finanzaspy.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://receitasninja.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZmaW5hbnphc3B5LmNvbSUyRmUtY2FpeGEtdGVtLWFwcC1tZW...
Effective URL:
https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Submission: On July 06 via manual (July 6th 2023, 11:43:52 am UTC) from BR — Scanned from DE

Summary HTTP 307 Redirects Behaviour Indicators

Summary

This website contacted 57 IPs in 8 countries across 47 domains to perform 307 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is finanzaspy.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 17th 2023. Valid for: a year.

This is the only time finanzaspy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.222.19.112 3.222.19.112	14618 (AMAZON-AES) (AMAZON-AES)
38	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2 11	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
17	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2 10	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:225... 2600:9000:2250:fe00:a:e047:753:be1	() ()
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
7 19	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 3	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:c958:4a7f:3095:994e	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:205... 2600:9000:2057:1800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	185.86.139.101 185.86.139.101	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.64.118.247 104.64.118.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.41.28.186 13.41.28.186	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.98 18.66.147.98	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.36 99.86.4.36	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
2 2	3.122.44.22 3.122.44.22	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 3	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 2	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.40.20.169 13.40.20.169	16509 (AMAZON-02) (AMAZON-02)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	185.89.211.132 185.89.211.132	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.240.84.191 34.240.84.191	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1 2	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
3	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:223... 2600:9000:223f:a000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:1f13:800... 2600:1f13:800:7780:4e56:4440:4fc2:d335	16509 (AMAZON-02) (AMAZON-02)
47	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
307	57

1 3.222.19.112 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-19-112.compute-1.amazonaws.com

receitasninja.lt.acemlna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

finanzaspy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
script.joinads.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:fe00:a:e047:753:be1 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.186.130 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:c958:4a7f:3095:994e (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:1800:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.101 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.64.118.247 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-118-247.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.41.28.186 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-28-186.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-36.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.44.22 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-44-22.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.185 (Sweden) 3 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.89.75 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.40.20.169 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-40-20-169.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.132 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.240.84.191 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-84-191.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223f:a000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f13:800:7780:4e56:4440:4fc2:d335 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	1 KB
46	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	532 KB
40	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 254 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 346	306 KB
36	finanzaspy.com finanzaspy.com	672 KB
17	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	1 MB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 30069 ad4m.at — Cisco Umbrella Rank: 9754 assets.ad4m.at — Cisco Umbrella Rank: 41291	428 KB
13	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 325	111 KB
13	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 113	3 KB
12	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 951 static.adsafeprotected.com — Cisco Umbrella Rank: 624 dt.adsafeprotected.com — Cisco Umbrella Rank: 542	116 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	273 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	718 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635	4 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 391	110 KB
5	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 405 mug.criteo.com — Cisco Umbrella Rank: 2102 dis.criteo.com — Cisco Umbrella Rank: 608	8 KB
5	google.de www.google.de — Cisco Umbrella Rank: 4752	847 B
4	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 469 ib.adnxs.com — Cisco Umbrella Rank: 257	4 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1623 www.google-analytics.com — Cisco Umbrella Rank: 63	21 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	4 KB
3	de17a.com 3 redirects d5p.de17a.com — Cisco Umbrella Rank: 5037	923 B
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 20510 api.webgains.io — Cisco Umbrella Rank: 51644	31 KB
3	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 893 s.tribalfusion.com — Cisco Umbrella Rank: 1946	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	169 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1385 google-bidout-d.openx.net — Cisco Umbrella Rank: 1388	748 B
3	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 169 partner.googleadservices.com — Cisco Umbrella Rank: 1129	4 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 857	489 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1067 r.turn.com — Cisco Umbrella Rank: 3947	869 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1425	454 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1044	2 KB
2	awin1.com www.awin1.com — Cisco Umbrella Rank: 16326	1 KB
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 922	89 B
2	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481 ups.analytics.yahoo.com — Cisco Umbrella Rank: 338	836 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 383	531 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 808 id5-sync.com — Cisco Umbrella Rank: 423	25 KB
2	joinads.me script.joinads.me — Cisco Umbrella Rank: 549203	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 274	33 KB
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2276	174 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1777	587 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 862	466 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 59854	15 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 39920	2 KB
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 822	443 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 577	729 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1516	2 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 568	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1568	8 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	878 B
1	acemlna.com 1 redirects receitasninja.lt.acemlna.com	270 B
307	47

	Domain	Requested by
47	www.facebook.com	finanzaspy.com
36	finanzaspy.com	finanzaspy.com
23	pagead2.googlesyndication.com	finanzaspy.com pagead2.googlesyndication.com googleads.g.doubleclick.net b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net
20	tpc.googlesyndication.com	finanzaspy.com b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
19	cm.g.doubleclick.net	7 redirects b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com googleads.g.doubleclick.net
17	connect.facebook.net	finanzaspy.com connect.facebook.net
13	s0.2mdn.net	finanzaspy.com s0.2mdn.net
11	googleads.g.doubleclick.net	2 redirects www.googletagmanager.com pagead2.googlesyndication.com finanzaspy.com b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
10	www.google.com	2 redirects finanzaspy.com googleads.g.doubleclick.net b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com tpc.googlesyndication.com
10	www.googletagmanager.com	finanzaspy.com www.googletagmanager.com
7	securepubads.g.doubleclick.net	finanzaspy.com securepubads.g.doubleclick.net
6	dt.adsafeprotected.com	b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com finanzaspy.com
6	www.gstatic.com	googleads.g.doubleclick.net script.joinads.me
6	assets.ad4m.at	as.ad4m.at
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.google.de	finanzaspy.com
5	fonts.gstatic.com	fonts.googleapis.com
4	static.adsafeprotected.com	b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com srcdoc
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	finanzaspy.com as.ad4m.at ad4m.at
4	fonts.googleapis.com	finanzaspy.com b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net
3	googleads4.g.doubleclick.net	finanzaspy.com
3	d5p.de17a.com	3 redirects
3	www.googletagservices.com	finanzaspy.com googleads.g.doubleclick.net b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
3	b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	onetag-sys.com	1 redirects b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
2	fw.adsafeprotected.com	1 redirects finanzaspy.com
2	ib.adnxs.com	1 redirects googleads.g.doubleclick.net
2	api.webgains.io	analytics.webgains.io
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	dis.criteo.com	1 redirects googleads.g.doubleclick.net
2	pm.w55c.net	2 redirects
2	www.awin1.com	as.ad4m.at
2	secure.adnxs.com	2 redirects
2	ssbsync.smartadserver.com	b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
2	match.adsrvr.org	b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
2	a.tribalfusion.com	1 redirects googleads.g.doubleclick.net
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects finanzaspy.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googleadservices.com	www.googletagmanager.com
2	script.joinads.me	finanzaspy.com script.joinads.me
1	cdnjs.cloudflare.com	s0.2mdn.net
1	ups.analytics.yahoo.com	b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
1	tr.blismedia.com	b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
1	r.turn.com	b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	as.ad4m.at
1	google-bidout-d.openx.net	oa.openxcdn.net
1	s.ad.smaato.net	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	s.tribalfusion.com	finanzaspy.com
1	sync.mathtag.com	1 redirects
1	mug.criteo.com	finanzaspy.com
1	id5-sync.com	cdn.id5-sync.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	receitasninja.lt.acemlna.com	1 redirects
307	69

