smiles.iclou.com.br Open in urlscan Pro
5.161.90.154 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://voesmiles.com.br/
Effective URL:
http://smiles.iclou.com.br/
Submission: On April 12 via api (April 12th 2023, 10:29:23 am UTC) from US — Scanned from DE

Summary HTTP 166 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 34 IPs in 7 countries across 33 domains to perform 166 HTTP transactions. The main IP is 5.161.90.154, located in United States and belongs to HETZNER-CLOUD2-AS, DE. The main domain is smiles.iclou.com.br.

This is the only time smiles.iclou.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	5.161.90.154 5.161.90.154	213230 (HETZNER-C...) (HETZNER-CLOUD2-AS)
1	13.58.124.244 13.58.124.244	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
8	2606:4700:303... 2606:4700:3034::6815:5f5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2 24	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
24	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 14	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 3	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
2 4	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
2 2	213.155.156.180 213.155.156.180	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2.23.68.89 2.23.68.89	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6812:7f05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
3	35.176.154.189 35.176.154.189	16509 (AMAZON-02) (AMAZON-02)
1	65.9.95.34 65.9.95.34	16509 (AMAZON-02) (AMAZON-02)
2	18.168.95.84 18.168.95.84	() ()
166	34

6 5.161.90.154 (United States) 1 redirects

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.154.90.161.5.clients.your-server.de

voesmiles.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
smiles.iclou.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.58.124.244 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-124-244.us-east-2.compute.amazonaws.com

contatonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3034::6815:5f5f (United States)

ASN13335 (CLOUDFLARENET, US)

redirecionador.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.74.118 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.19 (United States) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (Hessen, Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.217.42 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.180 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-180.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.68.89 (Düsseldorf, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-68-89.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.130 (France) 1 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.176.154.189 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-154-189.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-34.prg50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.168.95.84 (None, )

ASN- ()

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	380 KB
32	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 228 ad.doubleclick.net — Cisco Umbrella Rank: 172	135 KB
28	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 26975 ad4m.at — Cisco Umbrella Rank: 9897 assets.ad4m.at — Cisco Umbrella Rank: 39498	1 MB
15	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 90 cse.google.com — Cisco Umbrella Rank: 3131 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 456	411 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	134 KB
8	redirecionador.info redirecionador.info	461 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	244 KB
5	google.de adservice.google.de — Cisco Umbrella Rank: 7832	1 KB
5	iclou.com.br smiles.iclou.com.br	61 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1320	923 B
4	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 115789 static-de.ad4mat.net — Cisco Umbrella Rank: 149981	7 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	3 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18634 api.webgains.io	31 KB
3	webgains.com track.webgains.com — Cisco Umbrella Rank: 34696	50 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463	3 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 779	2 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	49 KB
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 17281	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5011	653 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 913 r.turn.com — Cisco Umbrella Rank: 3710	869 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 368	529 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 804	1 KB
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 49253	630 B
1	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 49757	652 B
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 70298	473 B
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 88501	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 77468	434 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 80279	261 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 828	340 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1512	588 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 980	605 B
1	contatonline.com contatonline.com	367 B
1	voesmiles.com.br 1 redirects voesmiles.com.br	236 B
166	33

	Domain	Requested by
24	tpc.googlesyndication.com	2 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net contatonline.com
14	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	smiles.iclou.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	assets.ad4m.at	as.ad4m.at
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
8	redirecionador.info	smiles.iclou.com.br redirecionador.info
7	www.google.com	1 redirects cse.google.com smiles.iclou.com.br googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.googletagservices.com	googleads.g.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
5	adservice.google.com	pagead2.googlesyndication.com
5	adservice.google.de	pagead2.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
5	smiles.iclou.com.br	smiles.iclou.com.br
4	sync.teads.tv	2 redirects googleads.g.doubleclick.net
4	fonts.googleapis.com	smiles.iclou.com.br googleads.g.doubleclick.net
3	track.webgains.com	as.ad4m.at
3	ssum-sec.casalemedia.com	3 redirects
3	image6.pubmatic.com	3 redirects
3	cdn.jsdelivr.net	smiles.iclou.com.br
2	api.webgains.io	analytics.webgains.io
2	ad.doubleclick.net	2 redirects
2	www.awin1.com	1 redirects as.ad4m.at
2	static-de.ad4mat.net	as.ad4m.at
2	d5p.de17a.com	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	um.simpli.fi	2 redirects
2	prod-rtb.ad4mat.net	contatonline.com
2	cse.google.com	smiles.iclou.com.br www.google.com
1	analytics.webgains.io	track.webgains.com
1	pb.media01.eu	as.ad4m.at
1	pv.medialead.de	1 redirects
1	www.conrad.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	onetag-sys.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	clients1.google.com	smiles.iclou.com.br
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	contatonline.com
1	voesmiles.com.br	1 redirects
166	45

This site contains links to these domains. Also see Links.

Domain
smiles

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh

This page contains 25 frames:

Primary Page: http://smiles.iclou.com.br/
Frame ID: C77A587519EAA064EC231E71281AB20C
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20190131/zrt_lookup.html
Frame ID: 3BBC6C6246F15586EA328C41E26D1F44
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&adk=1812271804&adf=3025194257&lmt=1681295357&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_l%7C308x810_r&format=0x0&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&ea=0&pra=5&wgl=1&dt=1681295357533&bpp=6&bdt=107&idt=228&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4428690245185&frm=20&pv=2&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=261
Frame ID: 6F92E494A59FA6406AA2360BCBF335BB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=3582736694&adf=865389875&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1681295358&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681295358011&bpp=3&bdt=585&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0&nras=1&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pbJKU1bV81&p=http%3A//smiles.iclou.com.br&dtd=12
Frame ID: 106E8392319CF5604844860A847E67E1
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1681295358&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295358011&bpp=1&bdt=585&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280&nras=1&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=fcpATTfosI&p=http%3A//smiles.iclou.com.br&dtd=20
Frame ID: A5D2F8584B56B7635081E3CCDF11337C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2CCC81C4FEB15F05044D091E6B43F6AE
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=530165087&adf=4093038968&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1681295358&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681295358695&bpp=2&bdt=1268&idt=2&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=9SxFznx9tb&p=http%3A//smiles.iclou.com.br&dtd=6
Frame ID: C7F508102DCCAB1FFACCCABE310DD4BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DD8025262968083A043C44777012E1AC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1681295359&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295359398&bpp=2&bdt=1972&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8jpcf4mis4&p=http%3A//smiles.iclou.com.br&dtd=6
Frame ID: A5E51E900F76797D71658BFE1A73BFE1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1681295359&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295359398&bpp=1&bdt=1972&idt=0&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280%2C336x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=sOT00fOH3C&p=http%3A//smiles.iclou.com.br&dtd=11
Frame ID: FD7F1F99C6853B052055AA4C67238814
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CnFRy_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE3QFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE-A0Svsx4hdsQSrsavUD6OXdQXXWprw67uANUuj8-ozScOlUhtK6IAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODg0NzA5MjM2Mjc0ODM2OBgA&sigh=u1V3FVGUq1U&uach_m=[UACH]&cid=CAQSOwDUE5ymiS5fZAzqDzxPyF1Yz4Lj3psw2rzWBpYE6MbWrEF6jv3tfnp_FWQlMp5tkeiqW1ZJpnyyGV_eGAE
Frame ID: 94B506EF8AACEA6A6FC5FEF88A9D3EBE
Requests: 6 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gr02ap95x7v9v0s3t8egbpdxyaykpqwdh435zjt5e7z6jzsty0cmwqf5gt1k4xpe6jcq1bqq84mqah7q2annxbj6p1ftkfygjjj5v4xd59x4qrv8efy0tm1n3wrpx1msj00s4g9rd6zf065t95gde1fzkntgyqjgb1geyy6xr44fxz2r0r2zb34wtk661e3qy1rrh4b1r7s94deken8egp4ttk991a3xnswpwk19knbma7qk3hsk8q7hpbjghrc30m8fdw39r4r5pde4ehm8dj7975a9jnh4hhk3a7x83rtr02v69aepsq23c61b1tpt5wx1me5yf2w0b2k5hpm3mr9r38tgd0dgt8xrzwyh7s59bf08ysqgsamc141h4yj9yn1h3cf3qecday9p3fh627w93prkbaq1fqt3j90y7egy6q8wq3tyvrhvpn0yw4c33ackgk3d0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%26client%3Dca-pub-8847092362748368%26adurl%3D
Frame ID: 23247018CAEA1391AA0261D6A7F846C6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DBB261C26CBFF31C18CF00B3BD4C4AD4
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1681295359&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681295359894&bpp=1&bdt=2468&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280%2C336x280%2C336x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I%2CAHQMDFfuHpNmyhYXmePvf-SjZZ_yNP2nIVplsL35_PL24AOq-S2_YZfu9zFxqEFJ2w_lxe-jQl6pVwvikK_u0ZGzr78oSA&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=YXyzTYq0du&p=http%3A//smiles.iclou.com.br&dtd=9
Frame ID: B1A442A44025F9FF639EFB4D686A6BD2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cia0j_4c2ZKzHIoKKjuwPreq8gAKQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE3QFP0HswVuNS8uJIFGT3ejDFXLWRUhPAXr5r-ucBLoC_VGx0mc3juRxbzxYv_jzD-x8eqigUwnZLFCvRvctpgWcZXfWJdAlQBzBgYzp9PTVGvYflzdZRnORpVDTz1Hy-SpQ5bl71iOo4L1ErzC-kWn1fHA4Ni-DmPMqDYiLAECcGQBajKeDjRhvcK1qf8ZmwLK6wnint3klC46FeenWojT-2Ki_jZ6oP5jhIzkUFGUwuHFPazDfHTOeqkHNhJ_sh1Vc1d_EFAZF9xdEciVTV-AzQbvwjBcsymM0eq7JRoIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODg0NzA5MjM2Mjc0ODM2OBgA&sigh=Ejy2TmnhVQs&uach_m=[UACH]&cid=CAQSOwDUE5ymIC3qt4Nd_kQLkJuDsgUDQOlasbzu24ojbtvgReIoDhoooC_chaR96BjNYdEeYuR6qihgd1f4GAE
Frame ID: D738DC9CE5318A1CEDF7BD967D8458BE
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gntn7cghex2q1zv883de2ap47jh9n4f0gmks80bbs8p5r4q8gbdw9grtw26713mv65e24d2hmg8ammm517hjyff473zbbqrtzbwng6as7ps3rzr6rpf2hhwgkk92e0zakfgckvd6h257v3r6pmeyqbh5egx1gwcme35stghaw8jqqf6f7aptejfxtts1r0vekp14rfg614fsjytxbygjq8dw7yrgp61t8hd9bpy5cgcvb2wakmxnfzx5ab05vp70mq0jabejvxfqp1m71fe3dq8861vjatnr2xpnwp1p4vnmmgs4e332m1xfd8s8wzwg3sxavnybgcbryy61e82z15fzzvbt68mv2nspkmm30y3789cncmhznxf3g10vhrgpwmr9xb8f8vbqfb822q0ncz1tgajnxwaz5bhnbmac0dq27yfqhj4g1t3972pv2arh302d7yq0c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZjrk_4c2ZKzHIoKKjuwPreq8gAKQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HswVuNS8uJIFGT3ejDFXLWRUhPAXr5r-ucBLoC_VGx0mc3juRxbzxYv_jzD-x8eqigUwnZLFCvRvctpgWcZXfWJdAlQBzBgYzp9PTVGvYflzdZRnORpVDTz1Hy-SpQ5bl71iOo4L1ErzC-kWn1fHA4Ni-DmPMqDYiLAECcGQBajKeDjRhvcK1qf8ZmwLK6wnint3klC46FeenWojT-2Ki_jZ6oP5jhIzkUFGUwuHFPazDfHTOfoklLz8AKmlZ-yP2ffSAOP_MUWJF774NFQrLWx_V8stNXLdy0RaOjtLYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0a005ZJ7j1ABpMkU_0bC4KY-a00Q%26client%3Dca-pub-8847092362748368%26adurl%3D
Frame ID: 577C426194A67A2ABCCEA57098B12D41
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 377E51321874B11EA0CA7C5F210E33DD
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 774D59D4B00C33F1D0F73880F0B099FC
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 6C9B985746CE2FD8691B4CB15C1DE436
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=dc2863329f91d1fec0a4bd2b567c3d33%2F11314145592203982105&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360156&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h3w4q9kh8ysqdc488x2w4s28scxatzx4dsdcdq4vwx7n63z3j3gcbjy5g3wybm6dzr5s5cap8vm91mqrw7srg5z6wsqjbqd4pg0hgtnp7d37jfbavhs14s71xewwbjt00zy6m5v4sgw6rrr0rnkev5xs750ngawzzv865t2cqjsvdx9tk3ac4drha7qge00tj7y60p8a5esej88c6pejrbsta8shv9vty7pk78226f7srf3e53seqfgzqr5kkemtv29q61x12wkfvdn67fkdww2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZjrk_4c2ZKzHIoKKjuwPreq8gAKQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HswVuNS8uJIFGT3ejDFXLWRUhPAXr5r-ucBLoC_VGx0mc3juRxbzxYv_jzD-x8eqigUwnZLFCvRvctpgWcZXfWJdAlQBzBgYzp9PTVGvYflzdZRnORpVDTz1Hy-SpQ5bl71iOo4L1ErzC-kWn1fHA4Ni-DmPMqDYiLAECcGQBajKeDjRhvcK1qf8ZmwLK6wnint3klC46FeenWojT-2Ki_jZ6oP5jhIzkUFGUwuHFPazDfHTOfoklLz8AKmlZ-yP2ffSAOP_MUWJF774NFQrLWx_V8stNXLdy0RaOjtLYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0a005ZJ7j1ABpMkU_0bC4KY-a00Q%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0
Frame ID: 0233982D24B3010552D47B5C85730B7A
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C34719&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=250&e=&g=d902811378996205a1b53ae0dc896434%2F3719006060709946258&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmyt4yyjgc38b08n3gm7ee6c4754e13dtd981fgzs23a4tzn2h37p0btjjx0rc1sq7czwjzzgsk7qjsv3dnse82e76dvdna9pr6hjpf909stcky6qnxkdm0hzm8egc43zw41sbkmv0554bkjvmsff6f94pq6p0e7xmvvkw5wphcgnfpaahs1dmysx6yjp2kcgfwydpvcv3jvp2192bkc3wffx84j796ztjvkp94jf535n2qkny0j23w6vp84k4df1zy8j4j596g7z1tfqe8n5yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0
Frame ID: 81501C76A83313AE72FEB4EC76CCA7C4
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qMU6ruUuZ1zoKC0LZ3Jpmtn3twdVMxn7JXARaYw8J-4.js
Frame ID: B89FBBFD88B781A77D6E79031C335BC2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qMU6ruUuZ1zoKC0LZ3Jpmtn3twdVMxn7JXARaYw8J-4.js
Frame ID: 24FD76CBA46D509F5714ED56A65F5458
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 29C81F178619434114A0E5A2185EF5BE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6AB1C63349A1DE12F530C95B40D137B9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SMILESpesquisar

Page URL History Show full URLs

http://voesmiles.com.br/ HTTP 302
http://contatonline.com/?VX5J90G Page URL
http://smiles.iclou.com.br/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

166
Requests

80 %
HTTPS

50 %
IPv6

33
Domains

45
Subdomains

34
IPs

7
Countries

3474 kB
Transfer

5805 kB
Size

25
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://smiles/
Title: Início

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://voesmiles.com.br/ HTTP 302
http://contatonline.com/?VX5J90G Page URL
http://smiles.iclou.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://voesmiles.com.br/ HTTP 302
http://contatonline.com/?VX5J90G

Request Chain 49

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 63

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 73

https://um.simpli.fi/gp_match?google_gid=CAESEHeEiO8-ZDONqe9uM42dZoU&google_cver=1&google_push=Aer7DvIeV6_Kn1UQzUcurhP5iuvmM4fuWgOLsccdM9ea_WqbAF0KS4US3LUPLaWfv-JuktK92623na-lrVdhdmFvilFvntNlZywWe2dm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9FEECDAB395D4351B7E46432D6166187&google_push=Aer7DvIeV6_Kn1UQzUcurhP5iuvmM4fuWgOLsccdM9ea_WqbAF0KS4US3LUPLaWfv-JuktK92623na-lrVdhdmFvilFvntNlZywWe2dm

Request Chain 75

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECZkAIL4qPfnMnXMQF7BbPM&google_cver=1&google_push=Aer7DvIyKc-mLuQdHd4IiefTPoqOUz3oCK2sPecMYV5Ynf25cbGuY1JCksHUdZpreqQt4rD89el86a4fR8rthoFPsdPshW5RqnYizthI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMTEwODU4MTg0ODA1MzkwMA%3D%3D&google_push=Aer7DvIyKc-mLuQdHd4IiefTPoqOUz3oCK2sPecMYV5Ynf25cbGuY1JCksHUdZpreqQt4rD89el86a4fR8rthoFPsdPshW5RqnYizthI

Request Chain 76

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEABxBKDRCT4uWq-lRltZR8A&google_cver=1&google_push=Aer7DvJDiJJGEQqJld3IY7dmSouitC4lRtwv32zjKjLEebm6XT7OFTY7IWeftKR6yqHPna_uGAwxhxBW38t1aocHWlbv38iC7wBVwtpF HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEABxBKDRCT4uWq-lRltZR8A&google_cver=1&google_push=Aer7DvJDiJJGEQqJld3IY7dmSouitC4lRtwv32zjKjLEebm6XT7OFTY7IWeftKR6yqHPna_uGAwxhxBW38t1aocHWlbv38iC7wBVwtpF&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8btsqRQ5TY2pxq9BHPHbYQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJDiJJGEQqJld3IY7dmSouitC4lRtwv32zjKjLEebm6XT7OFTY7IWeftKR6yqHPna_uGAwxhxBW38t1aocHWlbv38iC7wBVwtpF

Request Chain 77

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKk-6CNHXRd_0q60wMc3Ccs&google_cver=1&google_push=Aer7DvL8VThHBHzW8UFP6a5N2AbNlPA69gMkX06d90Pac7O7hrD_8J5xM0Roiex2b93t9D-J_ZEl8BHum3YqZ_ZqRxyr_EBtoC8bLIpZ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKk-6CNHXRd_0q60wMc3Ccs&google_push=Aer7DvL8VThHBHzW8UFP6a5N2AbNlPA69gMkX06d90Pac7O7hrD_8J5xM0Roiex2b93t9D-J_ZEl8BHum3YqZ_ZqRxyr_EBtoC8bLIpZ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKk-6CNHXRd_0q60wMc3Ccs&google_hm=ZDaH_7iZomEeU_OiZ4ylSQAACFsAAAAB&google_nid=index&google_push=Aer7DvL8VThHBHzW8UFP6a5N2AbNlPA69gMkX06d90Pac7O7hrD_8J5xM0Roiex2b93t9D-J_ZEl8BHum3YqZ_ZqRxyr_EBtoC8bLIpZ

Request Chain 78

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBSu8brMHabI-tB_dzAj_Mk&google_cver=1&google_push=Aer7DvKxu9w32DmQWkI7Uz2RdQXJN9bQ4tqnCluRokRFU49uPvguJTw2zlE1FuIVRUoD3USvPG22KI12rjhLsKOP8s3cERsYcDRGEX7q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKxu9w32DmQWkI7Uz2RdQXJN9bQ4tqnCluRokRFU49uPvguJTw2zlE1FuIVRUoD3USvPG22KI12rjhLsKOP8s3cERsYcDRGEX7q

Request Chain 79

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPNQs4gTvmgclUuenNH7qsY&google_cver=1&google_push=Aer7DvLj6cjos6dDHcSLb1XN6Eo9x_8yuh4Ls6G46EiVJ_nOEjpsfNjdeV1kuvItbIBaGGxnOEj5_kiPtztkMW46LdiXLDqlgCppPbHakg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvLj6cjos6dDHcSLb1XN6Eo9x_8yuh4Ls6G46EiVJ_nOEjpsfNjdeV1kuvItbIBaGGxnOEj5_kiPtztkMW46LdiXLDqlgCppPbHakg HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 93

