59FwhT7gAgCoAwGqBIcCT9BZ4DlkQINbUMyN79GEWFs1ygl2K68KL7Q0DxW7n6qA622Klp33Xe8OKWOw8PE-x-ShQbutOhrUPd42kNX775fRudln1aoC8Nlxqvi9TMhaKNLREJgsKJwBQOuPPLwsf6u5G2z_PGV33dT4sZrGHJCcTerJ3ad4BTHXvKT395UvuKvDtNTQl9lJYOmiDQbMd9OYgTmjH-ZM56Po-oFtCaIQv8YtL7xtJjdoXvOFAdddgIiwEENBmC3v1pgCaTYZ0UFDzvIydpfAVgJeRkbF4PKjkQDdWrwo3uRQNpveSLMukXpmn9ZqpmtcrB46Fl_y8aRwbGO8uMMlWErCYbNcWOZ0yd5eqeXABOLEkPTKA-AEAaAGLoAH5pDcIagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQ_LYj0ggJCIjhgBAQARgdgAoByAsB2BMD0BUBmBYBgBcBshceChwIABIUcHViLTE4NjM1MzIzNTY0ODkzMjcYvJYH&sigh=Ij32CXeLXCw&vt=1&template_id=419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 5745 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss2KsOTf6lCqpj4GlalL4D3lGp7WccZqwYocAb1ucuT24t_ytFh4oJ3NyN2ec7L-6PpXu8qaTAfCJg5voU9l5ZwGKzGL82vZVIfDKLNMmN5Fp-D1cwiZcaJpzf7enbFgS_w3_buCU0wJUPaeoIdYw87&sai=AMfl-YQKD1tYtMW_DuN4Y8S9d3JspFfrUDqj-MO2MQxw6Q6rRTev8CH_KWUAlYqR0fJd3j0_gH7Q38XW_nUTY4H2pEF4acaXdYatCtiiFP9sffnVicmfkmdStaGJgLxUp9o&sig=Cg0ArKJSzPtrYhDgzztkEAE&id=ampim&o=1040,592&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=100&tls=1101&g=100&h=100&tt=1101&r=v&avms=ampa&adk=966959738
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.semdinheiro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Sep 2021 04:46:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E80C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuc-nOZCUZRYVeEdT8jiocs_ssdjbf33-h6_e1OKTmCFP7ZlC4jpRupdqF9H7HUi7zsrq674L1cEd2rybgSSj4TwvOHY0JTGkZ2_LYsnzaqULxNr4V21bIaNPC5Mw&sai=AMfl-YSlor_-J7E7Y38DMRNZD1T4lIf3mmFeIZUl9OvndDJVf5tOomdYgPfVt-qeZqta02Lb0Jv5P4k3GgWGlLNcL1jB9yWBpNWxUrJy_31z-IdusfdIFE8VYQooczxTchg&sig=Cg0ArKJSzN5nhREhWC0HEAE&cid=CAASFeRo7D_XMHHlg6gV65RobInwQyOx6w&id=lidar2&mcvt=1006&p=448,454,698,790&asp=448,454,698,790&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20210901&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1158973388&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630990006586&rpt=297&isd=0&lsd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Sep 2021 04:46:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| updWH function| elV function| llAdd function| llDel function| trackLink object| keys function| preventDefault function| preventDefaultForScrollKeys boolean| supportsPassive object| wheelOpt string| wheelEvent function| disableScroll function| enableScroll boolean| menuVisible function| toggleMenu number| vpw number| vph object| gptAdSlots object| dfpDivs number| iDiv number| dfpRefreshing function| rSc function| divN object| alwaysShow function| awS function| crSlot function| prAd function| showAd function| checkAdsToRefresh object| adsbygoogle string| google_analytics_uacct function| ga object| googletag function| p function| h function| v function| supportsDirectShare object| icons function| sharePage function| _extends function| _typeof object| myLazyLoad function| insertScriptFileToFooter number| readStateTimer boolean| loadScriptsFired function| scriptFireEventListener function| addShareButtonsAfterPost function| LazyLoad object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_image_requests object| google_llp number| google_lpabyc object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

0 Cookies

1 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2108170213000 https://www.semdinheiro.com.br/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
adservice.google.dk
b6a8847380f1ca6bb262f0fd34a3865a.safeframe.googlesyndication.com
beacon.krxd.net
cdn.ampproject.org
cm.g.doubleclick.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
p4-bcxem4fqnq4je-qfoviwag75a54lw4-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.semdinheiro.com.br
108.128.170.1
142.250.185.130
172.217.23.99
185.33.220.145
2.18.234.21
216.58.212.130