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-17` - `2024-02-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
joinads.me E1	`2023-06-17` - `2023-09-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-14` - `2023-07-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh

This page contains 41 frames:

Primary Page: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Frame ID: 106C836404B211502F82C809F6650B8D
Requests: 147 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20190131/zrt_lookup.html
Frame ID: 336308690A87217D52373C141C69A610
Requests: 1 HTTP requests in this frame

Frame: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DA3F8470C1F4F8741997A18DB9D62551
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060780421721333&output=html&adk=1812271804&adf=3025194257&lmt=1688577888&plat=8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688643824303&bpp=5&bdt=1672&idt=282&shv=r20230628&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=202269717543&frm=20&pv=2&ga_vid=380639831.1688643824&ga_sid=1688643824&ga_hid=732917418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075780%2C31075849%2C44788441&oid=2&pvsid=3537348392657576&tmod=525144901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=303
Frame ID: 21F0B2038076EE89123D1353EAD41BFD
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=finanzaspy.com
Frame ID: 9A1AB37BCFE53C9BB4F9DD19E60862BD
Requests: 2 HTTP requests in this frame

Frame: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1E402998FE8F49392D66B2E70B83ADFB
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hbzavxszxxvbxttfs4320evkt2z9nytjg2j3p5g7jq84twk3knyc7538cmwebwqwqcn8061sg4cg5md7zna0tgmb8kg4zjtrcz0wyyg284rae3hmacp22eap6s6cx044atxbm3f4r1b1605y9r7zdn2bk0yczdsm4g2c0bm1phgxxwtzxpec5fcm2wr2j0w7481tkcd25890jv9erreny681drwm3jt8czhv67sv192ajzxct5gw42qs8svpah7kj14e2a5p5g2q9svgfqvfns5bfcm48j6arkm3dyj1qs5bf217s3xyhaq321sxjmn0je9v6k8dxfv1mjw35479321fpp09e576tptgv7xetwtrgjyctqwtpfwtxqq0gn04rp858tmrar7vf3526dxnx3gm9ztj29qwmmjctw5e87r613b254c9cnr31r0xsqxzwcmvxr2em9g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwvki8KimZLeFIJK81gbgr5PIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4OTQyMDk4NzA4NTc5MDXIAQmpAkz3zoOgN7I-4AIAqAMBqgSjAk_Qe4qJbqtBCWrey87IZ9gaIXobGW8l74vb_YvK-xbgTuGi_hraHPaY8FDeeNDh5Foqr78lJTj_txom9GlH-VlXj5TAB6ou30d5y84ufu1jm3OQH8p-Xyi6jm0fHnIsjWMXThFf9ubw7fF2deOp8ugJ2Iggfo40BDe_MN99s55fEqeoyk9LCgtbv6lfJJKSEEUppP0d3gi_lbMyy2VmkjOJ5Gy9HsTb45JZ2gs--2V4WkNxhbodO6AUgG2DUXiy-OniNI95fsbmFx7JnmufOAdk2sYwWPAOz9m81imeXkTepOtDDUR4vQGzNlALkl46aJ-ECrF-lKrs-hQo8H3TK0hI1POF9c50pTY211RhrH6QK6nwpspFCN1y1TK2crXdGGad7uAEAYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Vb69ptDZRPJHDuNpI-Z8yyqgJ3g%26client%3Dca-pub-4894209870857905%26adurl%3D
Frame ID: BEC73080B1911485AA709C744D08E9CD
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/window_focus_fy2021.js
Frame ID: F0B9D1B0891B1F08DF1CF2A640ABAD91
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 80F25DA9A9B9D2DC34DDA793D1172F72
Requests: 9 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: A406AC30815A222BA6108613F2730331
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 212579A09A98E9CF16EB43E188F2C48E
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=22cefa9c92ae77da7e3e87435cd7c28e%2F3726556781543493662&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688643825094&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnkq3vgyj1g4q27qhbfaf6hfj34c6q2f2jqw3czapajdhsev4fsztbeagyrdrfk988tqmb3v2cxt9bvwgqh7gr4r3wtqw6yg7yy8x7qtpk2b37zrs99nkjjhtm1fay283t4bbca4zfws5x48ne85qfc5wse5ps39sr2xxygch64qsjrxys8j7e0gdzptgkfv298gc34b1t6n879wnw1y6p35cwczk268qga4y0qg2xrpznnp545k2w9zx968jsnpt33d0qt58xc1yk262m5ntvmf4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwvki8KimZLeFIJK81gbgr5PIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4OTQyMDk4NzA4NTc5MDXIAQmpAkz3zoOgN7I-4AIAqAMBqgSjAk_Qe4qJbqtBCWrey87IZ9gaIXobGW8l74vb_YvK-xbgTuGi_hraHPaY8FDeeNDh5Foqr78lJTj_txom9GlH-VlXj5TAB6ou30d5y84ufu1jm3OQH8p-Xyi6jm0fHnIsjWMXThFf9ubw7fF2deOp8ugJ2Iggfo40BDe_MN99s55fEqeoyk9LCgtbv6lfJJKSEEUppP0d3gi_lbMyy2VmkjOJ5Gy9HsTb45JZ2gs--2V4WkNxhbodO6AUgG2DUXiy-OniNI95fsbmFx7JnmufOAdk2sYwWPAOz9m81imeXkTepOtDDUR4vQGzNlALkl46aJ-ECrF-lKrs-hQo8H3TK0hI1POF9c50pTY211RhrH6QK6nwpspFCN1y1TK2crXdGGad7uAEAYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Vb69ptDZRPJHDuNpI-Z8yyqgJ3g%2526client%253Dca-pub-4894209870857905%2526adurl%253D&y=1&s=&z=0
Frame ID: 9C4150BBF4EE7985640E606FE79FB065
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4681A0FB3E2585157078E411C9853350
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4837995B5C88D4E5BBB5DD2A517E0576
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs
Frame ID: 80C11E49E3AD70D6AABEC212004B5766
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: 251E733223582CD08A913DF20CB6576F
Requests: 1 HTTP requests in this frame