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEK47EHPkRf1gSfmAExour74&google_cver=1&google_push=Aer7DvJyT9mxZ5n-KM2LyIxNcVhT288Gpq1PRQJfqfBQAALo65KXR0kO2E-6cjY5rRfBOdEFMd44dacm9zOrJkEnVarddOd3dxGQgpRN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDI5OTM1MTE3ODkzNzg1NzQ0MQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK47EHPkRf1gSfmAExour74&google_cver=1

Request Chain 94

https://um.simpli.fi/gp_match?google_gid=CAESEHeEiO8-ZDONqe9uM42dZoU&google_cver=1&google_push=Aer7DvJPapR46MZqXPXcd4xncmRjf04ZHBOLg1U9pRyskkbmyowWN35T67Mcjl6qnWuUFyp12I4D5rUJqmpA3OE8PhfXG9UfWG7x1w2i HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9FEECDAB395D4351B7E46432D6166187&google_push=Aer7DvJPapR46MZqXPXcd4xncmRjf04ZHBOLg1U9pRyskkbmyowWN35T67Mcjl6qnWuUFyp12I4D5rUJqmpA3OE8PhfXG9UfWG7x1w2i

Request Chain 96

https://d5p.de17a.com/cookies/google?google_gid=CAESEE6FIVNUacrcUeDp8S82Sjs&google_cver=1&google_push=Aer7DvKf69EjhMBlybs_bNSPUHNjlMVTPV0NtzT8q0ZPapck3nsDYWJWpwPpwyo7jLxhv_Il7KrpIJc0GX3erpRDlY3GoASC-lFfeiw HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEE6FIVNUacrcUeDp8S82Sjs&google_cver=1&google_push=Aer7DvKf69EjhMBlybs_bNSPUHNjlMVTPV0NtzT8q0ZPapck3nsDYWJWpwPpwyo7jLxhv_Il7KrpIJc0GX3erpRDlY3GoASC-lFfeiw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKf69EjhMBlybs_bNSPUHNjlMVTPV0NtzT8q0ZPapck3nsDYWJWpwPpwyo7jLxhv_Il7KrpIJc0GX3erpRDlY3GoASC-lFfeiw

Request Chain 97

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEABxBKDRCT4uWq-lRltZR8A&google_cver=1&google_push=Aer7DvI9BRDhIk1FAyGTPqP9vrOtzF-j3a-i5M881WpkdWq-g5d7ozWXuQGwX09hL7-TMlzCgDvssFRfWxdoXwJE7Lz6oA2ceLRSIhYa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8btsqRQ5TY2pxq9BHPHbYQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvI9BRDhIk1FAyGTPqP9vrOtzF-j3a-i5M881WpkdWq-g5d7ozWXuQGwX09hL7-TMlzCgDvssFRfWxdoXwJE7Lz6oA2ceLRSIhYa

Request Chain 98

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKk-6CNHXRd_0q60wMc3Ccs&google_cver=1&google_push=Aer7DvJNr83RLksn_yn_LCnsiUCFs42nulpt0yYSvP_GpNFD1dJ7wENiT6SPf1oBjGdIym7mGNmn9CWYO5kgbqMNZTDZcC2mbRbOv6ll HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKk-6CNHXRd_0q60wMc3Ccs&google_hm=ZDaH_7iZomEeU_OiZ4ylSQAACFsAAAAB&google_nid=index&google_push=Aer7DvJNr83RLksn_yn_LCnsiUCFs42nulpt0yYSvP_GpNFD1dJ7wENiT6SPf1oBjGdIym7mGNmn9CWYO5kgbqMNZTDZcC2mbRbOv6ll

Request Chain 99

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPNQs4gTvmgclUuenNH7qsY&google_cver=1&google_push=Aer7DvKNggT35ZGg1rYMjiJt9jr8P23uZUqVNELmF0pRXKmJuItmVNud_5EjylnrFZ-D95GXdFbOPy2YNdrj9-E_J68xGBbSJ5sucbKe_Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvKNggT35ZGg1rYMjiJt9jr8P23uZUqVNELmF0pRXKmJuItmVNud_5EjylnrFZ-D95GXdFbOPy2YNdrj9-E_J68xGBbSJ5sucbKe_Q HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 121

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPq32aWRpP4CFcSH_QcduVAOWw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023041212292083797474709X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023041212292083797474709X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218

Request Chain 124

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1681295360_e2a8ac12-d91c-11ed-9d45-2261c3620022&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 132

https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=981741&produktid=&dt_url=

Request Chain 141

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

166 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
contatonline.com/
Redirect Chain

http://voesmiles.com.br/
http://contatonline.com/?VX5J90G

110 B
367 B

248ms
107ms

Document
text/html

13.58.124.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://contatonline.com/?VX5J90G
Protocol: HTTP/1.1
Server: 13.58.124.244 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-124-244.us-east-2.compute.amazonaws.com
Software: nginx / PHP/5.6.38
Resource Hash: f7da7a3265a7d6f483860c21d4b5447ccbeb23a9652f533cbbea8c2f8ef1c2ee

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 12 Apr 2023 10:29:17 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.38

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 12 Apr 2023 10:29:16 GMT
Location: http://contatonline.com/?VX5J90G
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.29

GET
H/1.1 200
OK Primary Request / Show response
smiles.iclou.com.br/ 24 KB
7 KB 295ms
99ms Document
text/html 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx / PHP/7.4.29
Resource Hash: fadae0525cab4833319aa32f395cf4bf50bf14072a200bd3a4101eca55b3cc38

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 12 Apr 2023 10:29:17 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.29

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
50 KB 65ms
57ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570de34421bc6bb0e8508ccd87ea8e21d8115b941d069a633d602d2121945be5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 10:29:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 50671
X-XSS-Protection: 0
Server: cafe
ETag: 811229304151882753
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Wed, 12 Apr 2023 10:29:17 GMT

GET
H/1.1 200
OK estilo-laranja.css
smiles.iclou.com.br/css/ 202 KB
27 KB 102ms
102ms Stylesheet
text/css 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smiles.iclou.com.br/css/estilo-laranja.css
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx /
Resource Hash: 418c782cd9a0f004f25873525e400620db28bc9d81b2961e5e6be9faa5a900bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 10:29:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Feb 2021 02:21:28 GMT
Server: nginx
ETag: W/"6018b728-327ff"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 42ms
18ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbf146c8d8cf07dacd52cd913d85e579f25231fa11800e8ff24789e20f8fd78c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 10:29:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 10:29:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 10:29:17 GMT

GET
H/1.1 200
OK topo.jpg
smiles.iclou.com.br/images/ 24 KB
24 KB 195ms
97ms Image
image/jpeg 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://smiles.iclou.com.br/images/topo.jpg
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx /
Resource Hash: 0a7cac9b8f0b40c02c190a290f821c12d3a30bdd31f99699c96afb6e011f628b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 10:29:17 GMT
Last-Modified: Tue, 02 Feb 2021 02:21:31 GMT
Server: nginx
ETag: "6018b72b-5fdd"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24541
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK requestData.js Show response
redirecionador.info/relacionados/aereo/ 1 KB
1 KB 304ms
241ms Script
application/javascript 2606:4700:3034::6815:5f5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://redirecionador.info/relacionados/aereo/requestData.js
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:5f5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ea571f67616f2ef7b6acacb2a92cecf6a5035424ce962d971e3f32926202e06

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 10:29:17 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 11 Feb 2021 20:28:44 GMT
Server: cloudflare
ETag: W/"6025937c-43c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDAVz%2BRV46EtNl%2B2XIeEbcGXYuVqhv%2Bwh%2BbbhaZXsLFt3lXkIKGg4dLHjbI6aR9BPHNJ6FGQ2mjUB4pX9ENPc2CC2ILxzLF0ljxzVDhPUSaiKO3j7o0LGJ2ETYqKdUoo6SM1My0NOHPMRlRX9j9Qcpfj"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: public, max-age=315360000
CF-RAY: 7b6ac9906eb90368-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.3.1/dist/ 85 KB
31 KB 40ms
19ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.3.1/dist/jquery.min.js

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4240537
x-jsd-version: 3.3.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230090-FRA, cache-jnb7026-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"1538f-DcMttKqcXwPzs4xH2IPb1P7ROq4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5A%2B7dKOzs9HUwxkxh8XCiV8sgkhYocYHU39sj6IUrN8fPDI4wdgiXuEk%2B%2FrEDnRsD5COIoEaRapDPbsL322mBlmpM3i2hHK8zbVYrIjxiIumeKZJxLqFR8x1b4%2F%2F0ZYZMPO%2B9s%2F28rxHf6UHzU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7b6ac9902c093604-FRA

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
11 KB 46ms
25ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4240540
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230096-FRA, cache-yyz4521-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGUGaGrhZL2R42xQO8aBvYdIGq4Wnz6eq7WSNn2kuEkNKuayRE9bwml3z1vdRNAA5Wg2MkhQW8ZfDgGIK2xIi70sA%2Fw%2FnDcfGrk5xWpaQHoe1K5S0WZcbs7qBaAG9sOYwiqTm2qhlar03IUXQ1g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7b6ac9902c0b3604-FRA

GET
H2 200 jquery.flexslider.min.js Show response
cdn.jsdelivr.net/npm/flexslider@2.7.1/ 23 KB
8 KB 39ms
18ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/flexslider@2.7.1/jquery.flexslider.min.js

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82274395ae9741732320547050e84cd8ca10510c0afb8cead6eb9172aa891deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 479338
x-jsd-version: 2.7.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230023-FRA, cache-yyz4571-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"5a97-CZSrA1me8DvhFo11qWL07JtctNM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqHBe5mXc2%2Bc1IWU4nGGVnEfMYk8052gsO5Jet9QF%2B89Lb1PYafnGepX1sVcrdQ5GZL%2Bl1odRQHdrkSeiHbtc6YM0BQvKeVR0IeWMsCIy4NA3SFz7Em6LOd%2FmC7IKQ19vyxK1EFxNhbCE%2BRBCsU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7b6ac9902c0d3604-FRA

GET
H/1.1 200
OK scripts.min.js Show response
smiles.iclou.com.br/js/ 2 KB
1 KB 195ms
96ms Script
application/javascript 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smiles.iclou.com.br/js/scripts.min.js
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx /
Resource Hash: 9737e1f2d8e8394823b95d1c2ed3db1a65efabeb4eaf36b3d35ed053dff921b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 10:29:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Feb 2021 02:21:33 GMT
Server: nginx
ETag: W/"6018b72d-919"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ads.js Show response
smiles.iclou.com.br/js/ 10 KB
2 KB 195ms
96ms Script
application/javascript 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smiles.iclou.com.br/js/ads.js
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx /
Resource Hash: 2fd3ec1c9bbd8649a7df803f56aee470fa259abb0a9b70485cd51c9d1bf77a03

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 10:29:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Feb 2021 02:21:32 GMT
Server: nginx
ETag: W/"6018b72c-27a5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 347 KB
117 KB 118ms
83ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8847092362748368&plah=smiles.iclou.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0ed127b748b5222f2656cd0d287f954c99e3e5bf6688a58a68861aed724d712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118929
x-xss-protection: 0
server: cafe
etag: 34444347773180408
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 10:29:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230410/r20190131/ Frame 3BBC 10 KB
5 KB 43ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230410/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63927
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 16:43:50 GMT
etag: 2378337311435320485
expires: Tue, 25 Apr 2023 16:43:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
22 KB 46ms
10ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://smiles.iclou.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:38:08 GMT
x-content-type-options: nosniff
age: 85869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21724
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:38:08 GMT

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 49ms
12ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://smiles.iclou.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:35:35 GMT
x-content-type-options: nosniff
age: 86022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:35:35 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 10 KB
10 KB 57ms
22ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://smiles.iclou.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:30:57 GMT
x-content-type-options: nosniff
age: 82700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10172
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 11:30:57 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
605 B 49ms
17ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=smiles.iclou.com.br&callback=_gfp_s_&client=ca-pub-8847092362748368

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8847092362748368&plah=smiles.iclou.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

191e52dcb4efe1253e5c5aeb09e0e87844c2a66d13a15d3103a567c7a28e2a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 54ms
21ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 45ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6F92 106 KB
29 KB 744ms
743ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&adk=1812271804&adf=3025194257&lmt=1681295357&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_l%7C308x810_r&format=0x0&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&ea=0&pra=5&wgl=1&dt=1681295357533&bpp=6&bdt=107&idt=228&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4428690245185&frm=20&pv=2&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=261

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80a95843d533312b29371724263d11970cdaf3504c504188570ef09376e0af58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 29960
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 10:29:18 GMT
expires: Wed, 12 Apr 2023 10:29:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cse.js Show response
cse.google.com/ 6 KB
4 KB 77ms
48ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

67c94f40f6a1ef4386d12289f3f3e435bde7d4de7f4d23ea73320e08d77e203a

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-z0p6yS49sfI93r3JxDoxmw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-z0p6yS49sfI93r3JxDoxmw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Wed, 12 Apr 2023 10:29:17 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2418
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Wed, 12 Apr 2023 10:29:17 GMT

GET
H2 200 cse_element__pt_pt.js Show response
www.google.com/cse/static/element/b2d1a4d4a8892464/ 309 KB
310 KB 47ms
20ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/b2d1a4d4a8892464/cse_element__pt_pt.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f073ab7678c07e6da6b065ecc62a4cb239eef79224760c88a98f5aae9e2ba59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 02:44:36 GMT
x-content-type-options: nosniff
age: 27881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316653
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 22:08:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 11 Apr 2024 02:44:36 GMT

GET
H2 200 default+pt_PT.css
www.google.com/cse/static/element/b2d1a4d4a8892464/ 41 KB
41 KB 38ms
11ms Stylesheet
text/css 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/b2d1a4d4a8892464/default+pt_PT.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:22:03 GMT
x-content-type-options: nosniff
age: 83234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41811
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 22:08:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 10 Apr 2024 11:22:03 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 36ms
10ms Stylesheet
text/css 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:18:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 12 Apr 2023 11:08:06 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 33ms
31ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 19ms
18ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 106E 110 KB
34 KB 1097ms
1095ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=3582736694&adf=865389875&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1681295358&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681295358011&bpp=3&bdt=585&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0&nras=1&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pbJKU1bV81&p=http%3A//smiles.iclou.com.br&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7f17a86006bd59f40220c47ca583c06b083ed1ad690ff822a3fc2de2738d47b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34441
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 10:29:19 GMT
expires: Wed, 12 Apr 2023 10:29:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A5D2 105 KB
33 KB 2581ms
2565ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1681295358&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295358011&bpp=1&bdt=585&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280&nras=1&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=fcpATTfosI&p=http%3A//smiles.iclou.com.br&dtd=20

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fb9f498acb08b2c6b94cbc2e80877bb649741516e98b9244fe6688ad1d4a22f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 10:29:20 GMT
expires: Wed, 12 Apr 2023 10:29:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 140 KB
52 KB 24ms
17ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/b2d1a4d4a8892464/cse_element__pt_pt.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

720ae6009c1f8f0df7358e9fed36a787f6689191d6bb8473e5681a86ea861cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 10:29:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
ETag: "4529378939290833916"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Accept-Ranges: bytes
Expires: Wed, 12 Apr 2023 10:29:18 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/pt_PT/ 1 KB
2 KB 10ms
9ms Image
image/png 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/pt_PT/branding.png

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1f061781dd54ac94ee2245db3b03e2fe1604349e42b857a3e5c982d6cdbb5f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 18:09:09 GMT
x-content-type-options: nosniff
age: 404409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 06 Apr 2024 18:09:09 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
127 B 31ms
6ms Image
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 10:29:18 GMT
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 150 KB
51 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/reactive_library_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b78a5111d5bb1388063b0fb94fda6706c4b069dc6fe422162c3616d95ee71ea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52080
x-xss-protection: 0
server: cafe
etag: 5693215486000212
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 10:29:18 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 19ms
18ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/ Frame 2CCC 10 KB
4 KB 12ms
8ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42903
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:34:15 GMT
etag: 2378337311435320485
expires: Tue, 25 Apr 2023 22:34:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C7F5 430 B
229 B 205ms
202ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=530165087&adf=4093038968&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1681295358&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681295358695&bpp=2&bdt=1268&idt=2&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=9SxFznx9tb&p=http%3A//smiles.iclou.com.br&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6fbcc344f39e39d7f6b0e0eafc8b9f230fc730fc442fd8fd07fdfa7f13d3bdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 205
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 10:29:18 GMT
expires: Wed, 12 Apr 2023 10:29:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 0b76a40db5a0e4006fbd6687403ecdcc.js Show response
www.gstatic.com/mysidia/ Frame 2CCC 9 KB
4 KB 34ms
10ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0b76a40db5a0e4006fbd6687403ecdcc.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1c09e80f13f58fa8735352042ae3ee483c8d801c705881cc076b3f39cff3375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 12:08:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4047
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 12:08:23 GMT

GET
H2 200 74ec634574f05197de646cb87f0af1bd.js Show response
www.gstatic.com/mysidia/ Frame 2CCC 10 KB
4 KB 38ms
14ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/74ec634574f05197de646cb87f0af1bd.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31b4e5121cdc6135c30476d258909c0e815737033f335812ab770213f967b7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 23:36:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4444
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 10 Jul 2023 23:36:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2CCC 8 KB
989 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 10:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 09:47:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 10:29:18 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 2CCC 2 KB
846 B 39ms
12ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:38:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:38:15 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/ Frame 2CCC 22 KB
9 KB 37ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:35:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:35:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 2CCC 3 KB
1 KB 40ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 06:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 06:53:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 2CCC 20 KB
8 KB 37ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75094
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:37:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2CCC 159 KB
49 KB 2392ms
2365ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 10:29:21 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 2CCC 33 KB
14 KB 33ms
12ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 07:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 07:19:29 GMT

GET
H2 200 4555314790599857429
tpc.googlesyndication.com/simgad/ Frame 2CCC 3 KB
3 KB 13ms
12ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4555314790599857429?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3363af8f57042aa97c25136dfedfb50c82657ffd86d4a60e92494b6c7a6b2da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 18:07:21 GMT
x-content-type-options: nosniff
age: 404517
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3021
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 15:07:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Apr 2024 18:07:21 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2CCC 0
0 58ms
57ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRKK__Yc2ZPDvMYjM3gOn96u4BfDF9vRvnvOQtOQQ7-uF39oPEAEgkLCHE2CVqp-CsAegAbv7wtkDyAEBqQI-vRN07VSyPqgDAaoE6QFP0Bj77OAJvkEXY1FFW2Lnrw5qfLA_Jw3LC91XG2za1o7QJQbdwNqIkNs70X-XslvCY0vSZYXXRmJ5fFxf8ju5ULmguw3Dj83w3u4PL_96logS-yWVRzAUX83xHrgktyhRLytmAYxvSnxjqIWnyX6Cs2kvNXzeb1gTUYHj3gpeHi1i1VbulO28PDmx5P4uwz5A7MFq8CQA1GbDZsDMrP0wnpemy8XiTqHGrvyU4o7lAaZgV6m0jasvRY9_nxhX9HaeybwSDiRKpGDEh96JQZchSxdsgjtqiH9EstPowrxWsiwnmjhTSjxXWcAEnKrn2KsEkgUECAQYAZIFBAgFGASAB6bduCOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRCfitAB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItODg0NzA5MjM2Mjc0ODM2OBgA&sigh=UszXECiy-AQ&uach_m=[UACH]&cid=CAQSGwDUE5ymKYUYgXH8QJq-M9stkX4_o02A20FNhhgB&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 10:29:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 12 Apr 2023 10:29:18 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DD80 143 B
166 B 13ms
11ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 09:33:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2CCC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 363aa9e7348d7355fe9390ce4839ab227626baccc3732cdc84b2a14957b2f69c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DD80
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