2606:4700:3037::6815:3a9a
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:400c:c04::9b
0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467
09d5568c97549dd22dc3969a529ea49e28f116d62d7248de3d3499eec4299680
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
151780b49b7b13d9539db0642f2d707e82bee0ff903bd4d2628ee6b9beda1771
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c3b88fa54ad6fc2f560c7ab544817fb893af1d3834b8f967e7cb36d29f0ec8
1c484500d1720fd68f0bd563a9d57de71f11f4cf889ac62322a96b7d313b9f8d
1f724c98781d62c7fde69384bebad645d727d4a17bbc004e858f99b15385441b
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2dcabc8d3763ed42152f14999c355cc9a5d4cea098faf887f35e8cf83a9d6b9f
2f3f47ae8d1ec1b01d85be83a62ea8386a2136f153d8ef048922a3a883832737
331c8dbc087f677d4eca8035d19626c0662a712b95d0d78bbeba05b7c3bbe7dc
33ce4f7878eef46d87e204217f8661b2a68814b5bffbd862fdfe2f47ae3e20df
37a317c7f29c9b687bb4a8df1b351714f6e1dd46f65bf335e68ef9aed42950c2
3daf558c21ccdc448007ab7e08b3e10159aac6e5055ac13567742197d1cbd0fb
4758605b7e8246a3a082bd5fe596e4748246977eadea9b28a3bf0be1adaa8300
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba4f03d644108ae2dff304721f52e1effe1cb008696b92fe123a8a6c588a651
4e4e2c62246285fe96599c8ee4b6a0299b5d235f8052f89be8847ca0881d08b7
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f36dfa6fece434e88e474d214553f6dc1972a8b05f4cdcc3db65890644bd7a
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e
6448ef071c7a1ac9dbf3c12b7a5752eb6f999bf6939d049b53f058233e1f5c37
6fa643b0a6558388fdc9c181ee28b171bb8f233c7566b51811ea21e2c6345532
71bed259a5c134d82bc77a990c61e0b625b60504cc73e6ea7853ab552ef70aa8
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
75cbe22db5f876e3a148bc521d3fe66468f8dbf4edb943c17da2ce21747b3a11
76e4ffff7a5aba26ad0e079bf40d373014354f10a188b249d9f68565a1c36ab9
80892379c6819fd3fac2bc7e5dd0334f26d3685b0045a92874781e3e18722f2a
821bdc4f69b0d71c8ee65e9e97c232e0a127004991b92133da9019dbe8f90047
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad
92ddf1dcd26899a93869ea0f82ff3b9ac87db0592de5b21d430183b732bd2733
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9eb595a034aae0e708414f2eb5581eeae6fda8f2ef6623ca6963f453689d4156
9ed355324a83393e0bd1a28583ade2864bb1062a9a2c2cc7821963aec420c0bb
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a213b67eebe575881cc62cd8800129e15d9ca92049b2e37832bf83d9fa2ed79e
a47b7875f70657c2f4cf31eee41926903a29284f8484067367566bbb541ea6b0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a66c6f0bef24c44e0e1d6fa6b255760094f9c282cbb12a71fb734043530f3244
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c4ebda81225658f0c044005f6a8c01245ed52947c7c37a8d426af9abff126e0a
c6f1a3dc3de1842403be71171bb68558b6d162df76e919ca44822853e6c38951
c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f
cb658d8af264091d320d32e952cb1756ea0145c2f6497b182a39e7ce4e466653
cdc907d023e27d4d57ce19176f3b380a1edef640497836659b2381b0bbcc56d5
d89344e694dd6171ddc0306fa7da74126e4c07134f24dc667a8693f3ee053a33
e0b11737994bb85724bbbd13f2fcc1495b59b320179704797a3f84a16cf29d3c
e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e894d700ed15093f56d683c11b94ddba4a3ac4364f6328289e6011fae5a2234f
ea42299d7703348435f334f4e389bae68f34540aa47645b654bedfa08a7cacb1
ed2e3a62be83ddda79eb1312d3da002272b51c438c3e41db9590d8040f213bc0
ed63e9f503e7399c37453aec708e33592825f45fb9b7ff9f3e3b61cc212f7a1c
eecc32061bb50dc4ee7b9861db5cc784198d65c6b798ed3b4e393b6b692d5798
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3
f706606d4c1d2ffd2e5098a949a1e1773cb9953e61203b700a24cfff74f4e905
fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61
fbbb7987b6be3a749b1aba66bf151578e2c2f96873cb690caa531d238ef09c70
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fea1263b193ed6d4fa7a73f21ca4bd22ccafde631b5a67283e803d42d6c13d48