Frame: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 77EEF8A3C0E6C0A23D912ECB5EB74E7D
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIY_sGa7QEwAQ&v=APEucNVF664w4GrvzsDok0bOMxcMcuXIUAb3uEqTwUnN5uH2OQqiQA-5G8WKwNDXL96qjtO-VxfMBGkKyfSwxOoC3DAs_ferYyzjygQxkt7Dp3AAZM15yRXnsKForgxYvaCj76KwIkHbrTHrJ3gN-ppYzio_ZGx-ibFWOODoh0OC3T7a9Z38X4U
Frame ID: 89BD68B427490C96DB4B94E5573416EE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AA5458FA8E82108B57AF03F45033A67F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 66BB340C7798083A6C1F580067474F7B
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14668211440419877954/index.html?ev=01_250
Frame ID: 5C65CF36C554BC57A0B43039886607CE
Requests: 13 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 540877B92ED5FC0B07F18E054AA79E51
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_300x250.js
Frame ID: 93AC2141DE03DD2280FD21C18EFCA291
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 316CAB5914C0129A122A8DFD3E9F5AC4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 659D235F35F9C000941CE3468BC5454B
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A9206E5F2A311908CC14249349F04991
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3DD8D03DF47E86D553C3F28ECA7FEE54
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7C90D00C54EFAC876D08BD7C507F8352
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9F00631BA413E50B51E26192AE8F164F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0DD944A349EB4D2F3D6D080FC65880DF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 46BD99089BC9C90C36C7A2B365144DE3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 588C4C2C90FE7FEE4C1A8CC1D6E0C6FE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: EFE13DE04BB54AE46624F82C04063840
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: AB84C1683CA39758FE0E2921E472AE0F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7EC324850CA0612D981F6813D90DDF08
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8FEDA822816DF10B234D3D3CFA0BFA1E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5A54718A5C94C8FBCCCAB3FC7D4BE27F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C08309796FB76CAAA13D185B7B2B8CD0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9B36425A97AF3029268A1D786F6BDA0E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C1BBC05A86040FDD32BA7B8FD7D2C788
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 004A5A026F140A5660A8CD32A4CDDE28
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

e-caixa-tem-app-melhor - Finanzas Py

Page URL History Show full URLs

https://receitasninja.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZmaW5hbnphc3B5LmNvbSUyRmUtY2... HTTP 302
https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_ac... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href=(?:"|')[^"']*elementor/assets

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

307
Requests

93 %
HTTPS

55 %
IPv6

47
Domains

69
Subdomains

57
IPs

8
Countries

5059 kB
Transfer

14646 kB
Size

33
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://receitasninja.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZmaW5hbnphc3B5LmNvbSUyRmUtY2FpeGEtdGVtLWFwcC1tZWxob3IlMkYlM0Z1dG1fc291cmNlJTNEYWN0aXZlJTI2dXRtX21lZGl1bSUzRGVtYWlsJTI2dXRtX2NhbXBhaWduJTNEM19hY3RpdmVfZW1haWxfNTM2Mg==&sig=AZFsPdg1GNvYg4jTCbsmyZ5dxdN3gweAWZwiUcgkcu93&iat=1688593561&a=%7C%7C254169999%7C%7C&account=receitasninja%2Eactivehosted%2Ecom&email=mpv%2BQTK9nUMhGLXM9a7oW%2B2VcXGyqa6RhdcgHfAep8D7ICZEbAKDAw%3D%3D%3AJKLVeSI85GeYOvqontsI1ejLn1CDgkqZ&s=9c5abcf148f2c227467e0666b5583868&i=1939A1937A1A6611 HTTP 302
https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10883628328/?random=572317725&cv=11&fst=1688643824126&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&label=sgBQCMy6kYMYEKj628Uo&hn=www.googleadservices.com&frm=0&tiba=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&gtm_ee=1&auid=571045654.1688643824&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=8KimZOfFDJjqZaySgcAK&sscte=1&crd=&pscrd=Ek5DaEVJOE15WnBRWVE1ZDdJd1A3eDhjQzdBUklsQU5PWHY5ZmJqbVlKSEphU05scFpMUjBjdmxrcy1zTEx5UV9DRkJOcWtLdjdTbFVLWUEaV0NoQUk4TXlacFFZUWhaWDU3T25XMktjckVpMEFlU3dpcldVREJwb3ZkSkJERGE1T1dHQ2ltYXJTSE1FazZQeG9XNmxMYWM4bW4xei1YWndWMFE2NmY2WSITCOf9rLqA-v8CFRh1GQodLEkAqA HTTP 302
https://www.google.com/pagead/1p-conversion/10883628328/?random=572317725&cv=11&fst=1688643824126&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&label=sgBQCMy6kYMYEKj628Uo&hn=www.googleadservices.com&frm=0&tiba=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&gtm_ee=1&auid=571045654.1688643824&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE15WnBRWVE1ZDdJd1A3eDhjQzdBUklsQU5PWHY5ZmJqbVlKSEphU05scFpMUjBjdmxrcy1zTEx5UV9DRkJOcWtLdjdTbFVLWUEaV0NoQUk4TXlacFFZUWhaWDU3T25XMktjckVpMEFlU3dpcldVREJwb3ZkSkJERGE1T1dHQ2ltYXJTSE1FazZQeG9XNmxMYWM4bW4xei1YWndWMFE2NmY2WSITCOf9rLqA-v8CFRh1GQodLEkAqA&is_vtc=1&ocp_id=8KimZOfFDJjqZaySgcAK&cid=CAQSKQBygQiD0KI0yFQl5icSUUyAIL1ZdSGIYcDMhe4XuBZu3J_pOvCBFCW4&random=1427606730 HTTP 302
https://www.google.de/pagead/1p-conversion/10883628328/?random=572317725&cv=11&fst=1688643824126&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&label=sgBQCMy6kYMYEKj628Uo&hn=www.googleadservices.com&frm=0&tiba=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&gtm_ee=1&auid=571045654.1688643824&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE15WnBRWVE1ZDdJd1A3eDhjQzdBUklsQU5PWHY5ZmJqbVlKSEphU05scFpMUjBjdmxrcy1zTEx5UV9DRkJOcWtLdjdTbFVLWUEaV0NoQUk4TXlacFFZUWhaWDU3T25XMktjckVpMEFlU3dpcldVREJwb3ZkSkJERGE1T1dHQ2ltYXJTSE1FazZQeG9XNmxMYWM4bW4xei1YWndWMFE2NmY2WSITCOf9rLqA-v8CFRh1GQodLEkAqA&is_vtc=1&ocp_id=8KimZOfFDJjqZaySgcAK&cid=CAQSKQBygQiD0KI0yFQl5icSUUyAIL1ZdSGIYcDMhe4XuBZu3J_pOvCBFCW4&random=1427606730&ipr=y