18ms
17ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 10:29:19 GMT
expires: Wed, 12 Apr 2023 10:29:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 10:29:19 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A5E5 32 KB
13 KB 226ms
213ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1681295359&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295359398&bpp=2&bdt=1972&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8jpcf4mis4&p=http%3A//smiles.iclou.com.br&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfd23ac2bc52a9b89f99dd680e63cc7983150061140c6f2473094e369dda1f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12983
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 10:29:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FD7F 32 KB
13 KB 163ms
151ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1681295359&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295359398&bpp=1&bdt=1972&idt=0&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280%2C336x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=sOT00fOH3C&p=http%3A//smiles.iclou.com.br&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f33de0950f894167ea25b8f5b0bd41fd17ee35a77a4946626ec2ae2aa3a35c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12866
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 10:29:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 106E 4 KB
618 B 20ms
18ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=3582736694&adf=865389875&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1681295358&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681295358011&bpp=3&bdt=585&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0&nras=1&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pbJKU1bV81&p=http%3A//smiles.iclou.com.br&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35fd59b97a8e0d867188a88d4ec485d4daa94c2ac3ae46790435ee7b59f229c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 10:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 09:07:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 10:29:19 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 106E 2 KB
765 B 15ms
12ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:38:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75064
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:38:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/ Frame 106E 22 KB
9 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:35:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:35:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 106E 3 KB
1 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 06:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 06:53:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 106E 20 KB
8 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:37:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 106E 159 KB
49 KB 1651ms
1648ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 10:29:21 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 106E 33 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 07:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 07:19:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 106E 0
0 54ms
53ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLdcq_oc2ZOLRAvuAjuwPgrmekAG9jaavb4_Or6y_DueY3v3RCBABIJCwhxNglaqfgrAHoAGwuqHXA8gBCakCvG-JysZYsj6oAwHIA8sEqgTpAU_Qt5P8xcLcjT5w3S5R5a0yDT6AaUmut4IB2Bfh5o-PR78sGINsbhS7kX2qMv2hmDUt2frNQzXeBic8Id5Ip2dqWzjOi3W0fqjbek0dnohggWOOF1V_rJtpzePI6e1Anmgq46tA778NqRSq0EcEkVBZdktLbLb4N_ZlmOWSnlXLkZQBUdy0ZD-_UF-tsgNKRnnxjSqh0Pf6KZHjmSqqU4D0XT84VP0_BzfHS6fqawUn5y6XfEnyITAzukRrxJ2yFY8wiDkjJdYJ4jlQ4otta7RlxUN8WTfubMnPNH_wT79u95JPH8ExlaKVwASZnqmq4AOSBQQIBBgBkgUECAUYBKAGLoAHxfetPqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBRCG0bEC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItODg0NzA5MjM2Mjc0ODM2OBgA&sigh=r2MZDEhFB1U&uach_m=[UACH]&cid=CAQSSwDUE5ym2FsgKVnVTY-9tlsYVUCgGA5LkeFhfWw0UolT_0Vxqc6sQn7PhVYPdDqL-4WfuFESd_p_zssz-3IVDOGNOv3RMcdFTeRYsxgB&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=3582736694&adf=865389875&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1681295358&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681295358011&bpp=3&bdt=585&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0&nras=1&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pbJKU1bV81&p=http%3A//smiles.iclou.com.br&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 10:29:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 106E 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame 106E
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

13ms
12ms

Image
image/png

2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Protocol

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 404647
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Apr 2024 18:05:12 GMT

Redirect headers

date: Wed, 12 Apr 2023 04:40:51 GMT
x-content-type-options: nosniff
server: cafe
age: 20908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 May 2023 04:40:51 GMT

GET
DATA 200
OK truncated
/ Frame 106E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 503d2b5415c06554bfdef41bed533f0e64ecda261cccf952df893a00f6e88b49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 94B5 0
0 52ms
52ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnFRy_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE3QFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE-A0Svsx4hdsQSrsavUD6OXdQXXWprw67uANUuj8-ozScOlUhtK6IAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODg0NzA5MjM2Mjc0ODM2OBgA&sigh=u1V3FVGUq1U&uach_m=[UACH]&cid=CAQSOwDUE5ymiS5fZAzqDzxPyF1Yz4Lj3psw2rzWBpYE6MbWrEF6jv3tfnp_FWQlMp5tkeiqW1ZJpnyyGV_eGAE

Requested by

Host: contatonline.com
URL: http://contatonline.com/?VX5J90G

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1681295359&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295359398&bpp=1&bdt=1972&idt=0&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280%2C336x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=sOT00fOH3C&p=http%3A//smiles.iclou.com.br&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 10:29:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 94B5 0
0 45ms
18ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gyt046zhq8te73dawkn8m52vwf350dejn622pjwhtr9a7mhj2hsc545sxah29vs563vrpntv869zj37cwt43j514g46hx91edm01nhkc88x0t2nfsvfzjms94d6fvfb8ytq6vm3b735ht3whgwd58k19bp3b3f2hr9m7jgeht64vkmw1ck4sjra301hks17s950v3ajg681qsywvvrq20c2r2az7nx4n8cespfgt010811xdm54mzvs6ss6j3ynrn1g4fkrwan5ybekjka8parydkwwkzsmse5v9d0fvapwmr298kdsk0sq41ns72dz50jnwjdw1h3wgketva59w39ts9qrf04e0gwdeck1w5hc2src4qa65dg60kccwe7p3n4fbby1pb3w788&b=ZDaH_wAIpX8Hg4MjAAOqVs0Crh7LSsn4eCYXAA
Requested by: Host: contatonline.com
URL: http://contatonline.com/?VX5J90G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 Apr 2023 10:29:19 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 2324 2 KB
1 KB 263ms
83ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gr02ap95x7v9v0s3t8egbpdxyaykpqwdh435zjt5e7z6jzsty0cmwqf5gt1k4xpe6jcq1bqq84mqah7q2annxbj6p1ftkfygjjj5v4xd59x4qrv8efy0tm1n3wrpx1msj00s4g9rd6zf065t95gde1fzkntgyqjgb1geyy6xr44fxz2r0r2zb34wtk661e3qy1rrh4b1r7s94deken8egp4ttk991a3xnswpwk19knbma7qk3hsk8q7hpbjghrc30m8fdw39r4r5pde4ehm8dj7975a9jnh4hhk3a7x83rtr02v69aepsq23c61b1tpt5wx1me5yf2w0b2k5hpm3mr9r38tgd0dgt8xrzwyh7s59bf08ysqgsamc141h4yj9yn1h3cf3qecday9p3fh627w93prkbaq1fqt3j90y7egy6q8wq3tyvrhvpn0yw4c33ackgk3d0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%26client%3Dca-pub-8847092362748368%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1681295359&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295359398&bpp=1&bdt=1972&idt=0&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280%2C336x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=sOT00fOH3C&p=http%3A//smiles.iclou.com.br&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cf9649a5f837fd085ae06df4d0c8870726c8d31687d97d053e999c4066c73f9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7b6ac99f6e672bd6-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 10:29:19 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 94B5 3 KB
1 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 06:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 06:53:06 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DBB2 1 KB
643 B 10ms
9ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 05:12:40 GMT
etag: 48472445140208031
expires: Thu, 13 Apr 2023 05:12:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 94B5 20 KB
8 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:37:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 94B5 159 KB
49 KB 1465ms
1465ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 10:29:21 GMT

GET
DATA 200
OK truncated
/ Frame 94B5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb279259ca0a7c551467e46ce0e909298f47a1a3e9a88676e2306afb9b84de80

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DBB2
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEHeEiO8-ZDONqe9uM42dZoU&google_cver=1&google_push=Aer7DvIeV6_Kn1UQzUcurhP5iuvmM4fuWgOLsccdM9ea_WqbAF0KS4US3LUPLaWfv-JuktK92623na-lrVdhdmFvilFvntNlZywWe2dm
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9FEECDAB395D4351B7E46432D6166187&google_push=Aer7DvIeV6_Kn1UQzUcurhP5iuvmM4fuWgOLsccdM9ea_WqbAF0KS4US3LUPLaWfv-JuktK92623na-lrVdhdmF...

170 B
232 B

18ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9FEECDAB395D4351B7E46432D6166187&google_push=Aer7DvIeV6_Kn1UQzUcurhP5iuvmM4fuWgOLsccdM9ea_WqbAF0KS4US3LUPLaWfv-JuktK92623na-lrVdhdmFvilFvntNlZywWe2dm

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 10:29:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 12 Apr 2023 10:29:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9FEECDAB395D4351B7E46432D6166187&google_push=Aer7DvIeV6_Kn1UQzUcurhP5iuvmM4fuWgOLsccdM9ea_WqbAF0KS4US3LUPLaWfv-JuktK92623na-lrVdhdmFvilFvntNlZywWe2dm
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 11 Apr 2023 10:29:19 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame DBB2 70 B
265 B 194ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKtQZdk1058BuhSHfJnxLUY&google_cver=1&google_push=Aer7DvKTJ3Ff8dFzmbWcsNIxb3Hyo1iA0Kd3ZtaaO9t5sM3y2QHqEwa7SSzYe9F_ZA-ouJU-S8AqAM_0-MdnkihV7Eib_3AY9NKgSJx8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1681295359&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295359398&bpp=1&bdt=1972&idt=0&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280%2C336x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=sOT00fOH3C&p=http%3A//smiles.iclou.com.br&dtd=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 12 Apr 2023 10:29:19 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DBB2
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECZkAIL4qPfnMnXMQF7BbPM&google_cver=1&google_push=Aer7DvIyKc-mLuQdHd4IiefTPoqOUz3oCK2sPecMYV5Ynf25cbGuY1JCksHUdZpreqQt4rD89el86a4fR8rtho...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMTEwODU4MTg0ODA1MzkwMA%3D%3D&google_push=Aer7DvIyKc-mLuQdHd4IiefTPoqOUz3oCK2sPecMYV5Ynf25cbGuY1JCksHUdZpreqQt4rD89el86a4fR8rthoFPsd...

170 B
329 B

19ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMTEwODU4MTg0ODA1MzkwMA%3D%3D&google_push=Aer7DvIyKc-mLuQdHd4IiefTPoqOUz3oCK2sPecMYV5Ynf25cbGuY1JCksHUdZpreqQt4rD89el86a4fR8rthoFPsdPshW5RqnYizthI

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 10:29:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMTEwODU4MTg0ODA1MzkwMA%3D%3D&google_push=Aer7DvIyKc-mLuQdHd4IiefTPoqOUz3oCK2sPecMYV5Ynf25cbGuY1JCksHUdZpreqQt4rD89el86a4fR8rthoFPsdPshW5RqnYizthI
Date: Wed, 12 Apr 2023 10:29:19 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DBB2
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8btsqRQ5TY2pxq9BHPHbYQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

35ms
34ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8btsqRQ5TY2pxq9BHPHbYQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJDiJJGEQqJld3IY7dmSouitC4lRtwv32zjKjLEebm6XT7OFTY7IWeftKR6yqHPna_uGAwxhxBW38t1aocHWlbv38iC7wBVwtpF

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 10:29:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8btsqRQ5TY2pxq9BHPHbYQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJDiJJGEQqJld3IY7dmSouitC4lRtwv32zjKjLEebm6XT7OFTY7IWeftKR6yqHPna_uGAwxhxBW38t1aocHWlbv38iC7wBVwtpF
date: Wed, 12 Apr 2023 10:29:18 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DBB2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKk-6CNHXRd_0q60wMc3Ccs&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKk-6CNHXRd_0q60wMc3Ccs&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKk-6CNHXRd_0q60wMc3Ccs&google_hm=ZDaH_7iZomEeU_OiZ4ylSQAACFsAAAAB&google_nid=index&google_push=Aer7DvL8VThHBHzW8UFP6a5N2AbNlPA69gMkX...

170 B
232 B

21ms
19ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKk-6CNHXRd_0q60wMc3Ccs&google_hm=ZDaH_7iZomEeU_OiZ4ylSQAACFsAAAAB&google_nid=index&google_push=Aer7DvL8VThHBHzW8UFP6a5N2AbNlPA69gMkX06d90Pac7O7hrD_8J5xM0Roiex2b93t9D-J_ZEl8BHum3YqZ_ZqRxyr_EBtoC8bLIpZ

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 10:29:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 Apr 2023 10:29:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKk-6CNHXRd_0q60wMc3Ccs&google_hm=ZDaH_7iZomEeU_OiZ4ylSQAACFsAAAAB&google_nid=index&google_push=Aer7DvL8VThHBHzW8UFP6a5N2AbNlPA69gMkX06d90Pac7O7hrD_8J5xM0Roiex2b93t9D-J_ZEl8BHum3YqZ_ZqRxyr_EBtoC8bLIpZ
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DBB2
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBSu8brMHabI-tB_dzAj_Mk&google_cver=1&google_push=Aer7DvKxu9w32DmQWkI7Uz2RdQXJN9bQ4tqnCluRokRFU49uPvguJTw2zlE1FuIVRUoD3USvPG22KI12rjhL...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKxu9w32DmQWkI7Uz2RdQXJN9bQ4tqnCluRokRFU49uPvguJTw2zlE1FuIVRUoD3USvPG22KI12rjhLsKOP8s3cERsYcDRGEX7q

170 B
232 B

18ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKxu9w32DmQWkI7Uz2RdQXJN9bQ4tqnCluRokRFU49uPvguJTw2zlE1FuIVRUoD3USvPG22KI12rjhLsKOP8s3cERsYcDRGEX7q

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 10:29:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKxu9w32DmQWkI7Uz2RdQXJN9bQ4tqnCluRokRFU49uPvguJTw2zlE1FuIVRUoD3USvPG22KI12rjhLsKOP8s3cERsYcDRGEX7q
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame DBB2
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPNQs4gTvmgclUuenNH7qsY&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvLj6cjos6dDHcSLb1XN6Eo9x_8yuh4Ls6G46EiVJ_nOEjpsfNjdeV1kuvItbIBaGGxnOEj5_kiPtztkMW46LdiXLDqlgCppPbHakg
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

38ms
37ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1681295359&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295359398&bpp=1&bdt=1972&idt=0&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280%2C336x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=sOT00fOH3C&p=http%3A//smiles.iclou.com.br&dtd=11
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Wed, 12 Apr 2023 10:29:20 GMT
pragma: no-cache
date: Wed, 12 Apr 2023 10:29:20 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 12 Apr 2023 10:29:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame DBB2 0
139 B 177ms
14ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KYKzhJrQ-4yiWDi9GbrCste3KL8RWgrlYWhfIfaEW8sjJ-Glb8yuaibYMrILHy9qwEdMCn3Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B1A4 430 B
227 B 182ms
181ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1681295359&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681295359894&bpp=1&bdt=2468&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280%2C336x280%2C336x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I%2CAHQMDFfuHpNmyhYXmePvf-SjZZ_yNP2nIVplsL35_PL24AOq-S2_YZfu9zFxqEFJ2w_lxe-jQl6pVwvikK_u0ZGzr78oSA&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=YXyzTYq0du&p=http%3A//smiles.iclou.com.br&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f34c3f13f66b3a23c55a85cd3a1a90fe0e6db110bb09717384b1cc0ec353528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 10:29:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D738 0
0 54ms
54ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cia0j_4c2ZKzHIoKKjuwPreq8gAKQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE3QFP0HswVuNS8uJIFGT3ejDFXLWRUhPAXr5r-ucBLoC_VGx0mc3juRxbzxYv_jzD-x8eqigUwnZLFCvRvctpgWcZXfWJdAlQBzBgYzp9PTVGvYflzdZRnORpVDTz1Hy-SpQ5bl71iOo4L1ErzC-kWn1fHA4Ni-DmPMqDYiLAECcGQBajKeDjRhvcK1qf8ZmwLK6wnint3klC46FeenWojT-2Ki_jZ6oP5jhIzkUFGUwuHFPazDfHTOeqkHNhJ_sh1Vc1d_EFAZF9xdEciVTV-AzQbvwjBcsymM0eq7JRoIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODg0NzA5MjM2Mjc0ODM2OBgA&sigh=Ejy2TmnhVQs&uach_m=[UACH]&cid=CAQSOwDUE5ymIC3qt4Nd_kQLkJuDsgUDQOlasbzu24ojbtvgReIoDhoooC_chaR96BjNYdEeYuR6qihgd1f4GAE

Requested by

Host: contatonline.com
URL: http://contatonline.com/?VX5J90G

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1681295359&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295359398&bpp=2&bdt=1972&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8jpcf4mis4&p=http%3A//smiles.iclou.com.br&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 10:29:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame D738 0
0 18ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g0txze6ew5j39m0whgdhwz4hsfqn4tacae34nxrn0qnfch83tfad8rrqfsk5z0gyesx15rypsn8yc3n06g16rxywrqprqmx5mhnpvf9kzazd6mftwrzapnn9tx1m45je6f8fb6ddwyeybw5m42j873q1tkjxpr69mrmey8c667dssgjakk001zh4hzgwp34ed4b972t0m9t083hgdgp8pnzpqa96wabsasmspt3g14ja2eqv8g0nfek946552x78bg68rf1p5vhvxjgvvyqmkne2mxz6dsd5s5rpmx2msmm1b4qtghtk2sf8hv8fj6qm4bqhhahmg8x74b671qej1n1gk7ba3x77pmgv74596awh2yyf0zzc9wrgzayhccqcky4hfaj53dpw1r&b=ZDaH_wAIo6wHg4UCAA81LXJkSLglQQw67uyPdw
Requested by: Host: contatonline.com
URL: http://contatonline.com/?VX5J90G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 Apr 2023 10:29:19 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 577C 2 KB
3 KB 35ms
34ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gntn7cghex2q1zv883de2ap47jh9n4f0gmks80bbs8p5r4q8gbdw9grtw26713mv65e24d2hmg8ammm517hjyff473zbbqrtzbwng6as7ps3rzr6rpf2hhwgkk92e0zakfgckvd6h257v3r6pmeyqbh5egx1gwcme35stghaw8jqqf6f7aptejfxtts1r0vekp14rfg614fsjytxbygjq8dw7yrgp61t8hd9bpy5cgcvb2wakmxnfzx5ab05vp70mq0jabejvxfqp1m71fe3dq8861vjatnr2xpnwp1p4vnmmgs4e332m1xfd8s8wzwg3sxavnybgcbryy61e82z15fzzvbt68mv2nspkmm30y3789cncmhznxf3g10vhrgpwmr9xb8f8vbqfb822q0ncz1tgajnxwaz5bhnbmac0dq27yfqhj4g1t3972pv2arh302d7yq0c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZjrk_4c2ZKzHIoKKjuwPreq8gAKQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HswVuNS8uJIFGT3ejDFXLWRUhPAXr5r-ucBLoC_VGx0mc3juRxbzxYv_jzD-x8eqigUwnZLFCvRvctpgWcZXfWJdAlQBzBgYzp9PTVGvYflzdZRnORpVDTz1Hy-SpQ5bl71iOo4L1ErzC-kWn1fHA4Ni-DmPMqDYiLAECcGQBajKeDjRhvcK1qf8ZmwLK6wnint3klC46FeenWojT-2Ki_jZ6oP5jhIzkUFGUwuHFPazDfHTOfoklLz8AKmlZ-yP2ffSAOP_MUWJF774NFQrLWx_V8stNXLdy0RaOjtLYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0a005ZJ7j1ABpMkU_0bC4KY-a00Q%26client%3Dca-pub-8847092362748368%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1681295359&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295359398&bpp=2&bdt=1972&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8jpcf4mis4&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0253f8a64b29e7ded039acdc74509864353fd7a13b2252d7bdebd92b16c639f5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7b6ac99f9eb42bd6-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 10:29:19 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame D738 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1681295359&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295359398&bpp=2&bdt=1972&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8jpcf4mis4&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 06:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 06:53:06 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 377E 1 KB
643 B 9ms
8ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1681295359&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295359398&bpp=2&bdt=1972&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8jpcf4mis4&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 05:12:40 GMT
etag: 48472445140208031
expires: Thu, 13 Apr 2023 05:12:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame D738 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1681295359&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295359398&bpp=2&bdt=1972&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8jpcf4mis4&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:37:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D738 0
0 16ms
16ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9eH0DdrU0jiT2r6HEF2Gwr-jE3RybZHnR5DaFCXXPTfHH189iGLt4LnjAC8nDG4vnW9vEgflml63f8LkqbgSWOSUv6A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1681295359&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295359398&bpp=2&bdt=1972&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8jpcf4mis4&p=http%3A//smiles.iclou.com.br&dtd=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D738 159 KB
49 KB 1266ms
1265ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1681295359&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295359398&bpp=2&bdt=1972&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8jpcf4mis4&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 10:29:21 GMT

GET
DATA 200
OK truncated
/ Frame D738 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa47d62ccb75892c28ac5447cebf4812d07085ac2fd2d3e096926b3655b29417

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 377E
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEK47EHPkRf1gSfmAExour74&google_cver=1&google_push=Aer7DvJyT9mxZ5n-KM2LyIxNcVhT288Gpq1PRQJfqfBQAALo65KXR0kO2E-6cjY5rRfBOdEFMd44dacm9zOrJkEnVarddOd3dxGQgpRN
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDI5OTM1MTE3ODkzNzg1NzQ0MQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK47EHPkRf1gSfmAExour74&google_cver=1

43 B
398 B

39ms
16ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK47EHPkRf1gSfmAExour74&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1681295359&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295359398&bpp=2&bdt=1972&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8jpcf4mis4&p=http%3A//smiles.iclou.com.br&dtd=6
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 12 Apr 2023 10:29:20 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 12 Apr 2023 10:29:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK47EHPkRf1gSfmAExour74&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 377E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEHeEiO8-ZDONqe9uM42dZoU&google_cver=1&google_push=Aer7DvJPapR46MZqXPXcd4xncmRjf04ZHBOLg1U9pRyskkbmyowWN35T67Mcjl6qnWuUFyp12I4D5rUJqmpA3OE8PhfXG9UfWG7x1w2i
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9FEECDAB395D4351B7E46432D6166187&google_push=Aer7DvJPapR46MZqXPXcd4xncmRjf04ZHBOLg1U9pRyskkbmyowWN35T67Mcjl6qnWuUFyp12I4D5rUJqmpA3OE...

170 B
188 B

27ms
26ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9FEECDAB395D4351B7E46432D6166187&google_push=Aer7DvJPapR46MZqXPXcd4xncmRjf04ZHBOLg1U9pRyskkbmyowWN35T67Mcjl6qnWuUFyp12I4D5rUJqmpA3OE8PhfXG9UfWG7x1w2i

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1681295359&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295359398&bpp=2&bdt=1972&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8jpcf4mis4&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 10:29:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 12 Apr 2023 10:29:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9FEECDAB395D4351B7E46432D6166187&google_push=Aer7DvJPapR46MZqXPXcd4xncmRjf04ZHBOLg1U9pRyskkbmyowWN35T67Mcjl6qnWuUFyp12I4D5rUJqmpA3OE8PhfXG9UfWG7x1w2i
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 11 Apr 2023 10:29:19 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 377E 70 B
264 B 34ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKtQZdk1058BuhSHfJnxLUY&google_cver=1&google_push=Aer7DvJulW54zmnGRnCNIbQueOF-Xwgv_7sx-9oYeOQtj5Ph4bqk0IT-SMFzYaYPn1zgMePRPs7F6woDyXF8nlQ93fAGC3rS5jf0j90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1681295359&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295359398&bpp=2&bdt=1972&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8jpcf4mis4&p=http%3A//smiles.iclou.com.br&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 12 Apr 2023 10:29:19 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 377E
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEE6FIVNUacrcUeDp8S82Sjs&google_cver=1&google_push=Aer7DvKf69EjhMBlybs_bNSPUHNjlMVTPV0NtzT8q0ZPapck3nsDYWJWpwPpwyo7jLxhv_Il7KrpIJc0GX3erpRDlY3GoAS...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEE6FIVNUacrcUeDp8S82Sjs&google_cver=1&google_push=Aer7DvKf69EjhMBlybs_bNSPUHNjlMVTPV0NtzT8q0ZPapck3nsDYWJWpwPpwyo7jLxhv_Il7KrpIJc0GX3erpRDlY3Go...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKf69EjhMBlybs_bNSPUHNjlMVTPV0NtzT8q0ZPapck3nsDYWJWpwPpwyo7jLxhv_Il7KrpIJc0GX3erpRDlY3GoASC-lFfeiw

170 B
188 B

24ms
19ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKf69EjhMBlybs_bNSPUHNjlMVTPV0NtzT8q0ZPapck3nsDYWJWpwPpwyo7jLxhv_Il7KrpIJc0GX3erpRDlY3GoASC-lFfeiw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1681295359&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295359398&bpp=2&bdt=1972&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8jpcf4mis4&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 10:29:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKf69EjhMBlybs_bNSPUHNjlMVTPV0NtzT8q0ZPapck3nsDYWJWpwPpwyo7jLxhv_Il7KrpIJc0GX3erpRDlY3GoASC-lFfeiw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 377E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8btsqRQ5TY2pxq9BHPHbYQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

25ms
24ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8btsqRQ5TY2pxq9BHPHbYQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvI9BRDhIk1FAyGTPqP9vrOtzF-j3a-i5M881WpkdWq-g5d7ozWXuQGwX09hL7-TMlzCgDvssFRfWxdoXwJE7Lz6oA2ceLRSIhYa

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1681295359&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295359398&bpp=2&bdt=1972&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8jpcf4mis4&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 10:29:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8btsqRQ5TY2pxq9BHPHbYQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvI9BRDhIk1FAyGTPqP9vrOtzF-j3a-i5M881WpkdWq-g5d7ozWXuQGwX09hL7-TMlzCgDvssFRfWxdoXwJE7Lz6oA2ceLRSIhYa
date: Wed, 12 Apr 2023 10:29:18 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 377E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKk-6CNHXRd_0q60wMc3Ccs&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKk-6CNHXRd_0q60wMc3Ccs&google_hm=ZDaH_7iZomEeU_OiZ4ylSQAACFsAAAAB&google_nid=index&google_push=Aer7DvJNr83RLksn_yn_LCnsiUCFs42nulpt0...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKk-6CNHXRd_0q60wMc3Ccs&google_hm=ZDaH_7iZomEeU_OiZ4ylSQAACFsAAAAB&google_nid=index&google_push=Aer7DvJNr83RLksn_yn_LCnsiUCFs42nulpt0yYSvP_GpNFD1dJ7wENiT6SPf1oBjGdIym7mGNmn9CWYO5kgbqMNZTDZcC2mbRbOv6ll

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1681295359&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295359398&bpp=2&bdt=1972&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8jpcf4mis4&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 10:29:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 Apr 2023 10:29:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKk-6CNHXRd_0q60wMc3Ccs&google_hm=ZDaH_7iZomEeU_OiZ4ylSQAACFsAAAAB&google_nid=index&google_push=Aer7DvJNr83RLksn_yn_LCnsiUCFs42nulpt0yYSvP_GpNFD1dJ7wENiT6SPf1oBjGdIym7mGNmn9CWYO5kgbqMNZTDZcC2mbRbOv6ll
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 0
Expires: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 377E
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPNQs4gTvmgclUuenNH7qsY&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvKNggT35ZGg1rYMjiJt9jr8P23uZUqVNELmF0pRXKmJuItmVNud_5EjylnrFZ-D95GXdFbOPy2YNdrj9-E_J68xGBbSJ5sucbKe_Q
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

30ms
30ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1681295359&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295359398&bpp=2&bdt=1972&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8jpcf4mis4&p=http%3A//smiles.iclou.com.br&dtd=6
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Wed, 12 Apr 2023 10:29:20 GMT
pragma: no-cache
date: Wed, 12 Apr 2023 10:29:20 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 12 Apr 2023 10:29:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 377E 0
12 B 18ms
17ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kx1w3AJi_x-Pr8yoGMP-9fhddzkcj3lRN6Iv2JmCvO8H3FyjZdN2jwDCm1nBr4j10o2182SQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1681295359&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295359398&bpp=2&bdt=1972&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280%2C336x280%2C1005x124%2C770x280&nras=2&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&psts=AHQMDFcdvlFWbC-oOilO40REPr26ZLviuMAejIJfdCtsXFKUcDSSVa0FjX_WbTtxqxiL1kDGu6MWhOt98QZotFEdvL88Qy7RSG-1sW2RnR_XNs6k-3I&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8jpcf4mis4&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 577C 94 KB
12 KB 28ms
27ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gntn7cghex2q1zv883de2ap47jh9n4f0gmks80bbs8p5r4q8gbdw9grtw26713mv65e24d2hmg8ammm517hjyff473zbbqrtzbwng6as7ps3rzr6rpf2hhwgkk92e0zakfgckvd6h257v3r6pmeyqbh5egx1gwcme35stghaw8jqqf6f7aptejfxtts1r0vekp14rfg614fsjytxbygjq8dw7yrgp61t8hd9bpy5cgcvb2wakmxnfzx5ab05vp70mq0jabejvxfqp1m71fe3dq8861vjatnr2xpnwp1p4vnmmgs4e332m1xfd8s8wzwg3sxavnybgcbryy61e82z15fzzvbt68mv2nspkmm30y3789cncmhznxf3g10vhrgpwmr9xb8f8vbqfb822q0ncz1tgajnxwaz5bhnbmac0dq27yfqhj4g1t3972pv2arh302d7yq0c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZjrk_4c2ZKzHIoKKjuwPreq8gAKQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HswVuNS8uJIFGT3ejDFXLWRUhPAXr5r-ucBLoC_VGx0mc3juRxbzxYv_jzD-x8eqigUwnZLFCvRvctpgWcZXfWJdAlQBzBgYzp9PTVGvYflzdZRnORpVDTz1Hy-SpQ5bl71iOo4L1ErzC-kWn1fHA4Ni-DmPMqDYiLAECcGQBajKeDjRhvcK1qf8ZmwLK6wnint3klC46FeenWojT-2Ki_jZ6oP5jhIzkUFGUwuHFPazDfHTOfoklLz8AKmlZ-yP2ffSAOP_MUWJF774NFQrLWx_V8stNXLdy0RaOjtLYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0a005ZJ7j1ABpMkU_0bC4KY-a00Q%26client%3Dca-pub-8847092362748368%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gntn7cghex2q1zv883de2ap47jh9n4f0gmks80bbs8p5r4q8gbdw9grtw26713mv65e24d2hmg8ammm517hjyff473zbbqrtzbwng6as7ps3rzr6rpf2hhwgkk92e0zakfgckvd6h257v3r6pmeyqbh5egx1gwcme35stghaw8jqqf6f7aptejfxtts1r0vekp14rfg614fsjytxbygjq8dw7yrgp61t8hd9bpy5cgcvb2wakmxnfzx5ab05vp70mq0jabejvxfqp1m71fe3dq8861vjatnr2xpnwp1p4vnmmgs4e332m1xfd8s8wzwg3sxavnybgcbryy61e82z15fzzvbt68mv2nspkmm30y3789cncmhznxf3g10vhrgpwmr9xb8f8vbqfb822q0ncz1tgajnxwaz5bhnbmac0dq27yfqhj4g1t3972pv2arh302d7yq0c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZjrk_4c2ZKzHIoKKjuwPreq8gAKQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HswVuNS8uJIFGT3ejDFXLWRUhPAXr5r-ucBLoC_VGx0mc3juRxbzxYv_jzD-x8eqigUwnZLFCvRvctpgWcZXfWJdAlQBzBgYzp9PTVGvYflzdZRnORpVDTz1Hy-SpQ5bl71iOo4L1ErzC-kWn1fHA4Ni-DmPMqDYiLAECcGQBajKeDjRhvcK1qf8ZmwLK6wnint3klC46FeenWojT-2Ki_jZ6oP5jhIzkUFGUwuHFPazDfHTOfoklLz8AKmlZ-yP2ffSAOP_MUWJF774NFQrLWx_V8stNXLdy0RaOjtLYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0a005ZJ7j1ABpMkU_0bC4KY-a00Q%26client%3Dca-pub-8847092362748368%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 84279
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nARFe%2B1LWNVaL3POC5lJF6TJkBrk9gQSE2Y18k%2B5zETh4y%2BFAGvww2n2pcDjLBpx9d2ATZAqcWS5x9V0UQokez4csik0EvWlVMzgmEQSc7ncvTvG4KpvHGiJ90Moqh2Z2gxRp1iHZHc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7b6ac99fff6d2bd6-FRA
expires: Wed, 12 Apr 2023 11:29:20 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 577C 25 KB
10 KB 30ms
21ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gntn7cghex2q1zv883de2ap47jh9n4f0gmks80bbs8p5r4q8gbdw9grtw26713mv65e24d2hmg8ammm517hjyff473zbbqrtzbwng6as7ps3rzr6rpf2hhwgkk92e0zakfgckvd6h257v3r6pmeyqbh5egx1gwcme35stghaw8jqqf6f7aptejfxtts1r0vekp14rfg614fsjytxbygjq8dw7yrgp61t8hd9bpy5cgcvb2wakmxnfzx5ab05vp70mq0jabejvxfqp1m71fe3dq8861vjatnr2xpnwp1p4vnmmgs4e332m1xfd8s8wzwg3sxavnybgcbryy61e82z15fzzvbt68mv2nspkmm30y3789cncmhznxf3g10vhrgpwmr9xb8f8vbqfb822q0ncz1tgajnxwaz5bhnbmac0dq27yfqhj4g1t3972pv2arh302d7yq0c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZjrk_4c2ZKzHIoKKjuwPreq8gAKQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HswVuNS8uJIFGT3ejDFXLWRUhPAXr5r-ucBLoC_VGx0mc3juRxbzxYv_jzD-x8eqigUwnZLFCvRvctpgWcZXfWJdAlQBzBgYzp9PTVGvYflzdZRnORpVDTz1Hy-SpQ5bl71iOo4L1ErzC-kWn1fHA4Ni-DmPMqDYiLAECcGQBajKeDjRhvcK1qf8ZmwLK6wnint3klC46FeenWojT-2Ki_jZ6oP5jhIzkUFGUwuHFPazDfHTOfoklLz8AKmlZ-yP2ffSAOP_MUWJF774NFQrLWx_V8stNXLdy0RaOjtLYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0a005ZJ7j1ABpMkU_0bC4KY-a00Q%26client%3Dca-pub-8847092362748368%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 74611
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6KEAnF1gAX1uifJMT8CUpWA3EaBfSqTGQ4Q1clds4QLi9Sq5kPnl6edBWoBfMesgPajqdmOZhi%2BLJ9IWIwjgjc9%2FujeyODY5PvqtuF%2Fj8sYIziQNksp%2BbCUML1AgeJK8AWCn0c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7b6ac9a00f792bd6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 11 Apr 2023 13:45:44 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 2324 94 KB
11 KB 25ms
23ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gr02ap95x7v9v0s3t8egbpdxyaykpqwdh435zjt5e7z6jzsty0cmwqf5gt1k4xpe6jcq1bqq84mqah7q2annxbj6p1ftkfygjjj5v4xd59x4qrv8efy0tm1n3wrpx1msj00s4g9rd6zf065t95gde1fzkntgyqjgb1geyy6xr44fxz2r0r2zb34wtk661e3qy1rrh4b1r7s94deken8egp4ttk991a3xnswpwk19knbma7qk3hsk8q7hpbjghrc30m8fdw39r4r5pde4ehm8dj7975a9jnh4hhk3a7x83rtr02v69aepsq23c61b1tpt5wx1me5yf2w0b2k5hpm3mr9r38tgd0dgt8xrzwyh7s59bf08ysqgsamc141h4yj9yn1h3cf3qecday9p3fh627w93prkbaq1fqt3j90y7egy6q8wq3tyvrhvpn0yw4c33ackgk3d0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%26client%3Dca-pub-8847092362748368%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gr02ap95x7v9v0s3t8egbpdxyaykpqwdh435zjt5e7z6jzsty0cmwqf5gt1k4xpe6jcq1bqq84mqah7q2annxbj6p1ftkfygjjj5v4xd59x4qrv8efy0tm1n3wrpx1msj00s4g9rd6zf065t95gde1fzkntgyqjgb1geyy6xr44fxz2r0r2zb34wtk661e3qy1rrh4b1r7s94deken8egp4ttk991a3xnswpwk19knbma7qk3hsk8q7hpbjghrc30m8fdw39r4r5pde4ehm8dj7975a9jnh4hhk3a7x83rtr02v69aepsq23c61b1tpt5wx1me5yf2w0b2k5hpm3mr9r38tgd0dgt8xrzwyh7s59bf08ysqgsamc141h4yj9yn1h3cf3qecday9p3fh627w93prkbaq1fqt3j90y7egy6q8wq3tyvrhvpn0yw4c33ackgk3d0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%26client%3Dca-pub-8847092362748368%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 84279
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfifsdS36%2FXlCZuztSRE4EI9JnFv3XpsqlG53V9U9dZF%2BLTEqc2Wu5auG49Svto54j0H%2FiLwog7z4XkzEAvOUU4KflflLoCAm7V2qC%2B6N165gVmN8ciY6sa0drXUUU1F4X1kQYvYcvU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7b6ac9a00f862bd6-FRA
expires: Wed, 12 Apr 2023 11:29:20 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 2324 25 KB
10 KB 37ms
37ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gr02ap95x7v9v0s3t8egbpdxyaykpqwdh435zjt5e7z6jzsty0cmwqf5gt1k4xpe6jcq1bqq84mqah7q2annxbj6p1ftkfygjjj5v4xd59x4qrv8efy0tm1n3wrpx1msj00s4g9rd6zf065t95gde1fzkntgyqjgb1geyy6xr44fxz2r0r2zb34wtk661e3qy1rrh4b1r7s94deken8egp4ttk991a3xnswpwk19knbma7qk3hsk8q7hpbjghrc30m8fdw39r4r5pde4ehm8dj7975a9jnh4hhk3a7x83rtr02v69aepsq23c61b1tpt5wx1me5yf2w0b2k5hpm3mr9r38tgd0dgt8xrzwyh7s59bf08ysqgsamc141h4yj9yn1h3cf3qecday9p3fh627w93prkbaq1fqt3j90y7egy6q8wq3tyvrhvpn0yw4c33ackgk3d0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%26client%3Dca-pub-8847092362748368%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 74611
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YkGBjIWZ3a9urTRQ%2B5LhYjdeHexP%2BfB%2Fgf%2F8wRARwGa26oM4d3zpgFUD2JP6MwnyI2znOLRXC2tqIdq2XobnRN1EfTz6C%2BuZCFhEVsExG7lgRPXaPMx2A5ydlZlsJ9RuNzFAVtI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7b6ac9a00f882bd6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 11 Apr 2023 13:45:44 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 577C 3 KB
3 KB 59ms
21ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3305
x-guploader-uploadid: ADPycduTog6A2JPifmWwDYui9vUCCU5W1ZNEVFDzlBRMT9l9xNdgptaa0KpBuLLbjaWfVX7sXot7cGI-Oc2HEQNQ3r-JUA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNuO2%2FqpblJJguAjdu%2BzSKWtn92I9ID6yNSmGKJOZxvV3N%2BC79xj3JeNwJyPUEcFQgWTukVci49A0x0Nau2TDriWGxLpmvrxELFjU09A4z3goP1zfAxOYUs1xKFfGCDpkI%2FwYsgB9M9%2FNmrPo4rTQp%2Ff"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7b6ac9a07dce90e8-FRA
expires: Wed, 12 Apr 2023 09:52:45 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 774D 2 KB
1 KB 22ms
22ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 234076
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7b6ac9a04d632c56-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 12 Apr 2023 10:29:20 GMT
expires: Thu, 30 Mar 2023 21:56:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wX%2FBTnHS4wfptQPxLLdxk6vNlc1Dlh02oEcpqhdPgfvpIOgHTNV%2FUBWA9t82xl7S9Huni6AnJlZFOKRnAkotP3PrlM8gXPDRpCyRrSBSEzJLkwupxdxDrGylFdT8nhDXOyq4WYI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 2324 3 KB
4 KB 45ms
20ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3305
x-guploader-uploadid: ADPycduTog6A2JPifmWwDYui9vUCCU5W1ZNEVFDzlBRMT9l9xNdgptaa0KpBuLLbjaWfVX7sXot7cGI-Oc2HEQNQ3r-JUA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1kCcGshCQzNcTPWgohym8QOAJYQVnGnm7159LhlT5REQejga4jf0KQ6Zdn%2FLsNoWqPM01qWgXSy3B63vDi8bUsZ9VRi16PbmlaFhWkMgRf5ZWHHiNSYtnGye%2B7XfXN3OmVixdsQhOdZwTqZHO0DmxBX"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7b6ac9a07dd090e8-FRA
expires: Wed, 12 Apr 2023 09:52:45 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 6C9B 2 KB
1 KB 21ms
20ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 234076
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7b6ac9a06d8f2c56-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 12 Apr 2023 10:29:20 GMT
expires: Thu, 30 Mar 2023 21:56:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0sS46PsYNwFj9LQEKzpyY%2FoLGMPrvTCmoUt6E9yWism9cWMQG44Bkfs1og5PN5DLcL4cPcmWENPOHDdNTbL5r8H2ZwQtAO3CYdgyfgDOAh2QeOwzQ3VRKx9dsYZ2rCiMF55K38%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 577C 2 KB
2 KB 37ms
36ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b58a78958f0cbe48e2f899ef655ef235807a8bdf335eddd7593c909e036c77