Request Chain 80

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11152165732/?random=1221820452&cv=11&fst=1688643824283&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&label=3ZB0COzR5ZoYEOSW4sUp&hn=www.googleadservices.com&frm=0&tiba=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&gtm_ee=1&auid=571045654.1688643824&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=8KimZOagE4-qZY_bvrAK&sscte=1&crd=&pscrd=Ek5DaEVJOE15WnBRWVE1ZDdJd1A3eDhjQzdBUklsQU5PWHY5ZmJqbVlKSEphU05scFpMUjBjdmxrcy1zTEx5UV9DRkJOcWtLdjdTbFVLWUEaV0NoQUk4TXlacFFZUWhaWDU3T25XMktjckVpMEFlU3dpcmVPRmFaZy01b2E0YzQ0NTdQVGctYktRNm90dWI3Xy1LRm0tTndNa19abzUxZXYwbXF2Z1ptSSITCObYs7qA-v8CFQ9VGQodj60Ppg HTTP 302
https://www.google.com/pagead/1p-conversion/11152165732/?random=1221820452&cv=11&fst=1688643824283&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&label=3ZB0COzR5ZoYEOSW4sUp&hn=www.googleadservices.com&frm=0&tiba=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&gtm_ee=1&auid=571045654.1688643824&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE15WnBRWVE1ZDdJd1A3eDhjQzdBUklsQU5PWHY5ZmJqbVlKSEphU05scFpMUjBjdmxrcy1zTEx5UV9DRkJOcWtLdjdTbFVLWUEaV0NoQUk4TXlacFFZUWhaWDU3T25XMktjckVpMEFlU3dpcmVPRmFaZy01b2E0YzQ0NTdQVGctYktRNm90dWI3Xy1LRm0tTndNa19abzUxZXYwbXF2Z1ptSSITCObYs7qA-v8CFQ9VGQodj60Ppg&is_vtc=1&ocp_id=8KimZOagE4-qZY_bvrAK&cid=CAQSKQBygQiDPeqUU5O-Oegvki-iuAV_cX1HdYUqt6SYSbOKQesR-kNTA3k3&random=145206773 HTTP 302
https://www.google.de/pagead/1p-conversion/11152165732/?random=1221820452&cv=11&fst=1688643824283&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&label=3ZB0COzR5ZoYEOSW4sUp&hn=www.googleadservices.com&frm=0&tiba=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&gtm_ee=1&auid=571045654.1688643824&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE15WnBRWVE1ZDdJd1A3eDhjQzdBUklsQU5PWHY5ZmJqbVlKSEphU05scFpMUjBjdmxrcy1zTEx5UV9DRkJOcWtLdjdTbFVLWUEaV0NoQUk4TXlacFFZUWhaWDU3T25XMktjckVpMEFlU3dpcmVPRmFaZy01b2E0YzQ0NTdQVGctYktRNm90dWI3Xy1LRm0tTndNa19abzUxZXYwbXF2Z1ptSSITCObYs7qA-v8CFQ9VGQodj60Ppg&is_vtc=1&ocp_id=8KimZOagE4-qZY_bvrAK&cid=CAQSKQBygQiDPeqUU5O-Oegvki-iuAV_cX1HdYUqt6SYSbOKQesR-kNTA3k3&random=145206773&ipr=y

Request Chain 86

https://oajs.openx.net/esp?url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rid=esp&cc=1

Request Chain 91

https://gum.criteo.com/sid/json?origin=publishertagids&domain=finanzaspy.com&sn=ChromeSyncframe&so=0&topUrl=finanzaspy.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=RPVXr3x5UGM5UDNKSVZhVlhUKzJuelNmdDJrZnB3UElyZ3lKOEpUeFlyd1NkTXdSWkJGRFVVQkRxWDZSeCtUaTgzTFpkTHE5dCtaRjlzN0ZtakcvbUFtTGIwN3hBNkxPYnRlZTBkcDBtNENEd0M0UW5wTThFMTBZUk00OWtYZEF3U2lpUi81OUZrUUhITThaM1haTG5nYlVQV2VqQkxEMHM3eUZ1MUtJeWx4Q1R4bERtenJ5ZDlhQjZPTHNON3NtTXA0QlZUUGdLbkQwVjVFb2Y0Zlk4UDNIR2dUQWI4NnI1Q0gzenlmRzZJaHJEV2hDM3Q2SDNETHpQTmV1VHd4UklwV3ZVRXJtSW0vVHhjamZ6a2ZpZ0ZmOHJOVmFuRjNNWnF5Y1pWcHV2Qm44VlBHND18&cppv=2

Request Chain 103

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEG7pw-ageT4HOlnGPocy8LQ&google_cver=1&google_push=AaAOQGGpwOIKc9z5w2XP4tefzd1DXVE60vk7NtVzONgaVfEcpvRrxpbpTC-0rXtHgkNrKGEE8T_mhMWxJBwndEgLR-vB_hShUs6a HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGpwOIKc9z5w2XP4tefzd1DXVE60vk7NtVzONgaVfEcpvRrxpbpTC-0rXtHgkNrKGEE8T_mhMWxJBwndEgLR-vB_hShUs6a

Request Chain 104

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKtixcDY_kJIpNEb88bBVqc&google_cver=1&google_push=AaAOQGE3ky9P44FG4hJT_9AuU2gtk4YN24f8h1yn9p9v1c3vdmu985_9tZ4hAjfz_igS_b6grRKhJVIJ97hHIOAUA2a2vUIhE8OD&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE3ky9P44FG4hJT_9AuU2gtk4YN24f8h1yn9p9v1c3vdmu985_9tZ4hAjfz_igS_b6grRKhJVIJ97hHIOAUA2a2vUIhE8OD%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKtixcDY_kJIpNEb88bBVqc&google_cver=1&google_push=AaAOQGE3ky9P44FG4hJT_9AuU2gtk4YN24f8h1yn9p9v1c3vdmu985_9tZ4hAjfz_igS_b6grRKhJVIJ97hHIOAUA2a2vUIhE8OD&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE3ky9P44FG4hJT_9AuU2gtk4YN24f8h1yn9p9v1c3vdmu985_9tZ4hAjfz_igS_b6grRKhJVIJ97hHIOAUA2a2vUIhE8OD%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 106