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5C2CQPg3VhghjtXyl474XDJSvKNRut1zvbxFdTWOpn3XoIMmZUoB8CiENuU9ruI1g20FoUxa2FX00Vdu4wruhXxA2HS1U1T82BPAh8kAXzOHMXXUyVUhlBhmZF2nF7iU67oO30%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7b6ac9a0dbe335f9-FRA
x-backend-server: aa-reachservice-group-europe-west1-gdws
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 52ms
34ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b6ac9a09b8a35f9-FRA
content-length: 24
content-type: text/plain
date: Wed, 12 Apr 2023 10:29:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFDQo3XKCWB7IteRBSQsosM2CyIRXEnRyCfoSAoUU1GhWUDB7xD7sW9qMrQBCmvP6IfqEYARZKJD447CgDf340vmxrNW5nYgdPnt9mzILI81DV6ewPSfw3%2BLYEHrKqhg1I9XM%2BI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-gdws

POST
H3 200 rs Show response
ad4m.at/ Frame 2324 2 KB
2 KB 36ms
36ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d777a67ed470f53bca616334b97d9634650b2706d6f8202b4c60cc6746863053

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FVIown9SIDZ8%2BCof8pVtCuBh8W6GnJ8gUSldd%2FagjcJgr9TVmekGfgc4IZ7yTDE%2FKzpSOrkXcZps9EV5StcJ1tYjHykztAmR4JJdQsG9IVPsLTHpl7iek202B8dE%2BRXiINFTSU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7b6ac9a0ebf935f9-FRA
x-backend-server: aa-reachservice-group-europe-west1-gdws
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 33ms
32ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b6ac9a0ab9c35f9-FRA
content-length: 24
content-type: text/plain
date: Wed, 12 Apr 2023 10:29:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i60iM9s8t5ddKZ0yAJIjOOvdm6tP3Xqo81h0UPS33ZckhZlZ7GV8GjxMrQS72WnGti34VhmWRjjDUUp9jbc35d%2FnChHA4q329HHEt%2F9phNyrxH%2B54qJ29NHCgnqKiVQn0TNcgck%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-gdws

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 0233 9 KB
4 KB 36ms
35ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569%2C23576%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=dc2863329f91d1fec0a4bd2b567c3d33%2F11314145592203982105&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360156&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h3w4q9kh8ysqdc488x2w4s28scxatzx4dsdcdq4vwx7n63z3j3gcbjy5g3wybm6dzr5s5cap8vm91mqrw7srg5z6wsqjbqd4pg0hgtnp7d37jfbavhs14s71xewwbjt00zy6m5v4sgw6rrr0rnkev5xs750ngawzzv865t2cqjsvdx9tk3ac4drha7qge00tj7y60p8a5esej88c6pejrbsta8shv9vty7pk78226f7srf3e53seqfgzqr5kkemtv29q61x12wkfvdn67fkdww2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZjrk_4c2ZKzHIoKKjuwPreq8gAKQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HswVuNS8uJIFGT3ejDFXLWRUhPAXr5r-ucBLoC_VGx0mc3juRxbzxYv_jzD-x8eqigUwnZLFCvRvctpgWcZXfWJdAlQBzBgYzp9PTVGvYflzdZRnORpVDTz1Hy-SpQ5bl71iOo4L1ErzC-kWn1fHA4Ni-DmPMqDYiLAECcGQBajKeDjRhvcK1qf8ZmwLK6wnint3klC46FeenWojT-2Ki_jZ6oP5jhIzkUFGUwuHFPazDfHTOfoklLz8AKmlZ-yP2ffSAOP_MUWJF774NFQrLWx_V8stNXLdy0RaOjtLYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0a005ZJ7j1ABpMkU_0bC4KY-a00Q%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

875d781437d62f92873f51b8ec758a7ba82151dc4565da31c93754845196f5c1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gntn7cghex2q1zv883de2ap47jh9n4f0gmks80bbs8p5r4q8gbdw9grtw26713mv65e24d2hmg8ammm517hjyff473zbbqrtzbwng6as7ps3rzr6rpf2hhwgkk92e0zakfgckvd6h257v3r6pmeyqbh5egx1gwcme35stghaw8jqqf6f7aptejfxtts1r0vekp14rfg614fsjytxbygjq8dw7yrgp61t8hd9bpy5cgcvb2wakmxnfzx5ab05vp70mq0jabejvxfqp1m71fe3dq8861vjatnr2xpnwp1p4vnmmgs4e332m1xfd8s8wzwg3sxavnybgcbryy61e82z15fzzvbt68mv2nspkmm30y3789cncmhznxf3g10vhrgpwmr9xb8f8vbqfb822q0ncz1tgajnxwaz5bhnbmac0dq27yfqhj4g1t3972pv2arh302d7yq0c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZjrk_4c2ZKzHIoKKjuwPreq8gAKQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HswVuNS8uJIFGT3ejDFXLWRUhPAXr5r-ucBLoC_VGx0mc3juRxbzxYv_jzD-x8eqigUwnZLFCvRvctpgWcZXfWJdAlQBzBgYzp9PTVGvYflzdZRnORpVDTz1Hy-SpQ5bl71iOo4L1ErzC-kWn1fHA4Ni-DmPMqDYiLAECcGQBajKeDjRhvcK1qf8ZmwLK6wnint3klC46FeenWojT-2Ki_jZ6oP5jhIzkUFGUwuHFPazDfHTOfoklLz8AKmlZ-yP2ffSAOP_MUWJF774NFQrLWx_V8stNXLdy0RaOjtLYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0a005ZJ7j1ABpMkU_0bC4KY-a00Q%26client%3Dca-pub-8847092362748368%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7b6ac9a11e712c56-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 10:29:20 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 8150 12 KB
4 KB 32ms
31ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C183975%2C34719&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=250&e=&g=d902811378996205a1b53ae0dc896434%2F3719006060709946258&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmyt4yyjgc38b08n3gm7ee6c4754e13dtd981fgzs23a4tzn2h37p0btjjx0rc1sq7czwjzzgsk7qjsv3dnse82e76dvdna9pr6hjpf909stcky6qnxkdm0hzm8egc43zw41sbkmv0554bkjvmsff6f94pq6p0e7xmvvkw5wphcgnfpaahs1dmysx6yjp2kcgfwydpvcv3jvp2192bkc3wffx84j796ztjvkp94jf535n2qkny0j23w6vp84k4df1zy8j4j596g7z1tfqe8n5yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40be1e0b85097b09fcecdd1fdd39eb639cc3f9c701438e7cea47a152bda60320

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gr02ap95x7v9v0s3t8egbpdxyaykpqwdh435zjt5e7z6jzsty0cmwqf5gt1k4xpe6jcq1bqq84mqah7q2annxbj6p1ftkfygjjj5v4xd59x4qrv8efy0tm1n3wrpx1msj00s4g9rd6zf065t95gde1fzkntgyqjgb1geyy6xr44fxz2r0r2zb34wtk661e3qy1rrh4b1r7s94deken8egp4ttk991a3xnswpwk19knbma7qk3hsk8q7hpbjghrc30m8fdw39r4r5pde4ehm8dj7975a9jnh4hhk3a7x83rtr02v69aepsq23c61b1tpt5wx1me5yf2w0b2k5hpm3mr9r38tgd0dgt8xrzwyh7s59bf08ysqgsamc141h4yj9yn1h3cf3qecday9p3fh627w93prkbaq1fqt3j90y7egy6q8wq3tyvrhvpn0yw4c33ackgk3d0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%26client%3Dca-pub-8847092362748368%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7b6ac9a12e7d2c56-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 10:29:20 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 0233 94 KB
12 KB 24ms
23ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=dc2863329f91d1fec0a4bd2b567c3d33%2F11314145592203982105&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360156&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h3w4q9kh8ysqdc488x2w4s28scxatzx4dsdcdq4vwx7n63z3j3gcbjy5g3wybm6dzr5s5cap8vm91mqrw7srg5z6wsqjbqd4pg0hgtnp7d37jfbavhs14s71xewwbjt00zy6m5v4sgw6rrr0rnkev5xs750ngawzzv865t2cqjsvdx9tk3ac4drha7qge00tj7y60p8a5esej88c6pejrbsta8shv9vty7pk78226f7srf3e53seqfgzqr5kkemtv29q61x12wkfvdn67fkdww2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZjrk_4c2ZKzHIoKKjuwPreq8gAKQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HswVuNS8uJIFGT3ejDFXLWRUhPAXr5r-ucBLoC_VGx0mc3juRxbzxYv_jzD-x8eqigUwnZLFCvRvctpgWcZXfWJdAlQBzBgYzp9PTVGvYflzdZRnORpVDTz1Hy-SpQ5bl71iOo4L1ErzC-kWn1fHA4Ni-DmPMqDYiLAECcGQBajKeDjRhvcK1qf8ZmwLK6wnint3klC46FeenWojT-2Ki_jZ6oP5jhIzkUFGUwuHFPazDfHTOfoklLz8AKmlZ-yP2ffSAOP_MUWJF774NFQrLWx_V8stNXLdy0RaOjtLYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0a005ZJ7j1ABpMkU_0bC4KY-a00Q%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=dc2863329f91d1fec0a4bd2b567c3d33%2F11314145592203982105&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360156&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h3w4q9kh8ysqdc488x2w4s28scxatzx4dsdcdq4vwx7n63z3j3gcbjy5g3wybm6dzr5s5cap8vm91mqrw7srg5z6wsqjbqd4pg0hgtnp7d37jfbavhs14s71xewwbjt00zy6m5v4sgw6rrr0rnkev5xs750ngawzzv865t2cqjsvdx9tk3ac4drha7qge00tj7y60p8a5esej88c6pejrbsta8shv9vty7pk78226f7srf3e53seqfgzqr5kkemtv29q61x12wkfvdn67fkdww2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZjrk_4c2ZKzHIoKKjuwPreq8gAKQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HswVuNS8uJIFGT3ejDFXLWRUhPAXr5r-ucBLoC_VGx0mc3juRxbzxYv_jzD-x8eqigUwnZLFCvRvctpgWcZXfWJdAlQBzBgYzp9PTVGvYflzdZRnORpVDTz1Hy-SpQ5bl71iOo4L1ErzC-kWn1fHA4Ni-DmPMqDYiLAECcGQBajKeDjRhvcK1qf8ZmwLK6wnint3klC46FeenWojT-2Ki_jZ6oP5jhIzkUFGUwuHFPazDfHTOfoklLz8AKmlZ-yP2ffSAOP_MUWJF774NFQrLWx_V8stNXLdy0RaOjtLYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0a005ZJ7j1ABpMkU_0bC4KY-a00Q%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 84279
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOH55AasfPyafm%2FXr8X097Ryla4SGsrp%2FU%2FPcfaQiu9z0T7B8jbdm9c3BjcRwRTeMeURWEhX9c4ZF2nQ1QF6QSAdCNpknY0qc%2BSOwDSscgLnnHgNjshQAnXVVdGKK5M5jI4f75hzGjU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7b6ac9a16eb62c56-FRA
expires: Wed, 12 Apr 2023 11:29:20 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 0233 4 KB
5 KB 51ms
36ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=dc2863329f91d1fec0a4bd2b567c3d33%2F11314145592203982105&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360156&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h3w4q9kh8ysqdc488x2w4s28scxatzx4dsdcdq4vwx7n63z3j3gcbjy5g3wybm6dzr5s5cap8vm91mqrw7srg5z6wsqjbqd4pg0hgtnp7d37jfbavhs14s71xewwbjt00zy6m5v4sgw6rrr0rnkev5xs750ngawzzv865t2cqjsvdx9tk3ac4drha7qge00tj7y60p8a5esej88c6pejrbsta8shv9vty7pk78226f7srf3e53seqfgzqr5kkemtv29q61x12wkfvdn67fkdww2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZjrk_4c2ZKzHIoKKjuwPreq8gAKQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HswVuNS8uJIFGT3ejDFXLWRUhPAXr5r-ucBLoC_VGx0mc3juRxbzxYv_jzD-x8eqigUwnZLFCvRvctpgWcZXfWJdAlQBzBgYzp9PTVGvYflzdZRnORpVDTz1Hy-SpQ5bl71iOo4L1ErzC-kWn1fHA4Ni-DmPMqDYiLAECcGQBajKeDjRhvcK1qf8ZmwLK6wnint3klC46FeenWojT-2Ki_jZ6oP5jhIzkUFGUwuHFPazDfHTOfoklLz8AKmlZ-yP2ffSAOP_MUWJF774NFQrLWx_V8stNXLdy0RaOjtLYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0a005ZJ7j1ABpMkU_0bC4KY-a00Q%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55fc10baa9c6fa8d98acac31beba1be0e8f688344f243dea838b5b03e8566a3c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 498246
cf-polished: origSize=9357, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4429
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJ006SqBOCB1E37B8gHmPv43dums86yOO2nTx3a6luXgh93ldpolyXYitivvmXPCWe1sqazXjLkENFqBS8pYWe%2FHRjZU6ISX6C9aqHsdNNGXsqbAd8FMdMsLn%2FZHFurJ3yjt1XTjNde6uScn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b6ac9a179bf2bd6-FRA
expires: Thu, 13 Apr 2023 10:29:20 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 0233 339 KB
340 KB 41ms
35ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=dc2863329f91d1fec0a4bd2b567c3d33%2F11314145592203982105&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360156&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h3w4q9kh8ysqdc488x2w4s28scxatzx4dsdcdq4vwx7n63z3j3gcbjy5g3wybm6dzr5s5cap8vm91mqrw7srg5z6wsqjbqd4pg0hgtnp7d37jfbavhs14s71xewwbjt00zy6m5v4sgw6rrr0rnkev5xs750ngawzzv865t2cqjsvdx9tk3ac4drha7qge00tj7y60p8a5esej88c6pejrbsta8shv9vty7pk78226f7srf3e53seqfgzqr5kkemtv29q61x12wkfvdn67fkdww2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZjrk_4c2ZKzHIoKKjuwPreq8gAKQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HswVuNS8uJIFGT3ejDFXLWRUhPAXr5r-ucBLoC_VGx0mc3juRxbzxYv_jzD-x8eqigUwnZLFCvRvctpgWcZXfWJdAlQBzBgYzp9PTVGvYflzdZRnORpVDTz1Hy-SpQ5bl71iOo4L1ErzC-kWn1fHA4Ni-DmPMqDYiLAECcGQBajKeDjRhvcK1qf8ZmwLK6wnint3klC46FeenWojT-2Ki_jZ6oP5jhIzkUFGUwuHFPazDfHTOfoklLz8AKmlZ-yP2ffSAOP_MUWJF774NFQrLWx_V8stNXLdy0RaOjtLYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0a005ZJ7j1ABpMkU_0bC4KY-a00Q%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1478348
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UFrKlK5%2FZorGZGOXlBMe8kJ0JIjv%2BKK1SEySzSz8JNreLbhUnRjwV3bF0gTo0jKsOG5DmlwK75y0FYFSa93qEZK%2FZ7hr0ygbjLKgAdLL93IbhI2Jxhii1b0QDJNYaU79CxPhQOcHaCf7TfA9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b6ac9a189c02bd6-FRA
expires: Thu, 13 Apr 2023 10:29:20 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 0233 43 B
702 B 142ms
90ms Image
image/gif 2.23.68.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=dc2863329f91d1fec0a4bd2b567c3d33%2F11314145592203982105&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360156&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h3w4q9kh8ysqdc488x2w4s28scxatzx4dsdcdq4vwx7n63z3j3gcbjy5g3wybm6dzr5s5cap8vm91mqrw7srg5z6wsqjbqd4pg0hgtnp7d37jfbavhs14s71xewwbjt00zy6m5v4sgw6rrr0rnkev5xs750ngawzzv865t2cqjsvdx9tk3ac4drha7qge00tj7y60p8a5esej88c6pejrbsta8shv9vty7pk78226f7srf3e53seqfgzqr5kkemtv29q61x12wkfvdn67fkdww2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZjrk_4c2ZKzHIoKKjuwPreq8gAKQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HswVuNS8uJIFGT3ejDFXLWRUhPAXr5r-ucBLoC_VGx0mc3juRxbzxYv_jzD-x8eqigUwnZLFCvRvctpgWcZXfWJdAlQBzBgYzp9PTVGvYflzdZRnORpVDTz1Hy-SpQ5bl71iOo4L1ErzC-kWn1fHA4Ni-DmPMqDYiLAECcGQBajKeDjRhvcK1qf8ZmwLK6wnint3klC46FeenWojT-2Ki_jZ6oP5jhIzkUFGUwuHFPazDfHTOfoklLz8AKmlZ-yP2ffSAOP_MUWJF774NFQrLWx_V8stNXLdy0RaOjtLYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0a005ZJ7j1ABpMkU_0bC4KY-a00Q%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.23.68.89 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-23-68-89.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Apr 2023 10:29:20 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 0233 53 KB
54 KB 34ms
29ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=dc2863329f91d1fec0a4bd2b567c3d33%2F11314145592203982105&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360156&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h3w4q9kh8ysqdc488x2w4s28scxatzx4dsdcdq4vwx7n63z3j3gcbjy5g3wybm6dzr5s5cap8vm91mqrw7srg5z6wsqjbqd4pg0hgtnp7d37jfbavhs14s71xewwbjt00zy6m5v4sgw6rrr0rnkev5xs750ngawzzv865t2cqjsvdx9tk3ac4drha7qge00tj7y60p8a5esej88c6pejrbsta8shv9vty7pk78226f7srf3e53seqfgzqr5kkemtv29q61x12wkfvdn67fkdww2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZjrk_4c2ZKzHIoKKjuwPreq8gAKQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HswVuNS8uJIFGT3ejDFXLWRUhPAXr5r-ucBLoC_VGx0mc3juRxbzxYv_jzD-x8eqigUwnZLFCvRvctpgWcZXfWJdAlQBzBgYzp9PTVGvYflzdZRnORpVDTz1Hy-SpQ5bl71iOo4L1ErzC-kWn1fHA4Ni-DmPMqDYiLAECcGQBajKeDjRhvcK1qf8ZmwLK6wnint3klC46FeenWojT-2Ki_jZ6oP5jhIzkUFGUwuHFPazDfHTOfoklLz8AKmlZ-yP2ffSAOP_MUWJF774NFQrLWx_V8stNXLdy0RaOjtLYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0a005ZJ7j1ABpMkU_0bC4KY-a00Q%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 492791
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dWnQWmozBElv2sodAzO1QKHpvh%2F3KQUBP0C7CyM5WoWGLWlAwWmPlka4yzysLr20nprhxYlN6TZaoHJQSeK8scnZEgNAS6ZEmze6s0cwuELrv3DdKPJriYfmgOYPJKFIV0oqehn8exsGvLlO"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b6ac9a179bc2bd6-FRA
expires: Thu, 13 Apr 2023 10:29:20 GMT

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 0233 23 KB
23 KB 42ms
37ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=dc2863329f91d1fec0a4bd2b567c3d33%2F11314145592203982105&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360156&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h3w4q9kh8ysqdc488x2w4s28scxatzx4dsdcdq4vwx7n63z3j3gcbjy5g3wybm6dzr5s5cap8vm91mqrw7srg5z6wsqjbqd4pg0hgtnp7d37jfbavhs14s71xewwbjt00zy6m5v4sgw6rrr0rnkev5xs750ngawzzv865t2cqjsvdx9tk3ac4drha7qge00tj7y60p8a5esej88c6pejrbsta8shv9vty7pk78226f7srf3e53seqfgzqr5kkemtv29q61x12wkfvdn67fkdww2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZjrk_4c2ZKzHIoKKjuwPreq8gAKQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HswVuNS8uJIFGT3ejDFXLWRUhPAXr5r-ucBLoC_VGx0mc3juRxbzxYv_jzD-x8eqigUwnZLFCvRvctpgWcZXfWJdAlQBzBgYzp9PTVGvYflzdZRnORpVDTz1Hy-SpQ5bl71iOo4L1ErzC-kWn1fHA4Ni-DmPMqDYiLAECcGQBajKeDjRhvcK1qf8ZmwLK6wnint3klC46FeenWojT-2Ki_jZ6oP5jhIzkUFGUwuHFPazDfHTOfoklLz8AKmlZ-yP2ffSAOP_MUWJF774NFQrLWx_V8stNXLdy0RaOjtLYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0a005ZJ7j1ABpMkU_0bC4KY-a00Q%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2395982
cf-polished: qual=85, origFmt=jpeg, origSize=132437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23154
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Dec 2021 17:51:23 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAuohTw93QMEvyEwp%2Bs%2BudQODf63Azv%2FBysiQKqi%2BEGVFCYTRXpp5sMC6dbGAxzfWhw%2FhDpLPdoUJSe%2FBhgzi9lthy9DCFve18NvGxDERUVbqERZ48ZzT4auhsoisG26WeahtlpYK6GNY2D7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b6ac9a189c12bd6-FRA
expires: Thu, 13 Apr 2023 10:29:20 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 0233
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPq32aWRpP4CFcSH_QcduVAOWw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023041212292083797474709X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite...

49 B
1 KB

63ms
23ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023041212292083797474709X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023041212292083797474709X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=dc2863329f91d1fec0a4bd2b567c3d33%2F11314145592203982105&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360156&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h3w4q9kh8ysqdc488x2w4s28scxatzx4dsdcdq4vwx7n63z3j3gcbjy5g3wybm6dzr5s5cap8vm91mqrw7srg5z6wsqjbqd4pg0hgtnp7d37jfbavhs14s71xewwbjt00zy6m5v4sgw6rrr0rnkev5xs750ngawzzv865t2cqjsvdx9tk3ac4drha7qge00tj7y60p8a5esej88c6pejrbsta8shv9vty7pk78226f7srf3e53seqfgzqr5kkemtv29q61x12wkfvdn67fkdww2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZjrk_4c2ZKzHIoKKjuwPreq8gAKQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HswVuNS8uJIFGT3ejDFXLWRUhPAXr5r-ucBLoC_VGx0mc3juRxbzxYv_jzD-x8eqigUwnZLFCvRvctpgWcZXfWJdAlQBzBgYzp9PTVGvYflzdZRnORpVDTz1Hy-SpQ5bl71iOo4L1ErzC-kWn1fHA4Ni-DmPMqDYiLAECcGQBajKeDjRhvcK1qf8ZmwLK6wnint3klC46FeenWojT-2Ki_jZ6oP5jhIzkUFGUwuHFPazDfHTOfoklLz8AKmlZ-yP2ffSAOP_MUWJF774NFQrLWx_V8stNXLdy0RaOjtLYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0a005ZJ7j1ABpMkU_0bC4KY-a00Q%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 10:29:20 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023041212292083797474709X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023041212292083797474709X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218
date: Wed, 12 Apr 2023 10:29:20 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 0233 44 KB
44 KB 45ms
40ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=dc2863329f91d1fec0a4bd2b567c3d33%2F11314145592203982105&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360156&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h3w4q9kh8ysqdc488x2w4s28scxatzx4dsdcdq4vwx7n63z3j3gcbjy5g3wybm6dzr5s5cap8vm91mqrw7srg5z6wsqjbqd4pg0hgtnp7d37jfbavhs14s71xewwbjt00zy6m5v4sgw6rrr0rnkev5xs750ngawzzv865t2cqjsvdx9tk3ac4drha7qge00tj7y60p8a5esej88c6pejrbsta8shv9vty7pk78226f7srf3e53seqfgzqr5kkemtv29q61x12wkfvdn67fkdww2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZjrk_4c2ZKzHIoKKjuwPreq8gAKQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HswVuNS8uJIFGT3ejDFXLWRUhPAXr5r-ucBLoC_VGx0mc3juRxbzxYv_jzD-x8eqigUwnZLFCvRvctpgWcZXfWJdAlQBzBgYzp9PTVGvYflzdZRnORpVDTz1Hy-SpQ5bl71iOo4L1ErzC-kWn1fHA4Ni-DmPMqDYiLAECcGQBajKeDjRhvcK1qf8ZmwLK6wnint3klC46FeenWojT-2Ki_jZ6oP5jhIzkUFGUwuHFPazDfHTOfoklLz8AKmlZ-yP2ffSAOP_MUWJF774NFQrLWx_V8stNXLdy0RaOjtLYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0a005ZJ7j1ABpMkU_0bC4KY-a00Q%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1769090
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pvie58gk3RlvUJl57h0WJTJ45N1uiDRLVw%2F9q2rvHYcNT8V4RzkFZZusyXPXftfWi%2Fu4qFD0edL5OTfPLvpIQSF8eKRg2DXz9TkV4uRRq%2FWKmm7s%2FBXFki2Ap4oZSv1%2Fay6o53eGohqEb2WH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b6ac9a189ce2bd6-FRA
expires: Thu, 13 Apr 2023 10:29:20 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 0233 222 KB
222 KB 40ms
36ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=dc2863329f91d1fec0a4bd2b567c3d33%2F11314145592203982105&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360156&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h3w4q9kh8ysqdc488x2w4s28scxatzx4dsdcdq4vwx7n63z3j3gcbjy5g3wybm6dzr5s5cap8vm91mqrw7srg5z6wsqjbqd4pg0hgtnp7d37jfbavhs14s71xewwbjt00zy6m5v4sgw6rrr0rnkev5xs750ngawzzv865t2cqjsvdx9tk3ac4drha7qge00tj7y60p8a5esej88c6pejrbsta8shv9vty7pk78226f7srf3e53seqfgzqr5kkemtv29q61x12wkfvdn67fkdww2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZjrk_4c2ZKzHIoKKjuwPreq8gAKQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HswVuNS8uJIFGT3ejDFXLWRUhPAXr5r-ucBLoC_VGx0mc3juRxbzxYv_jzD-x8eqigUwnZLFCvRvctpgWcZXfWJdAlQBzBgYzp9PTVGvYflzdZRnORpVDTz1Hy-SpQ5bl71iOo4L1ErzC-kWn1fHA4Ni-DmPMqDYiLAECcGQBajKeDjRhvcK1qf8ZmwLK6wnint3klC46FeenWojT-2Ki_jZ6oP5jhIzkUFGUwuHFPazDfHTOfoklLz8AKmlZ-yP2ffSAOP_MUWJF774NFQrLWx_V8stNXLdy0RaOjtLYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0a005ZJ7j1ABpMkU_0bC4KY-a00Q%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 492785
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226916
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVv0NHIlSRv7XW4CvQ37YyJVjw%2FHZX%2B202U8u8B4ZeCQcpfMWwpYMxw5n4oevvukGy%2FpNafwY3OR%2BhSfo%2Bu0ReujHMdRnLNcD1agHT%2FRJoyXPhs5uHt0TCeo6Sz2SydKYKh5grXJqIMvVyUu"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b6ac9a179b32bd6-FRA
expires: Thu, 13 Apr 2023 10:29:20 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 0233
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1681295360_e2a8ac12-d91c-11ed-9d45-2261c3620022&insert=AW&&gdpr=0&gdpr_consent=

0
473 B

117ms
23ms

Image
text/plain

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1681295360_e2a8ac12-d91c-11ed-9d45-2261c3620022&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
cache-control: no-cache
cf-ray: 7b6ac9a30cb9906c-FRA
content-length: 0
expires: -1

Redirect headers

Date: Wed, 12 Apr 2023 10:29:20 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1681295360_e2a8ac12-d91c-11ed-9d45-2261c3620022&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 8150 94 KB
12 KB 24ms
22ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C34719&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=250&e=&g=d902811378996205a1b53ae0dc896434%2F3719006060709946258&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmyt4yyjgc38b08n3gm7ee6c4754e13dtd981fgzs23a4tzn2h37p0btjjx0rc1sq7czwjzzgsk7qjsv3dnse82e76dvdna9pr6hjpf909stcky6qnxkdm0hzm8egc43zw41sbkmv0554bkjvmsff6f94pq6p0e7xmvvkw5wphcgnfpaahs1dmysx6yjp2kcgfwydpvcv3jvp2192bkc3wffx84j796ztjvkp94jf535n2qkny0j23w6vp84k4df1zy8j4j596g7z1tfqe8n5yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C34719&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=250&e=&g=d902811378996205a1b53ae0dc896434%2F3719006060709946258&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmyt4yyjgc38b08n3gm7ee6c4754e13dtd981fgzs23a4tzn2h37p0btjjx0rc1sq7czwjzzgsk7qjsv3dnse82e76dvdna9pr6hjpf909stcky6qnxkdm0hzm8egc43zw41sbkmv0554bkjvmsff6f94pq6p0e7xmvvkw5wphcgnfpaahs1dmysx6yjp2kcgfwydpvcv3jvp2192bkc3wffx84j796ztjvkp94jf535n2qkny0j23w6vp84k4df1zy8j4j596g7z1tfqe8n5yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 84279
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtEZvSUzcBY6J8seDo6Wf9L%2FprZLwAKjG7YCTf5MoUjxgjwYZlO%2Ft3GwZAalGrYLAJSge0ViZAq1CpnE3RD56Te5JwxZdUWfjpkG5y2MMGb0gU5Z8d%2BBVFXCKBTtyQsC2H1WXgk9QHs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7b6ac9a17ed02c56-FRA
expires: Wed, 12 Apr 2023 11:29:20 GMT

GET
H2 200 C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame 8150 5 KB
5 KB 47ms
40ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C34719&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=250&e=&g=d902811378996205a1b53ae0dc896434%2F3719006060709946258&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmyt4yyjgc38b08n3gm7ee6c4754e13dtd981fgzs23a4tzn2h37p0btjjx0rc1sq7czwjzzgsk7qjsv3dnse82e76dvdna9pr6hjpf909stcky6qnxkdm0hzm8egc43zw41sbkmv0554bkjvmsff6f94pq6p0e7xmvvkw5wphcgnfpaahs1dmysx6yjp2kcgfwydpvcv3jvp2192bkc3wffx84j796ztjvkp94jf535n2qkny0j23w6vp84k4df1zy8j4j596g7z1tfqe8n5yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 410132
cf-polished: origFmt=png, origSize=10283
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4736
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Apr 2023 12:21:02 GMT
server: cloudflare
etag: "b90d04a587c2a1ab6749e51d8bb195d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZ%2FJ46Jo6jTD6Ftp4O9ZmPzPPaa8TY1NfERcgLl%2Bfc2AyRMilh1zCevyoPljWV%2F4Sctezy8fZ650ok3vrMXym8HmJliRe0Pbq0odjbBO7WzQyR6RcRKlROZvHoYrCl2OqIdDDbQK2GShv9U1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b6ac9a189cf2bd6-FRA
expires: Thu, 13 Apr 2023 10:29:20 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 8150 54 KB
55 KB 30ms
26ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C34719&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=250&e=&g=d902811378996205a1b53ae0dc896434%2F3719006060709946258&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmyt4yyjgc38b08n3gm7ee6c4754e13dtd981fgzs23a4tzn2h37p0btjjx0rc1sq7czwjzzgsk7qjsv3dnse82e76dvdna9pr6hjpf909stcky6qnxkdm0hzm8egc43zw41sbkmv0554bkjvmsff6f94pq6p0e7xmvvkw5wphcgnfpaahs1dmysx6yjp2kcgfwydpvcv3jvp2192bkc3wffx84j796ztjvkp94jf535n2qkny0j23w6vp84k4df1zy8j4j596g7z1tfqe8n5yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2388874
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55786
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0rCOT6PpcViqf3P0guVtWVfz2r9EfbgSBfxtk3JyT5ZhzBGhEKYiEGnoUCTEMYua8OIKzwHL%2Fhx%2BXbaufiNu4aOl3%2Fzt35%2B6Z2XpeSUJpPJqKAKzVmRE6T3KL2ydFQnUzx8olBd4zN8c%2BcC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b6ac9a179b52bd6-FRA
expires: Thu, 13 Apr 2023 10:29:20 GMT

GET
H2 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 8150 127 KB
128 KB 39ms
36ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C34719&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=250&e=&g=d902811378996205a1b53ae0dc896434%2F3719006060709946258&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmyt4yyjgc38b08n3gm7ee6c4754e13dtd981fgzs23a4tzn2h37p0btjjx0rc1sq7czwjzzgsk7qjsv3dnse82e76dvdna9pr6hjpf909stcky6qnxkdm0hzm8egc43zw41sbkmv0554bkjvmsff6f94pq6p0e7xmvvkw5wphcgnfpaahs1dmysx6yjp2kcgfwydpvcv3jvp2192bkc3wffx84j796ztjvkp94jf535n2qkny0j23w6vp84k4df1zy8j4j596g7z1tfqe8n5yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1783388
cf-polished: origFmt=png, origSize=233620
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130162
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDekWIgI1mzblK02T%2FsY9h8EgEfY4uLhsJD1LWuxPaAU1MRcJIshHigrpzoDm4kD3httvKQVGRqbMlWUty1DINMxSt83ur0TAwtHvVyUzCYOrKLMYGApPQSTrjTtGpzAlW8yUSDC0MeS%2FzKj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b6ac9a179b72bd6-FRA
expires: Thu, 13 Apr 2023 10:29:20 GMT

GET
H2 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 8150 461 KB
462 KB 38ms
35ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C34719&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=250&e=&g=d902811378996205a1b53ae0dc896434%2F3719006060709946258&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmyt4yyjgc38b08n3gm7ee6c4754e13dtd981fgzs23a4tzn2h37p0btjjx0rc1sq7czwjzzgsk7qjsv3dnse82e76dvdna9pr6hjpf909stcky6qnxkdm0hzm8egc43zw41sbkmv0554bkjvmsff6f94pq6p0e7xmvvkw5wphcgnfpaahs1dmysx6yjp2kcgfwydpvcv3jvp2192bkc3wffx84j796ztjvkp94jf535n2qkny0j23w6vp84k4df1zy8j4j596g7z1tfqe8n5yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1287900
cf-polished: origFmt=png, origSize=731561
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 471752
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=env%2FkEqeYUcEB2meQ%2Fiadn8%2F%2B8S0oBlFSqg%2BviXXITFEZvMj7oIokx7JuvDBKMCMCEzyp2m1RnK5Nn%2FSnuQZAp1wQoZ1IsqwvSqBTEZAnei8LAHzkowO3WFcK2iK3xNFF8GIQgCGqm6vOVY4"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b6ac9a179b82bd6-FRA
expires: Thu, 13 Apr 2023 10:29:20 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 8150 10 KB
10 KB 38ms
35ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C34719&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=250&e=&g=d902811378996205a1b53ae0dc896434%2F3719006060709946258&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmyt4yyjgc38b08n3gm7ee6c4754e13dtd981fgzs23a4tzn2h37p0btjjx0rc1sq7czwjzzgsk7qjsv3dnse82e76dvdna9pr6hjpf909stcky6qnxkdm0hzm8egc43zw41sbkmv0554bkjvmsff6f94pq6p0e7xmvvkw5wphcgnfpaahs1dmysx6yjp2kcgfwydpvcv3jvp2192bkc3wffx84j796ztjvkp94jf535n2qkny0j23w6vp84k4df1zy8j4j596g7z1tfqe8n5yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1017667
cf-polished: qual=85, origFmt=jpeg, origSize=58124
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9782
cf-bgj: imgq:85,h2pri
last-modified: Fri, 08 Jul 2022 10:19:52 GMT
server: cloudflare
etag: "b4342e277c43aad9c5020a04564bfd1e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDvmgCYnabeoEfXN1nMYbioEUz1uB5v%2Feysv27CKw2N8LLkyKsqSkYVvs5P2W3l7jNQsE8z1ukmjRDi99dttb13kuDrO2JJ5PfiraBfP7aFNZB2f0jyh3fMWgOgxNTu7TaZ5T3PCNCJsfo4h"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b6ac9a179ba2bd6-FRA
expires: Thu, 13 Apr 2023 10:29:20 GMT

GET
H2 200 9BB8922D4DC6C9A36B8D83900BE3C417783CEBF3EB448A8A5E268471F12FE38D3472246CD214F7655C16CB473EE4650902292819B5437B86E630B9AE33E0BB1F
assets.ad4m.at/product_image/ Frame 8150 67 KB
68 KB 35ms
33ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/9BB8922D4DC6C9A36B8D83900BE3C417783CEBF3EB448A8A5E268471F12FE38D3472246CD214F7655C16CB473EE4650902292819B5437B86E630B9AE33E0BB1F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C34719&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=250&e=&g=d902811378996205a1b53ae0dc896434%2F3719006060709946258&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmyt4yyjgc38b08n3gm7ee6c4754e13dtd981fgzs23a4tzn2h37p0btjjx0rc1sq7czwjzzgsk7qjsv3dnse82e76dvdna9pr6hjpf909stcky6qnxkdm0hzm8egc43zw41sbkmv0554bkjvmsff6f94pq6p0e7xmvvkw5wphcgnfpaahs1dmysx6yjp2kcgfwydpvcv3jvp2192bkc3wffx84j796ztjvkp94jf535n2qkny0j23w6vp84k4df1zy8j4j596g7z1tfqe8n5yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a868642fa5a7a4692ff83f60cf0f26a6717c5d6a6cb6d550e798462a38a66880

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 492857
cf-polished: qual=85, origFmt=jpeg, origSize=151815
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68606
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Sep 2021 13:52:46 GMT
server: cloudflare
etag: "a62d41b78511a9833569245cc89b9e75"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7oV39Sxj3okSMxfQ2HevIpxU8FzLP8m5E9Fps14am8a4zOGHqCkUd3EGuWKNgPWgOQ4cBahhvYW%2FALGN8JdFZUk2PAg8fW2%2FSwiOz6NUHn1lJdglZcNlw%2Bk1dbLp61Bxtdw3P%2FLoTzkfa3U"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b6ac9a179bb2bd6-FRA
expires: Thu, 13 Apr 2023 10:29:20 GMT

GET
H2

200

view.aspx
pb.media01.eu/ Frame 8150
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr...
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&actio...