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIjFdOPZ6KTevU5T2X-E9p8&google_cver=1&google_push=AaAOQGFAvssTetpwdKBgnFq2kafYPimYlA6ZdhHc5ex2mloz6zWCc2DoJnje_Nqe9nY-qIyroBNJYvTk___nqHJ3dRhq0Nd436o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFAvssTetpwdKBgnFq2kafYPimYlA6ZdhHc5ex2mloz6zWCc2DoJnje_Nqe9nY-qIyroBNJYvTk___nqHJ3dRhq0Nd436o&google_hm=eS1tdzBnSVJORTJwSGlUczhMcUwyUzlyQk15akVPX1VKdn5B

Request Chain 107

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIrqa8_7r11hsI4SPi1hX2s&google_cver=1&google_push=AaAOQGGlCob0bTT3EG5WFjQBeI8TrRsSeD8BJPquJux8sJP_LyRHdsm5ry2QGTgsD4UlYwdEL_FIHUXTCEthLDPZOGQr1QW0nVjN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGlCob0bTT3EG5WFjQBeI8TrRsSeD8BJPquJux8sJP_LyRHdsm5ry2QGTgsD4UlYwdEL_FIHUXTCEthLDPZOGQr1QW0nVjN

Request Chain 109

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEKo7H85ZIYKL-3jgeQH9ZA8&google_cver=1&google_push=AaAOQGFrRB1-RgWrKQD8EScP-wES7MPt7t_KsTzjoDGfWdz12rg8CIa1vSwZwTPv4XIuYLMH3qCQQLLNOWgiyHEZ362a4rGDhReKhg HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEKo7H85ZIYKL-3jgeQH9ZA8%26google_cver%3D1%26google_push%3DAaAOQGFrRB1-RgWrKQD8EScP-wES7MPt7t_KsTzjoDGfWdz12rg8CIa1vSwZwTPv4XIuYLMH3qCQQLLNOWgiyHEZ362a4rGDhReKhg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTIwOTM4MTg1MDI4MDQ2OTMwOA%3D%3D&google_gid=CAESEKo7H85ZIYKL-3jgeQH9ZA8&google_cver=1&google_push=AaAOQGFrRB1-RgWrKQD8EScP-wES7MPt7t_KsTzjoDGfWdz12rg8CIa1vSwZwTPv4XIuYLMH3qCQQLLNOWgiyHEZ362a4rGDhReKhg

Request Chain 169

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA09fZzOBTYkU6JNmVOmUKA&google_cver=1&google_push=AaAOQGGdfRErcT_I_lSQwqCskfK-T6q20vmq2cY04gXgT4rJT2gxOJs5ef1kNpmIPMetD-ige47TnkthRTJcIyT9QaU_SpnCEilurBA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA09fZzOBTYkU6JNmVOmUKA&google_cver=1&google_push=AaAOQGGdfRErcT_I_lSQwqCskfK-T6q20vmq2cY04gXgT4rJT2gxOJs5ef1kNpmIPMetD-ige47TnkthRTJcIyT9QaU_SpnCEilurBA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnBpdHhwTkQxUWhub0s1&google_gid=CAESEA09fZzOBTYkU6JNmVOmUKA&google_cver=1&google_push=AaAOQGGdfRErcT_I_lSQwqCskfK-T6q20vmq2cY04gXgT4rJT2gxOJs5ef1kNpmIPMetD-ige47TnkthRTJcIyT9QaU_SpnCEilurBA

Request Chain 171

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEZLQRhflzyaDTI2T6ddVs8&google_cver=1&google_push=AaAOQGHX7YgOU5mgiDdmq_nSoiq23t-UfXAaC7eR9V0brjOu19GvndRmcvyJNBTg_aLaXPujTIb0N8SLaFkaeptDsbmopoyXOCYwyuk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MjY3MDAwNzI2MjY0MDI3MA%3D%3D&google_push=AaAOQGHX7YgOU5mgiDdmq_nSoiq23t-UfXAaC7eR9V0brjOu19GvndRmcvyJNBTg_aLaXPujTIb0N8SLaFkaeptDsbmopoyXOCYwyuk

Request Chain 172

https://d5p.de17a.com/cookies/google?google_gid=CAESED2IR9rzmemJJAtdCMdHM5g&google_cver=1&google_push=AaAOQGGzQtqKitw9cYbbtQd6RAw7RzkT0XpA03v8TCf2YSmcGTJat5sc0s4IPgUHGnALnqDVaCUEmzjc-Jh1x4OinUnHoGmUkdnlwM4 HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESED2IR9rzmemJJAtdCMdHM5g&google_cver=1&google_push=AaAOQGGzQtqKitw9cYbbtQd6RAw7RzkT0XpA03v8TCf2YSmcGTJat5sc0s4IPgUHGnALnqDVaCUEmzjc-Jh1x4OinUnHoGmUkdnlwM4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGGzQtqKitw9cYbbtQd6RAw7RzkT0XpA03v8TCf2YSmcGTJat5sc0s4IPgUHGnALnqDVaCUEmzjc-Jh1x4OinUnHoGmUkdnlwM4

Request Chain 173

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEPYKrBjsvkRKRtbm-3xdUvE&google_cver=1&google_push=AaAOQGEcrkBzrRrv8j_0KRbZ85Oc1aYkDbGg1pIxjvcA39JovqOfNCf5m23kgAZ09B9j9XK6noDiv88ehGyGF35pklZGV2QzEEtgJ7I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-ABsR5CvY5cjtaMG9h1kLffCKOQLUfEmv-ZysvQ&google_push=PUSH_DATA HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Request Chain 174

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEN4njK2I_QcVQs3z_1Xnds&google_cver=1&google_push=AaAOQGGnThi61S22znrS5nRF-rJhg7Z8GpiSkB9fnH3Qc48FALQpfrjLE2UyVANlVWUctOvUrZ_OvV0fPdJTOP6INs99Ueg8D0hkPRo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGGnThi61S22znrS5nRF-rJhg7Z8GpiSkB9fnH3Qc48FALQpfrjLE2UyVANlVWUctOvUrZ_OvV0fPdJTOP6INs99Ueg8D0hkPRo HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 192

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxOL2sseh9JAfgR-c2LznY&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxOL2sseh9JAfgR-c2LznY&google_cver=1&C=1

Request Chain 193

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKao8p-ctnlOQB7yMOCAywAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxOL2sseh9JAfgR-c2LznY&google_cver=1

Request Chain 194

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEF_T_dG9rx6WkwLO3hrDuxA&google_cver=1

Request Chain 195

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIwOTM4MTg1MDI4MDQ2OTMwOA%3D%3D

Request Chain 207

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKr0ziAZ4k9LUehxv4WAH-o&google_cver=1&google_push=AaAOQGENV22FLzXZsZbxxiR2M4Rh4di5eOmUZrRga5TKTXWdINgFE-QUwN4nAZd_FDQQ3EMfpHGf5n9i07pAtrOEjipk8KH93y3R HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODE3NzI3NzE4NDg5NDg2NTA3OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKr0ziAZ4k9LUehxv4WAH-o&google_cver=1

Request Chain 210

https://d5p.de17a.com/cookies/google?google_gid=CAESED2IR9rzmemJJAtdCMdHM5g&google_cver=1&google_push=AaAOQGFanvJ9Mbcg_0UOF-ZvAejnS-X_BVgOi5E-GcLzkkgu6Q39MxiSooWUslBORIBhdPoqex31i4sAUEoIGHPfhV8AIAfvSXrD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFanvJ9Mbcg_0UOF-ZvAejnS-X_BVgOi5E-GcLzkkgu6Q39MxiSooWUslBORIBhdPoqex31i4sAUEoIGHPfhV8AIAfvSXrD

Request Chain 213

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELnekx6CFOJBuB_lEQoKT0s&google_cver=1&google_push=AaAOQGFSzNQtR3onrWDuEkrRNbicnY3Bk8QnBSx7PRLsSWQbnuCUMskAQQY09CNUdDacRZxfpqOtIgqsOXxNwsBlqYN831hwQo8WJw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFSzNQtR3onrWDuEkrRNbicnY3Bk8QnBSx7PRLsSWQbnuCUMskAQQY09CNUdDacRZxfpqOtIgqsOXxNwsBlqYN831hwQo8WJw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 231

https://fw.adsafeprotected.com/rfw/st/1512463/71854823/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013433103&ias_pubId=pub-4894209870857905&ias_chanId=1&ias_placementId=20291930156&bidurl=https://finanzaspy.com/e-caixa-tem-app-melhor/&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0j0rYNyIYB5Oii3tM7oVLrf&adContainerId=brand_safety_8qimZKXSI6Gf9u8P8bSPqA4&cbFunctionName=goog_wrapCb_8qimZKXSI6Gf9u8P8bSPqA4&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Ffinanzaspy.com&adsafe_type=y&adsafe_url=https%3A%2F%2Ffinanzaspy.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:2db3e06e-c8c7-5825-14f0-37ec76d4e0e2,c:hAqWit,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6b6dfd5f7-876tf,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:3,mot:0,app:0,maw:0,fm:tJehphA+11%7C12%7C13%7C14%7C15111%7C15112%7C1512%7C16%7C171%7C172%7C18*.1512463-71854823%7C181%7C182%7C1831%7C184,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:19,oid:5df69309-1bf2-11ee-ac96-caad143fac2f,v:19.8.425,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

307 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
finanzaspy.com/e-caixa-tem-app-melhor/
Redirect Chain

https://receitasninja.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZmaW5hbnphc3B5LmNvbSUyRmUtY2FpeGEtdGVtLWFwcC1tZWxob3IlMkYlM0Z1dG1fc291cmNlJTNEYWN0aXZlJTI2dXRtX21lZGl1bSUzRGVtYW...
https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

142 KB
43 KB

812ms
780ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58d5a45eb780fdd73d68a83e8aabc369d76251bd9e9778f559e0948a073c2842

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e27976e9fc09bc8-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 06 Jul 2023 11:43:42 GMT
last-modified: Wed, 05 Jul 2023 17:24:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7tSdLH7MNZQnWAqZh21SGimqNtfBALtVnCRF9GdoLX2wLQ43QvMgfVzjUj1ed4hAaDJhXvn0pdI8XY5dC3iZSACRaYjlOIY2lJxvAlev8EY7LIDjSValeCYJOeNkpN7T1eWYdsGC6NYQwZImkw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

content-length: 0
content-type: application/json
date: Thu, 06 Jul 2023 11:43:41 GMT
location: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
x-amz-apigw-id: Ho9VKGifIAMFXeA=
x-amzn-requestid: 40248153-11eb-4f97-a782-b0fce48b390a
x-amzn-trace-id: Root=1-64a6a8ed-4cfe5ced125ed47659e004c8;Sampled=0;lineage=12ce62b2:0

GET
H2 200 css
fonts.googleapis.com/ 49 KB
2 KB 50ms
23ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CRoboto%3A400%2C500%2C400italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b98ada9c8f7a6d9ebd16a16bc152408e90ca22c886b341f120507cc959672fcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jul 2023 11:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 11:43:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jul 2023 11:43:42 GMT

GET
H2 200 style.min.css
finanzaspy.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 949ms
942ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 10 Mar 2023 00:22:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"640a784d-17ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7DLP1dK7qFyx2bfKyT0cL1n0CewXaM3zNYkBJHU5%2FgyRYwa6Tzz1bXx2prgL7xDhrFZmiPdsYZUNWn8KyTG8uceePDasfXEG%2BFDILgfeMdG3jFFYGWswCLRKTz3NLZ9iQn445hHfmkcKEmEjtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e2797738e019bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:43 GMT

GET
H2 200 classic-themes.min.css
finanzaspy.com/wp-includes/css/ 291 B
498 B 676ms
669ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 13 Feb 2023 20:50:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63eaa28b-123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhnbEf6RYOig14sjJnjcCU%2BVjGcD46yWS3lDrvA0Yu6Da15%2Byrd6fryFnBnjXXQRIjfthy6ZiaxnVGrODd1RqQCbIDXPmbDBsTJNbFPPiJVEeZbGLYVI0%2BJmkPCcEtbJqMNMUkzSX7f5oXjlBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e2797738e039bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:43 GMT

GET
H2 200 elementor-icons.min.css
finanzaspy.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
4 KB 798ms
791ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.18.0
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e65916f9a5c70cdb24ccd28a538a48afb387063bb1f89a69492b7170aa5e1285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 15:40:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64970e64-4ba3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Heo8uXZ1HHtYTI%2B2wkjZTmH5MruVuLejq4qUJVQjAZtrb1ZHyWDqSR6J0PLM2HAx0K2qRIngJZ8rApwBKNtaHYls5leXavT%2F14K0OvDoiT66rQDIz954926gmBoyzZRon8%2FaUSm64BlULVuJUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e2797738e049bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:43 GMT

GET
H2 200 frontend-lite.min.css
finanzaspy.com/wp-content/plugins/elementor/assets/css/ 79 KB
11 KB 953ms
947ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.12.2
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2544474f9ccba4ce5f26230fea52abf96e3129f3a897daa9fd22a4d356658ad3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 15:40:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64970e64-13d75"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRurYYSB7nIh%2F4ytSb0BHpcHUJYe0nMocMd6K471KcWzHcG9eR%2Fm%2Fz24IYcg%2BNZ4k%2B7qR3Mv%2BHm7OFDknROnilXH5CN1zax7S56praEK8QefiOvwCW3kCA0eFITy%2FH1RNjle2BupeuMyegBw1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e2797738e059bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:43 GMT