0
630 B

76ms
14ms

Image
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=981741&produktid=&dt_url=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C34719&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=250&e=&g=d902811378996205a1b53ae0dc896434%2F3719006060709946258&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmyt4yyjgc38b08n3gm7ee6c4754e13dtd981fgzs23a4tzn2h37p0btjjx0rc1sq7czwjzzgsk7qjsv3dnse82e76dvdna9pr6hjpf909stcky6qnxkdm0hzm8egc43zw41sbkmv0554bkjvmsff6f94pq6p0e7xmvvkw5wphcgnfpaahs1dmysx6yjp2kcgfwydpvcv3jvp2192bkc3wffx84j796ztjvkp94jf535n2qkny0j23w6vp84k4df1zy8j4j596g7z1tfqe8n5yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 12 Apr 2023 12:29:20 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 12 Apr 2023 10:29:20 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 50FF0ACA:8934_91EFC182:01BB_64368800_1CD2EBCB:C02A
X-IPLB-Instance: 40028
Content-Type: application/javascript
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=981741&produktid=&dt_url=
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H2 429 link.html
track.webgains.com/ Frame 8150 0
0 243ms
33ms Script
text/html 35.176.154.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hfxj2ytxr489cm74wfp9555zz047mbtd97erfrt4yp99etmmw40mp0g73d55rtkxanakd9rxt3c22a8rg2kzsk5jjw1nhx6dyjb43x4g3eqfrp9a5atnt9gjds96hw0q5bb79xnnd4actsrs16m1pm4sarrsehztqyj3rb1x2yc0n0he4x7ckcb3tnfg0zxt1q813px954mvfgdmywcspayryh90bgwvyhtqxyj4fn442c36js7akhgy31hjk395z0g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hmyt4yyjgc38b08n3gm7ee6c4754e13dtd981fgzs23a4tzn2h37p0btjjx0rc1sq7czwjzzgsk7qjsv3dnse82e76dvdna9pr6hjpf909stcky6qnxkdm0hzm8egc43zw41sbkmv0554bkjvmsff6f94pq6p0e7xmvvkw5wphcgnfpaahs1dmysx6yjp2kcgfwydpvcv3jvp2192bkc3wffx84j796ztjvkp94jf535n2qkny0j23w6vp84k4df1zy8j4j596g7z1tfqe8n5yp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%252526client%25253Dca-pub-8847092362748368%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C34719&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=250&e=&g=d902811378996205a1b53ae0dc896434%2F3719006060709946258&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmyt4yyjgc38b08n3gm7ee6c4754e13dtd981fgzs23a4tzn2h37p0btjjx0rc1sq7czwjzzgsk7qjsv3dnse82e76dvdna9pr6hjpf909stcky6qnxkdm0hzm8egc43zw41sbkmv0554bkjvmsff6f94pq6p0e7xmvvkw5wphcgnfpaahs1dmysx6yjp2kcgfwydpvcv3jvp2192bkc3wffx84j796ztjvkp94jf535n2qkny0j23w6vp84k4df1zy8j4j596g7z1tfqe8n5yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.154.189 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-154-189.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H2 200 link.html Show response
track.webgains.com/ Frame 8150 1 KB
2 KB 272ms
62ms Script
text/html 35.176.154.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hem791zq1ft4731yt8aasd9fv0krk90g1kyr05xyx8qhhrjcqsxp5051x2grtj1bdn27hjdzfym36m1dp1gtezwzr74d158m172yp1secr7yme4ashcbbyc239zqgd4g91c5rw60r6y3br2rf77n64ss717fd5zpya0x6q1rwpvfe8txvc21rter4xb2wgp084yp3gwrjjfp12pe7kzm6d0m98nvbfe7g9f69hwthmy900dykd8kgpzsdvs2jab5sng%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hmyt4yyjgc38b08n3gm7ee6c4754e13dtd981fgzs23a4tzn2h37p0btjjx0rc1sq7czwjzzgsk7qjsv3dnse82e76dvdna9pr6hjpf909stcky6qnxkdm0hzm8egc43zw41sbkmv0554bkjvmsff6f94pq6p0e7xmvvkw5wphcgnfpaahs1dmysx6yjp2kcgfwydpvcv3jvp2192bkc3wffx84j796ztjvkp94jf535n2qkny0j23w6vp84k4df1zy8j4j596g7z1tfqe8n5yp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%252526client%25253Dca-pub-8847092362748368%252526adurl%25253D&clickref=oneid9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneidZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C34719&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=250&e=&g=d902811378996205a1b53ae0dc896434%2F3719006060709946258&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmyt4yyjgc38b08n3gm7ee6c4754e13dtd981fgzs23a4tzn2h37p0btjjx0rc1sq7czwjzzgsk7qjsv3dnse82e76dvdna9pr6hjpf909stcky6qnxkdm0hzm8egc43zw41sbkmv0554bkjvmsff6f94pq6p0e7xmvvkw5wphcgnfpaahs1dmysx6yjp2kcgfwydpvcv3jvp2192bkc3wffx84j796ztjvkp94jf535n2qkny0j23w6vp84k4df1zy8j4j596g7z1tfqe8n5yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.154.189 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-154-189.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: c9c9d9682ca99bc472408bfdb1b7efd6638057dffb81c2ab1db00212c8045ff0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
last-modified: Wed, 12 Apr 2023 10:29:20 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 12 Apr 2023 10:30:20 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 8150 85 KB
31 KB 113ms
8ms Script
text/javascript 65.9.95.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hem791zq1ft4731yt8aasd9fv0krk90g1kyr05xyx8qhhrjcqsxp5051x2grtj1bdn27hjdzfym36m1dp1gtezwzr74d158m172yp1secr7yme4ashcbbyc239zqgd4g91c5rw60r6y3br2rf77n64ss717fd5zpya0x6q1rwpvfe8txvc21rter4xb2wgp084yp3gwrjjfp12pe7kzm6d0m98nvbfe7g9f69hwthmy900dykd8kgpzsdvs2jab5sng%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hmyt4yyjgc38b08n3gm7ee6c4754e13dtd981fgzs23a4tzn2h37p0btjjx0rc1sq7czwjzzgsk7qjsv3dnse82e76dvdna9pr6hjpf909stcky6qnxkdm0hzm8egc43zw41sbkmv0554bkjvmsff6f94pq6p0e7xmvvkw5wphcgnfpaahs1dmysx6yjp2kcgfwydpvcv3jvp2192bkc3wffx84j796ztjvkp94jf535n2qkny0j23w6vp84k4df1zy8j4j596g7z1tfqe8n5yp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%252526client%25253Dca-pub-8847092362748368%252526adurl%25253D&clickref=oneid9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneidZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-34.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 14:54:04 GMT
content-encoding: gzip
via: 1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 70517
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: td1sfaPZqZnxcHLOJGWDhqyb_jLNvxEvru839o8ST4k_tgIh_lEZYw==

GET
H2 200 link.html
track.webgains.com/ Frame 8150 48 KB
49 KB 90ms
89ms Image
image/gif 35.176.154.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&wglinkid=2194035
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C34719&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=250&e=&g=d902811378996205a1b53ae0dc896434%2F3719006060709946258&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681295360165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmyt4yyjgc38b08n3gm7ee6c4754e13dtd981fgzs23a4tzn2h37p0btjjx0rc1sq7czwjzzgsk7qjsv3dnse82e76dvdna9pr6hjpf909stcky6qnxkdm0hzm8egc43zw41sbkmv0554bkjvmsff6f94pq6p0e7xmvvkw5wphcgnfpaahs1dmysx6yjp2kcgfwydpvcv3jvp2192bkc3wffx84j796ztjvkp94jf535n2qkny0j23w6vp84k4df1zy8j4j596g7z1tfqe8n5yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%2526client%253Dca-pub-8847092362748368%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.154.189 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-154-189.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:20 GMT
last-modified: Wed, 12 Apr 2023 10:29:20 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 12 Apr 2023 10:30:20 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A5D2 4 KB
618 B 39ms
27ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1681295358&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295358011&bpp=1&bdt=585&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280&nras=1&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=fcpATTfosI&p=http%3A//smiles.iclou.com.br&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35fd59b97a8e0d867188a88d4ec485d4daa94c2ac3ae46790435ee7b59f229c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 10:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 10:06:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 10:29:20 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame A5D2 2 KB
765 B 20ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1681295358&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295358011&bpp=1&bdt=585&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280&nras=1&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=fcpATTfosI&p=http%3A//smiles.iclou.com.br&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:38:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75065
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:38:15 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A5D2 0
0 61ms
54ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgXA3_oc2ZM6vBMqPrAT9r6vQBb2Npq9vn8yvrL8O6p_coNQBEAEgkLCHE2CVqp-CsAegAbC6odcDyAEJqQK8b4nKxliyPqgDAcgDywSqBOkBT9CDogTKS7wO6SW7AW2mnlybrkR9og6_dGd634o7Y5HZffCN8SMsbp0nbACr7Axbswl1KHU0xHZ5wMJDCjsquTx2ERr4G4jvhwcbWdVAA7f07z8RvRojzAluWP8VWK_sKl_6IhZyH-BmGvj1Fb3RA_UMzl-f9YQgdB_dyPEO-P7tQukNe98cEKDwnCG5nwLVRtiEvUixoWrQZejnKJnuJGWgcjdTUMQfk-urEdAjY1-6Aib1SqL3guRctPCVZ9yz9A5hTN4547nurCs4LvPSx66nnKnFeQwvHNJPlE1YJ2YjU82hlIBD7yDABKmcqargA5IFBAgEGAGSBQQIBRgEoAYugAfF960-qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcFEIazigHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi04ODQ3MDkyMzYyNzQ4MzY4GAA&sigh=hROBUhWgUEc&uach_m=[UACH]&cid=CAQSSwDUE5ymAl1x6SUlOkIsjKd6OIB7Yt24BbhfrvZIhd2FIsQfRGZu-Eiey4fqLai_Z0V15liz-JYhVHOpHpNVIChMfTZe2x-2hDlkxhgB&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1681295358&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295358011&bpp=1&bdt=585&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280&nras=1&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=fcpATTfosI&p=http%3A//smiles.iclou.com.br&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1681295358&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295358011&bpp=1&bdt=585&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280&nras=1&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=fcpATTfosI&p=http%3A//smiles.iclou.com.br&dtd=20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 10:29:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A5D2 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame A5D2
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

31ms
25ms

Image
image/png

2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1681295358&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295358011&bpp=1&bdt=585&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280&nras=1&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=fcpATTfosI&p=http%3A//smiles.iclou.com.br&dtd=20

Protocol

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 404648
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Apr 2024 18:05:12 GMT

Redirect headers

date: Wed, 12 Apr 2023 04:40:51 GMT
x-content-type-options: nosniff
server: cafe
age: 20909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 May 2023 04:40:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/ Frame A5D2 22 KB
9 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1681295358&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295358011&bpp=1&bdt=585&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280&nras=1&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=fcpATTfosI&p=http%3A//smiles.iclou.com.br&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:35:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:35:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame A5D2 3 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1681295358&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295358011&bpp=1&bdt=585&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280&nras=1&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=fcpATTfosI&p=http%3A//smiles.iclou.com.br&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 06:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 06:53:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame A5D2 20 KB
8 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1681295358&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295358011&bpp=1&bdt=585&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280&nras=1&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=fcpATTfosI&p=http%3A//smiles.iclou.com.br&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:37:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A5D2 159 KB
49 KB 542ms
540ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1681295358&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295358011&bpp=1&bdt=585&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280&nras=1&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=fcpATTfosI&p=http%3A//smiles.iclou.com.br&dtd=20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 10:29:21 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame A5D2 33 KB
14 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1681295358&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295358011&bpp=1&bdt=585&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280&nras=1&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=fcpATTfosI&p=http%3A//smiles.iclou.com.br&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 07:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 07:19:29 GMT

GET
DATA 200
OK truncated
/ Frame A5D2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56cc83aaa6fa485322607a2bed49667b25cecee3f9d658daa440afcf5ea51960

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 106E 16 KB
16 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 86297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A5D2 16 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 86297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:04 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 85ms
59ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230410&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5401c1998ab816e1acff95be1ce02a463a96bbbc155e45339f2a0acc2c323ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11309
x-xss-protection: 0

POST
H/1.1 200
OK printData.php Show response
redirecionador.info/relacionados/aereo/ 7 KB
2 KB 255ms
237ms XHR
text/html 2606:4700:3034::6815:5f5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://redirecionador.info/relacionados/aereo/printData.php
Requested by: Host: redirecionador.info
URL: http://redirecionador.info/relacionados/aereo/requestData.js
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:5f5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.38
Resource Hash: 4c3d217e121f14401fd4763cb559435eaf76f331644b595fba6465fe34059dc0

Request headers

Referer: http://smiles.iclou.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Wed, 12 Apr 2023 10:29:22 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
X-Powered-By: PHP/5.6.38
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOVTgG0dUdSk3pemjrjCTy75oH%2FGRC3YmJFpXJrUz5WyowGobLu10gy4Iv4Zo4Sg5wh%2B1kDwdYYbsnArqPytX0A3IHR3ZGiAx2WgBeQtobc%2B5iaW5F5kntXrqoo%2BzUGDFV5%2FGs%2BaAh1daYAZhOPeW5AJ"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
CF-RAY: 7b6ac9ab1f6b8ffa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 qMU6ruUuZ1zoKC0LZ3Jpmtn3twdVMxn7JXARaYw8J-4.js Show response
pagead2.googlesyndication.com/bg/ Frame B89F 36 KB
14 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qMU6ruUuZ1zoKC0LZ3Jpmtn3twdVMxn7JXARaYw8J-4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8c53aaee52e675ce8282d0b6772699ad9f7b707553319fb257011698c3c27ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14303
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 18:46:22 GMT

GET
H3 200 qMU6ruUuZ1zoKC0LZ3Jpmtn3twdVMxn7JXARaYw8J-4.js Show response
pagead2.googlesyndication.com/bg/ Frame 24FD 36 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qMU6ruUuZ1zoKC0LZ3Jpmtn3twdVMxn7JXARaYw8J-4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1681295358&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1681295358011&bpp=1&bdt=585&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6615b8c7c842abdc-22f391758edd0055%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w&gpic=UID%3D00000bd502d0b624%3AT%3D1681295357%3ART%3D1681295357%3AS%3DALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ&prev_fmts=0x0%2C770x280&nras=1&correlator=4428690245185&frm=20&pv=1&ga_vid=1068648059.1681295358&ga_sid=1681295358&ga_hid=1698769956&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773810%2C44759837%2C44759926%2C31073793%2C31071269&oid=2&pvsid=3256792158418300&tmod=1561216736&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=fcpATTfosI&p=http%3A//smiles.iclou.com.br&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8c53aaee52e675ce8282d0b6772699ad9f7b707553319fb257011698c3c27ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14303
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 18:46:22 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 8150 16 B
232 B 62ms
62ms Fetch
application/json 18.168.95.84

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.168.95.84 -, , ASN (),

Reverse DNS

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 12 Apr 2023 10:29:22 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 448ms
26ms Preflight 18.168.95.84

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.95.84 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 12 Apr 2023 10:29:22 GMT
server: nginx

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 12 Apr 2023 10:29:22 GMT

GET
H/1.1 200
OK livelo.jpg
redirecionador.info/relacionados/aereo/ 146 KB
147 KB 455ms
454ms Image
image/jpeg 2606:4700:3034::6815:5f5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://redirecionador.info/relacionados/aereo/livelo.jpg
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:5f5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3954951fab3308819245253a893dba74d4e3107fb5544392f13712e01b7caf25

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 10:29:22 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 149972
Last-Modified: Thu, 11 Feb 2021 15:59:44 GMT
Server: cloudflare
ETag: "60255470-249d4"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vp4GCcrtau4tKSUf2IIRiFsaJOIOV03d2cW5EYSnQF7ufl6fUS0f54748JanjtKncJiZLpaOgRhg9U52DTx%2B%2BZRFg6fB4xHcUL3%2BPBi2WeMYkWQYMAuJArM%2FEkpTdSlVDXuvHl8gYoesAfXyTi2gd%2F8n"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
CF-RAY: 7b6ac9adcea20368-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK azullinhasaereas.jpg
redirecionador.info/relacionados/aereo/ 35 KB
36 KB 348ms
339ms Image
image/jpeg 2606:4700:3034::6815:5f5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://redirecionador.info/relacionados/aereo/azullinhasaereas.jpg
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:5f5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6e55453f8187a47dad63c4d8583549a4670733a135ad27e923d83ad3725d94d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 10:29:22 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 36226
Last-Modified: Thu, 11 Feb 2021 15:59:40 GMT
Server: cloudflare
ETag: "6025546c-8d82"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvtsa%2BCi7rMkqABNeMZnpOjQwyV%2F2J1mpuHV%2F%2Bq0YvE0eh655J8oKlxZJZ7ENXyDq6pezyH2adQ6CHuaKhdsxtbK85QGhAcEhSc%2BCRnBHG%2BmFcNUirYtI61Bq%2BucpE7gxrqlD%2BluiC8V%2BRxFIp9EhXWn"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
CF-RAY: 7b6ac9addf79bb37-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK petrobraspremia.jpg
redirecionador.info/relacionados/aereo/ 60 KB
60 KB 459ms
450ms Image
image/jpeg 2606:4700:3034::6815:5f5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://redirecionador.info/relacionados/aereo/petrobraspremia.jpg
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:5f5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ef1f0738a69cbdef8dd01eaa1d5f01a3887b51637b01edacab04f10a6f2e9d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 10:29:22 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 60947
Last-Modified: Thu, 11 Feb 2021 15:59:39 GMT
Server: cloudflare
ETag: "6025546b-ee13"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lTBceMRGn%2B%2BqrvAJAcfsyoNn52ts6ahrXXcUh0D252ZgRBfdtxsJxjNlIinI2iVEENIahoUp4KXyvOakhrGe5hxsML76otc3GIGrHUgpIJ7r0WNuJgFUm0%2FBZcdef68s1dVQoSLI4V%2FLxvRSZmFnJSWj"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
CF-RAY: 7b6ac9add965362f-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK smilles.jpg
redirecionador.info/relacionados/aereo/ 46 KB
47 KB 467ms
458ms Image
image/jpeg 2606:4700:3034::6815:5f5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://redirecionador.info/relacionados/aereo/smilles.jpg
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:5f5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0480d5a0a6710fa9b3636c890beda2f7a057d3ad3e01facda4486ba8b6066d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 10:29:22 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 47112
Last-Modified: Thu, 11 Feb 2021 15:59:39 GMT
Server: cloudflare
ETag: "6025546b-b808"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQMtv2QtiGxKkLVTT%2FibjRcKFNlql2JU95mhNoPk5rj1O6qtzVT3p81SXosmIMlcmqN4ElPWyCbF6uTDm0JilbG9bF8%2F0jaLDCvMLyX5SBCPI2ksRXVC819QHsXcB2dpsv1j27MjCrCqBdsuVL0tA%2BEB"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
CF-RAY: 7b6ac9addf969a0f-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK latamcargo.jpg
redirecionador.info/relacionados/aereo/ 53 KB
54 KB 47ms
34ms Image
image/jpeg 2606:4700:3034::6815:5f5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://redirecionador.info/relacionados/aereo/latamcargo.jpg
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:5f5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fe983c6bb37456c846ef1d5224c2b04b191518fe21432d2962460f0f516e8c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 10:29:22 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 146983
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 54159
Last-Modified: Thu, 11 Feb 2021 15:59:42 GMT
Server: cloudflare
ETag: "6025546e-d38f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99NKy%2Bi99BPEVHEPKzPdw%2BYLv9s8%2BrBlg5XCk6xoT4wJ7gnqzMZWLuFrt8fRz20a8a2RB2kZCCRYbUfZqNce7iW%2BZLn7Tcq5ktWAJer%2BJdghsvEPerJa4%2B23cbpsUKQ6iJ9UDnnX4SIeqzcqTA2UQA3u"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
CF-RAY: 7b6ac9adef6c3802-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK voejet.jpg
redirecionador.info/relacionados/images/ 112 KB
113 KB 46ms
32ms Image
image/jpeg 2606:4700:3034::6815:5f5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://redirecionador.info/relacionados/images/voejet.jpg
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:5f5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 711d406e599b1434376708ae019fa188106c48bdc73b5a6d5b50855f9030dfa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 10:29:22 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 181535
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 115187
Last-Modified: Sat, 21 Sep 2019 14:23:54 GMT
Server: cloudflare
ETag: "5d86327a-1c1f3"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQNF9u5rbtAtwGYusYLVr4oxhJXOAz2RfQLpsA%2FzTaKqWGDmbsbdajQ4oZSvXAKFvwB1dQCLp4AJMF3LK2KvHGr9Czo%2BzKQZK5LOj9Me7UjwjjEH83FtWVf1AAzVT4jQoW%2FMpjG6vIc9Gj%2FBfCBltDFd"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
CF-RAY: 7b6ac9ade9372c2d-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 29C8 13 KB
5 KB 15ms
12ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 09:45:20 GMT
expires: Thu, 11 Apr 2024 09:45:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6AB1 783 B
535 B 20ms
17ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