GET
H2 200 swiper.min.css
finanzaspy.com/wp-content/plugins/elementor/assets/lib/swiper/css/ 13 KB
3 KB 635ms
629ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 15:40:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64970e64-324c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L33tH8bjoWJeXBRNCUrM4xZjPftHG6wRtANFiBVqLD2DCBIxZn8EIFws5He%2FYticqPNJabpMJ84fOnVyF9k3VA9oOD%2BbOY2%2FpW7fvSXHOMUc4aJ3SlJaYXuuH%2BPTS57Pjs8OgR2DHWLGZ%2FgCCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e2797738e079bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:43 GMT

GET
H2 200 post-617.css
finanzaspy.com/wp-content/uploads/elementor/css/ 1 KB
775 B 24ms
17ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-content/uploads/elementor/css/post-617.css?ver=1687621261
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d51baad8d70a6016a099cce8e4e88421c281d68a234e1d17948cf085bc97438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3869
cf-polished: origSize=1164
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 24 Jun 2023 15:41:01 GMT
server: cloudflare
etag: W/"64970e8d-48c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyDwbOhdzAy5RYNnO5P3e7I083uZiUDj2liScUSn2ULdEHqRK0LUiC9Xc%2Fhg5tyUddk0p7CiPolszN2vY5MDiy3j6QIW0nq4oJQLu%2B3WVAcEvhFr1y3fiT0uScq37v4SBMhoZ%2BO5cQBvjMpUhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e2797738e089bc8-FRA
expires: Sun, 30 Jun 2024 10:39:13 GMT

GET
H2 200 frontend-lite.min.css
finanzaspy.com/wp-content/plugins/elementor-pro/assets/css/ 9 KB
2 KB 642ms
635ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.10.2
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1923762c9fdd239bcdbc215d5e3ec390e7c15ed44cb145a88d9e2a6d1803a584

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 15:40:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64970e62-2249"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BQm%2FA2iX%2Bctpiv3SDH8Sqc7KUjcLqrPuVCv5ULWUgUzPkOaBxqu6Fcgz5lRJBMLQ3ZF0GctRKv7LRdGiwgI%2F8994PapjcUL0dsEK7ebMaK17JJbOE%2BFjCMHmoJUL3uXsKSD1D8U2AYcIo0Ubg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e2797738e0b9bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:43 GMT

GET
H2 200 global.css
finanzaspy.com/wp-content/uploads/elementor/css/ 38 KB
3 KB 24ms
18ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-content/uploads/elementor/css/global.css?ver=1687621261
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca2e20678f4417838ba405511d54e5b1c057bc0a6737ae32758549f2ca1d16b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3869
cf-polished: origSize=39772
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 24 Jun 2023 15:41:01 GMT
server: cloudflare
etag: W/"64970e8d-9b5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tcwC64WcENNwjNSGVFLvHbb2Q6ePhgbCTiP9C61bZMHyvrQYX3PWQe7DKPmBT3m%2FdoDZGcRY0vv9342j8Epg65z7IXlPnY5PyRdS6OBYuqfhSOZM0xdaYtV4dGjdczhnFS62%2BoxEo2k7KpNXUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e2797738e0d9bc8-FRA
expires: Sun, 30 Jun 2024 10:39:13 GMT

GET
H2 200 post-2392.css
finanzaspy.com/wp-content/uploads/elementor/css/ 3 KB
906 B 695ms
689ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-content/uploads/elementor/css/post-2392.css?ver=1687638423
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaf7ad34258281cbd55c6646bdec20b2b97d91c8dd956db5fe3877bfbe441e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 20:27:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64975197-d79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kgTyiBg23YZRIdER%2F3ez14joKk29s4FCVtM3cg7cCpPgtNe3QJUsvh8SNrasNhBukoGwq%2FXzMLi%2BJ3qXUOjDwn9oly%2FOFW5cc%2Fh7L8YONYpNYaUvXZclYEEsk8Pg%2B7QqfM0N4SoE6qSL4WPXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e2797738e0e9bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:43 GMT

GET
H2 200 jquery.min.js Show response
finanzaspy.com/wp-includes/js/jquery/ 88 KB
32 KB 29ms
23ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Mar 2023 18:37:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3868
etag: W/"6408d5ed-15ed7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dg8%2BDF838F3TCX7f0CtGfVdV6TaGFvKnZZRdONipJctCsYl4jrDgN%2FEsnA7jRJu08mEK3uI%2FMRp%2B4ngHYAJ0RsGVPoe4hlPbI3FR8sXi5wRksPmb%2F4izP8802iBCF4ezzU2wvjUtzYTzKMopiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e2797739e189bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 10:39:14 GMT

GET
H2 200 jquery-migrate.min.js Show response
finanzaspy.com/wp-includes/js/jquery/ 13 KB
5 KB 637ms
631ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 Feb 2023 20:59:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63e16a23-3470"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVYvG3y2b1xvzx9pGg3mi1KNBotFX9%2FAKRviW78ZytakOVqNC5sWkwUmepXUW8e%2FrOiZbfG4Tt%2BPUp4T7E8EKtYtgu7vhxhloU0M3TxB6EEBdrLXrU1z%2BAPFOzNCK4RHCx%2Fb7TBvcqtRenV26A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e2797739e1a9bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:43 GMT

GET
H2 200 jquery.bind-first-0.2.3.min.js Show response
finanzaspy.com/wp-content/plugins/pixelyoursite/dist/scripts/ 1 KB
1006 B 651ms
645ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.2.2
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 15:40:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64970e67-525"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQPGz%2FbEjd7H9L0IGK6NsCzkSUP0%2BK6K7555PIjtEmftERk2lgV0fBnW%2FDavg7sdKBjhHpu%2F9%2Ba2c%2B6isUmeNDp%2FhagEeKWzaDhQU2%2FKfJ8RH%2FMffrLN0BA2Aw07J6gH7potAt1JIA3tz3QWqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e2797739e1c9bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:43 GMT

GET
H2 200 js.cookie-2.1.3.min.js Show response
finanzaspy.com/wp-content/plugins/pixelyoursite/dist/scripts/ 2 KB
1 KB 693ms
687ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 15:40:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64970e67-6ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EK%2BHN0pB9HgKmB54id2EYgr4SQMkxaBFm3EkL0jr06mvnwBiUit4Agb4IAyge70KT%2B5NwnPZFBqrvPMvnjwWoL7YEZMiiCUg2zIHNfgttDQLO6yn9%2F9AgFyOVX9e2W5ShlxQ5iZjzeXimWnplw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e2797739e1e9bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:43 GMT