86a03efc0094c822a234ad1398bc141d6ad07a86dd31bcca4f23e20fb1dc12fc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZVmbxr2WEKkJvrgiW_2jXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-ZVmbxr2WEKkJvrgiW_2jXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 10:29:22 GMT
expires: Wed, 12 Apr 2023 10:29:22 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6AB1 0
0 44ms
43ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230410&jk=3256792158418300&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 qMU6ruUuZ1zoKC0LZ3Jpmtn3twdVMxn7JXARaYw8J-4.js Show response
pagead2.googlesyndication.com/bg/ Frame 29C8 36 KB
14 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qMU6ruUuZ1zoKC0LZ3Jpmtn3twdVMxn7JXARaYw8J-4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8c53aaee52e675ce8282d0b6772699ad9f7b707553319fb257011698c3c27ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14303
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 18:46:22 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 29C8 0
10 B 164ms
164ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?w48bNA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:29:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2CCC 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssdm_-vnoQeQY3AGhjJXhryt_9Cs5ZnVMbLEofUg8VB5j8NeiPKqYm-Bt0bkfORhywQrhzTXC_2h8BfL6lKLwJvLiWZQgeNv8NVvzCl7mNsZ7kZ20z5RVa2EDZsq4dXm3x8DGJq5g&sai=AMfl-YRI2KRt-Iu-EUOvrcTR__ojCBvzD96eDyU_476ydFWo0bjPHhoPcscxPqH-pTfZUas-UY8nA7hrMRTV&sig=Cg0ArKJSzPR7nWuS_QirEAE&cid=CAQSGwDUE5ymKYUYgXH8QJq-M9stkX4_o02A20FNhhgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230410&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1681295358646&rpt=3060&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 10:29:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A5D2 42 B
64 B 47ms
46ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuO6RWBJdDLvB8FsoENz5m9TgAjI9aAp9vAqVo3ySRFGXcwQIDaKRgk-pJ3BJvLRCzxEWrKlL5QHmQbzvws_G9vgo-kCzu7KF-mWmUCdoumYky0gS_262Su1ii5ZkEsQw4XFSRJFg&sai=AMfl-YRa37EcjumSfZemgE8AoxMNrerY02upV41MZv_AT1b5TpXVBeAeVEuzcKAKJjRJbciU3htdJyphei6Z3ErKmSJKhwfN_kGkzVB7w81ms310ObkSLwUyTcYeBYM9OrGqSky4dMmaJzwfP0sN&sig=Cg0ArKJSzApMzIFxuR20EAE&cid=CAQSSwDUE5ymAl1x6SUlOkIsjKd6OIB7Yt24BbhfrvZIhd2FIsQfRGZu-Eiey4fqLai_Z0V15liz-JYhVHOpHpNVIChMfTZe2x-2hDlkxhgB&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230410&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=291284351&rs=2&la=0&cr=0&vs=4&r=v&rst=1681295358033&rpt=3721&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 10:29:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 106E 42 B
64 B 55ms
54ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstde4E9MgCtW4_3pvMjp7cXghaR9tF0J7_TVQjnJ3L6J0cyvb2tkq_Uy2qmj0nyzrNx_nYBb6pDYVFAvtbWsonZfdJi3YydnCxgGDR9CTUVGhTbJVccP_qfFRjTWnPfRMUEc4RCmg&sai=AMfl-YRHNM01iQmHBeGZqnbCoQGPF1iiC0r3k9tVMUxk1zF9M7x1-3VVOUTbN5JeGO8RJn9UCXq-9Dn5qrpKUQZvSIUieGJCeUML6zuJDbMj9knc2VgQUmoFjjoLbT8XDgrK-Gezdy6a3GIWc1zw&sig=Cg0ArKJSzPgBUzOrorWbEAE&cid=CAQSSwDUE5ym2FsgKVnVTY-9tlsYVUCgGA5LkeFhfWw0UolT_0Vxqc6sQn7PhVYPdDqL-4WfuFESd_p_zssz-3IVDOGNOv3RMcdFTeRYsxgB&id=lidar2&mcvt=1004&p=0,0,280,770&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230410&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3582736694&rs=2&la=0&cr=0&vs=4&r=v&rst=1681295358024&rpt=3719&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 10:29:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230410&jk=3256792158418300&bg=!BwSlBFDNAAYIJb0jKCU7ADkAdvg8WpCc81NH7R7khowTaCX3QV1Rspqgbu3mfMaOGW01Ff-SRUPPJYPGkCZ7U4LcoMTjn3uBmIQCAAAAq1IAAAADaAEHCgCW8YiFxEk778VlKi0HWcAu39uhtnNhilRIF1Buo1bZm2GRjQE1E9Z757KK0LTQPmb80Cbw6aJT58wL3aZxrIrMVncgcqU1XJXvXm6mjM_gEe9Nfu1YLAQjJ9-Loi4Zn6QmKMgaYwxMYnhMeD8B_qX-S7UMaaLJGxNJcs8VC3yAZ_X0XyEgaNbTvf5HTY9ZQ5L-6I9C2E_CmQKVYZQwaHhGiUt5RZrc1E9EWQy4Q0lczvDfQNmqT78HjeNvn3n_7S1K6P4jkeMHhslhJyc3h0kaQhlilobHfBQMVQt0Zw9aFqQiff0wLo_G8QzFcg86hpSWdaZpueyCjNfLMutc1pXM3TwwdA__W3atx3GDRfeUCS3RuvT_8FrKy9ZbJ3BsoKMsmxD_na-bFh1LLXlRz2vENZ4TElORKmHCncm0PZzVPTNyyzAcyKmQBHV8J4i3bZAGBIrsOYdn0qNHBLvJhWvXjxgVXmjMlTyi5624KeDN0yxJJUwI8fDsTzOl_mWmqHeOTOlY_EP75JIe8QmSOAovuA-gcdyOBMS3gpYxJPj1_Bkz78jEuswzoW5cyd3i6j7IJEBmg2bOn4qCaYKLxTL6egmiwDajZIasZFJyTHuEUHl-I6uStRqeoOMKErnDBh1v1P7Kzag2kFfTY5xeJcce21hTRD4Qz0T9P52kNyyQs6JAUJgkq_9lGCxVMkTNVbL15mBIura34VptQy27blZ-42eud2a0VZV-zV8LFiMV9Rd2YulwFE3VvsZn54tn50651xMCWmg724GQlab8pw8Dchu4MOaVq5eBvFAvOYaY9jarBlyIk4ja1MgM4jA-8ZQu63z_tT043sM_ak774S7rd1NlCp0p0F2f9TA4mkoSWQEfx4xDN5SNEzRxrFaeiAh0XI2eBAaniOOEjbCS5SlWVqR9P_sFSqCi2oP3qrojsk6SrR1XIuzQhF29UUzvwhH_Y2Gm7RXeA_PW3ZMtNQRu6cUQp0ui2P0T6bRTeLmLnZhMEudwjXEva6bBfIrsa4XRAwi_o_N2ir1DEwL6abA7U1MDoxBtiV7-IHLBcw6ugCODSuv8kVt324zdzR-ehQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.iclou.com.br/	1970-01-20 20:23:11	Name: __gads Value: ID=6615b8c7c842abdc-22f391758edd0055:T=1681295357:RT=1681295357:S=ALNI_MYh6iZ4NbE2AtPsz6SaWgYHYVr-3w
.iclou.com.br/	1970-01-20 20:23:11	Name: __gpi Value: UID=00000bd502d0b624:T=1681295357:RT=1681295357:S=ALNI_MYhsGltYRcgQp0nCPS7QbPmlB6LlQ
.doubleclick.net/	1970-01-20 20:23:11	Name: IDE Value: AHWqTUmilyxuNJJ6_yMtbXVnIifVwgRBCKMbgTyDCWCPMSG9hqo4wxz8YR_EPEf2Hqk
.doubleclick.net/	1970-01-20 11:01:38	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 11:01:36	Name: test_cookie Value: CheckForPermission
.casalemedia.com/	1970-01-20 19:47:11	Name: CMID Value: ZDaH-7iZomEeU-OiZ4ylSQAA
.casalemedia.com/	1970-01-20 13:11:11	Name: CMPS Value: 2139
.casalemedia.com/	1970-01-20 13:11:11	Name: CMPRO Value: 2139
.adfarm1.adition.com/	1970-01-20 13:11:11	Name: UserID1 Value: 7221108581848053900
.pubmatic.com/	1970-01-20 11:03:01	Name: KTPCACOOKIE Value: YES
.simpli.fi/	1970-01-20 19:48:37	Name: suid Value: 9FEECDAB395D4351B7E46432D6166187
.pubmatic.com/	1970-01-20 19:47:11	Name: KADUSERCOOKIE Value: F1BB6CA9-1439-4D8D-A9C6-AF411CF1DB61
.de17a.com/	1970-01-20 19:39:59	Name: guid Value: 1.2189999288132737821
.turn.com/	1970-01-20 15:20:47	Name: uid Value: 4299351178937857441
.awin1.com/	1970-01-20 11:04:28	Name: awpv20044 Value: 412871\|1681295360\|e2a5c5e1-d91c-11ed-b00f-2238801674a3
.awin1.com/	1970-01-20 11:05:54	Name: awpv11354 Value: 412871\|1681295360\|e2a8ac12-d91c-11ed-9d45-2261c3620022
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 1emx3lvowjdvxmwxc0nz1ybj
pb.media01.eu/	1970-01-20 20:37:35	Name: DTU Value: 36F535F72AD787E5DF3EFDFCE70CDAD7
www.conrad.de/	1970-01-20 11:05:54	Name: HTLP_timestamp Value: 1681295360492
www.conrad.de/	1970-01-20 11:05:54	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 11:01:37	Name: __cf_bm Value: XlAL8p2lnsra0XL_30unBXfo7RZ7U3CQubIxBaUnTsw-1681295360-0-AQn9PECFKxh4jHPv23XeqebnR/wqjMiigWKADSn+NPIftxnq2O18Ov7lM8b37ZKcc7ewrb3kbu+zujW4EHzFo8A=
.o2online.de/	1970-01-20 11:11:40	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4MTI5NTM2MHZsZWExZGUyMDIzMDQxMjEyMjkyMDgzNzk3NDc0NzA5WDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWQxUVl0YmZLZlh6WHM5SGRIOXRBdDIycmgyU0tUR0c4U3g3WFFvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMjAyMTE
.o2online.de/	1970-01-20 11:11:40	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 11:11:40	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023041212292083797474709X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4MTI5NTM2MHZsZWExZGUyMDIzMDQxMjEyMjkyMDgzNzk3NDc0NzA5WDEyMDIxMVYxMjI2MTMyNzAyT

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hfxj2ytxr489cm74wfp9555zz047mbtd97erfrt4yp99etmmw40mp0g73d55rtkxanakd9rxt3c22a8rg2kzsk5jjw1nhx6dyjb43x4g3eqfrp9a5atnt9gjds96hw0q5bb79xnnd4actsrs16m1pm4sarrsehztqyj3rb1x2yc0n0he4x7ckcb3tnfg0zxt1q813px954mvfgdmywcspayryh90bgwvyhtqxyj4fn442c36js7akhgy31hjk395z0g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hmyt4yyjgc38b08n3gm7ee6c4754e13dtd981fgzs23a4tzn2h37p0btjjx0rc1sq7czwjzzgsk7qjsv3dnse82e76dvdna9pr6hjpf909stcky6qnxkdm0hzm8egc43zw41sbkmv0554bkjvmsff6f94pq6p0e7xmvvkw5wphcgnfpaahs1dmysx6yjp2kcgfwydpvcv3jvp2192bkc3wffx84j796ztjvkp94jf535n2qkny0j23w6vp84k4df1zy8j4j596g7z1tfqe8n5yp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCmHRs_4c2ZP_KIqOGjuwP1tSO2AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQK8b4nKxliyPqgDAaoE4AFP0HRi7kwjQFyy2-TkdZCUl0_0vPAykvIcgTs5MIKtMHX2UJV3zHYByrKewUyUItU6tG_BbocnnraA_QYU0hb2B6WT5RroYRHMK-ww-d5lCRoKCKpwmZU2hywgkQGRvJgWFtsTx5PA076BkjS405AE2AwSeoVvpRRxMehUUTSf0iRGkzjMCbGG4hrleySCSB3nDY8rsPnneb_PghRjfqu4uvzbJQvOVlzEOt9E-1IOWcCxCv8ANE_C0wp-EHHa8cws-T0ORjFlTBHd95De82YA9wIxC34tZdtwjoQKIEma04AGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2Er2VEE7pk5cgwRN9XqZMZ0V0yYw%252526client%25253Dca-pub-8847092362748368%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad.turn.com
ad4m.at
adservice.google.com
adservice.google.de
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
cdn.jsdelivr.net
clients1.google.com
cm.g.doubleclick.net
contatonline.com
cse.google.com
d5p.de17a.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pb.media01.eu
prod-rtb.ad4mat.net
pv.medialead.de
r.turn.com
redirecionador.info
smiles.iclou.com.br
ssum-sec.casalemedia.com
static-de.ad4mat.net
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
voesmiles.com.br
www.awin1.com
www.conrad.de
www.google.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
104.111.217.42
13.58.124.244
142.250.185.134
142.250.185.98
145.239.193.130
167.233.13.224
18.168.95.84
185.80.39.216
198.47.127.19
2.23.68.89
213.155.156.180
2600:1901:0:76b9::
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700:3034::6815:5f5f
2606:4700::6810:5514
2606:4700::6812:7f05
2a00:1450:4001:806::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::2004
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
35.176.154.189
35.204.74.118
35.71.131.137
46.228.164.11
5.161.90.154
51.38.120.206
65.9.95.34
84.200.5.215
85.114.159.118
88.198.250.30
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
0253f8a64b29e7ded039acdc74509864353fd7a13b2252d7bdebd92b16c639f5
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
0a7cac9b8f0b40c02c190a290f821c12d3a30bdd31f99699c96afb6e011f628b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16b58a78958f0cbe48e2f899ef655ef235807a8bdf335eddd7593c909e036c77
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
191e52dcb4efe1253e5c5aeb09e0e87844c2a66d13a15d3103a567c7a28e2a29
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1f34c3f13f66b3a23c55a85cd3a1a90fe0e6db110bb09717384b1cc0ec353528
1fb9f498acb08b2c6b94cbc2e80877bb649741516e98b9244fe6688ad1d4a22f
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2fd3ec1c9bbd8649a7df803f56aee470fa259abb0a9b70485cd51c9d1bf77a03
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b4e5121cdc6135c30476d258909c0e815737033f335812ab770213f967b7bd
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35fd59b97a8e0d867188a88d4ec485d4daa94c2ac3ae46790435ee7b59f229c2
363aa9e7348d7355fe9390ce4839ab227626baccc3732cdc84b2a14957b2f69c
3954951fab3308819245253a893dba74d4e3107fb5544392f13712e01b7caf25
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
3ea571f67616f2ef7b6acacb2a92cecf6a5035424ce962d971e3f32926202e06
3ef1f0738a69cbdef8dd01eaa1d5f01a3887b51637b01edacab04f10a6f2e9d3
40be1e0b85097b09fcecdd1fdd39eb639cc3f9c701438e7cea47a152bda60320
418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b
418c782cd9a0f004f25873525e400620db28bc9d81b2961e5e6be9faa5a900bb
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4c3d217e121f14401fd4763cb559435eaf76f331644b595fba6465fe34059dc0
503d2b5415c06554bfdef41bed533f0e64ecda261cccf952df893a00f6e88b49
5401c1998ab816e1acff95be1ce02a463a96bbbc155e45339f2a0acc2c323ae4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55fc10baa9c6fa8d98acac31beba1be0e8f688344f243dea838b5b03e8566a3c
56cc83aaa6fa485322607a2bed49667b25cecee3f9d658daa440afcf5ea51960
570de34421bc6bb0e8508ccd87ea8e21d8115b941d069a633d602d2121945be5
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
67c94f40f6a1ef4386d12289f3f3e435bde7d4de7f4d23ea73320e08d77e203a
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
711d406e599b1434376708ae019fa188106c48bdc73b5a6d5b50855f9030dfa5
720ae6009c1f8f0df7358e9fed36a787f6689191d6bb8473e5681a86ea861cd0
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
80a95843d533312b29371724263d11970cdaf3504c504188570ef09376e0af58
82274395ae9741732320547050e84cd8ca10510c0afb8cead6eb9172aa891deb
82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae
86a03efc0094c822a234ad1398bc141d6ad07a86dd31bcca4f23e20fb1dc12fc
875d781437d62f92873f51b8ec758a7ba82151dc4565da31c93754845196f5c1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
9737e1f2d8e8394823b95d1c2ed3db1a65efabeb4eaf36b3d35ed053dff921b9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9cf9649a5f837fd085ae06df4d0c8870726c8d31687d97d053e999c4066c73f9
9fe983c6bb37456c846ef1d5224c2b04b191518fe21432d2962460f0f516e8c4
a0480d5a0a6710fa9b3636c890beda2f7a057d3ad3e01facda4486ba8b6066d8
a3363af8f57042aa97c25136dfedfb50c82657ffd86d4a60e92494b6c7a6b2da
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6e55453f8187a47dad63c4d8583549a4670733a135ad27e923d83ad3725d94d
a7f17a86006bd59f40220c47ca583c06b083ed1ad690ff822a3fc2de2738d47b
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff
a868642fa5a7a4692ff83f60cf0f26a6717c5d6a6cb6d550e798462a38a66880
a8c53aaee52e675ce8282d0b6772699ad9f7b707553319fb257011698c3c27ee
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b78a5111d5bb1388063b0fb94fda6706c4b069dc6fe422162c3616d95ee71ea4
c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
c9c9d9682ca99bc472408bfdb1b7efd6638057dffb81c2ab1db00212c8045ff0
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cb279259ca0a7c551467e46ce0e909298f47a1a3e9a88676e2306afb9b84de80
d0ed127b748b5222f2656cd0d287f954c99e3e5bf6688a58a68861aed724d712
d1c09e80f13f58fa8735352042ae3ee483c8d801c705881cc076b3f39cff3375
d6fbcc344f39e39d7f6b0e0eafc8b9f230fc730fc442fd8fd07fdfa7f13d3bdc
d777a67ed470f53bca616334b97d9634650b2706d6f8202b4c60cc6746863053
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dfd23ac2bc52a9b89f99dd680e63cc7983150061140c6f2473094e369dda1f7c
e1f061781dd54ac94ee2245db3b03e2fe1604349e42b857a3e5c982d6cdbb5f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f073ab7678c07e6da6b065ecc62a4cb239eef79224760c88a98f5aae9e2ba59f
f33de0950f894167ea25b8f5b0bd41fd17ee35a77a4946626ec2ae2aa3a35c65
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f7da7a3265a7d6f483860c21d4b5447ccbeb23a9652f533cbbea8c2f8ef1c2ee
fa47d62ccb75892c28ac5447cebf4812d07085ac2fd2d3e096926b3655b29417
fadae0525cab4833319aa32f395cf4bf50bf14072a200bd3a4101eca55b3cc38
fbf146c8d8cf07dacd52cd913d85e579f25231fa11800e8ff24789e20f8fd78c
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

smiles.iclou.com.br Open in urlscan Pro 5.161.90.154 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

166 Requests

80 %HTTPS

50 %IPv6

33 Domains

45 Subdomains

34 IPs

7 Countries

3474 kBTransfer

5805 kBSize

25 Cookies

1 Outgoing links

Page URL History

Redirected requests

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

smiles.iclou.com.br Open in urlscan Pro
5.161.90.154 Public Scan

Screenshot
Live screenshot

Full Image

166
Requests

80 %
HTTPS

50 %
IPv6

33
Domains

45
Subdomains

34
IPs

7
Countries

3474 kB
Transfer

5805 kB
Size

25
Cookies

166 HTTP transactions
7 data transactions