GET
H2 200 public.js Show response
finanzaspy.com/wp-content/plugins/pixelyoursite/dist/scripts/ 101 KB
17 KB 1088ms
1083ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=9.3.6
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c180ab61aaca37d9820754e36a1f22a65c7c1db0763b3d04650393985ca229c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 15:40:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64970e67-19451"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EKuSeXbYGBwofb%2B7ej0pvohdKKRUouGWDynatoNTa7SAYl5iHs8FrNCcxISdz9FwihCmXPu%2Binx8YB3yU2BWmeKl7zVKsL%2FAmChCx0ut87bIPJch2mbSNdMMKWSh6TTuJSVgnP8m9lKUN%2BmdbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e2797739e219bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
69 KB 117ms
21ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10883628328

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4442f88e2b9a921e326f0ec87b26ece4c3c7df31398ad91a349fb6d28b21498b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70567
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jul 2023 11:43:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
69 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11147108511

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d1f01a3a3a5c26a544345f91cb176e8791b645473b83448490aa2158b97c0072

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70253
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jul 2023 11:43:43 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11152135350

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1144ee4f1fdb6eb024f4c7e202260749ac14116c02c3ec392a33b76d99874214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70089
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jul 2023 11:43:43 GMT

GET
H2 200 954e8aae50f93e4a204fb8338e3730b4.css
finanzaspy.com/wp-content/bs-booster-cache/ 687 KB
98 KB 1462ms
1457ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-content/bs-booster-cache/954e8aae50f93e4a204fb8338e3730b4.css
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 846d9bbc4820cb0e03ba84a0ea37f55815059db954763b55d8bc862483adcb04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 15:40:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64970e89-abbca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9VApJIeUuN%2FV7oKsgENtD11J2lzXL2MuOS5aoO0RgtfDJhfen7jVxcpFZM8ZuWwXbwwvn7q%2F38dVc%2BkQbQ8LFNhdtxCL09Q0VUkYOcv326n0IUPE6S0W9eSrbrfqqrLexFtrliLRAJndrUopA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e2797738e0f9bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:43 GMT

GET
H2 200 f1fab0039856282dd4f47314f987e037.css
finanzaspy.com/wp-content/bs-booster-cache/ 50 KB
7 KB 953ms
948ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-content/bs-booster-cache/f1fab0039856282dd4f47314f987e037.css
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9d48b70504d7b2cd6bf17b8b46f968c7041dee8b4d9c00c729fe8077a4cee60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 15:40:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64970e89-c63c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3D68V8t%2BM4HHRkJbUmMbVF9GFErLojjuVvmsW5PVaXx99rQk6Ger%2Bo55zToZkxcC1GfHnr4GRf8hUdEMmTK0M8bizVe%2BxCocyEFqyXzGGXBthTPxDuM5%2B07lf9DRPVySZXwXusoqcO9P%2B81xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
cf-ray: 7e2797739e169bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:43 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
26 KB 135ms
98ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

363f06249088d396fed5a0a40a8a770f01d2d01ad374975e8fa71e1d8bdfd168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26095
x-xss-protection: 0
server: cafe
etag: 275 / 19544 / 31075787 / config-hash: 16897811651769644562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 06 Jul 2023 11:43:44 GMT

GET
H2 200 push-notification.js Show response
script.joinads.me/ 1 KB
797 B 661ms
623ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.joinads.me/push-notification.js
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab80d6b71e4c1dd606a2a2543a7c5c3016a3c483f24adecf50b47b2a7b1959d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 01 Apr 2021 12:59:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6065c3ba-546"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vEWQItT7%2BKk%2BRVntSsq42twwFDyB6EzRHuQK8zodxszGf2NWSEFbXySAOAiBWt4xZd8CsuhgCJ4D8h%2Fe86kLVkQOtD39KagA7w7TFKbupB96Y8J7GMS9kgcDc2V%2Ban67bQU8ixenBJhgNmetnt5enA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e279773b93d2be0-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:43 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
48 KB 102ms
58ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9060780421721333

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

595b53d5c9061d22b8d7932474390a22e0d60513dc510cfa65d640de08e2c0f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://finanzaspy.com/
Origin: https://finanzaspy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49066
x-xss-protection: 0
server: cafe
etag: 5854042600669489998
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 06 Jul 2023 11:43:44 GMT

GET
H2 200 webpack-pro.runtime.min.js Show response
finanzaspy.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
3 KB 26ms
21ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.10.2
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adc89f4602504183c5b29d26d5cfe8bc20a40f4a661c815e9d99d4ddd7318a53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 15:40:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 410065
etag: W/"64970e62-14ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BXXlXSxwiEeUwSSkj840jkYDorlfWAYqhH3UQjRnW9Buz%2FND3sHzVBh0vPD5NtBqXsMnjooMIz07OJZ38FPV%2F7tDq%2BW1aNqRLihFoVOPX3f%2F9nYuuk2KOme%2FFlyypuv4iD%2BrcROkhvMMr%2BwRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e2797739e239bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jun 2024 17:49:17 GMT

GET
H2 200 webpack.runtime.min.js Show response
finanzaspy.com/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 699ms
694ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.12.2
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7e9892e66464b9c939f81878a76b28761697e4a9b9252ce7c43fedcb95c94e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 15:40:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64970e64-135e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=218kh0Owntczud7x9hD8Zz5uOqqEtBNeXvouilj7uLm5AwrMgr9pRWo7%2FoH9cSTkcR2LOEdnSusnnjwiTTU2oElzloH41OtzV5nXqiBOaC57KnV4AxGgc7I6kbXESAxAXz7SPqNgQXTBpI9vEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e2797739e259bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:43 GMT

GET
H2 200 frontend-modules.min.js Show response
finanzaspy.com/wp-content/plugins/elementor/assets/js/ 41 KB
14 KB 31ms
26ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.12.2
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 987b2e5ba1d940ccf76e74235a3339ce993b29a81c7a67599157c3a5640be710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 15:40:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 410065
etag: W/"64970e64-a530"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGimJdfBYeWFJscCoHFUD4YjljW4uSBNYuSqOQtery%2FQCFuZM%2BaOxXAwHh9fOwrz3z27gmF1oC%2BGXsUHzJtdravz0OpWXjlQmTxM%2B88MsBNRX8KQNP0JWAralQfc5A11WprXUYB6HFlsOUTj4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e2797739e289bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jun 2024 17:49:17 GMT

GET
H2 200 wp-polyfill-inert.min.js Show response
finanzaspy.com/wp-includes/js/dist/vendor/ 8 KB
3 KB 29ms
25ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 11:16:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 47864
etag: W/"63c7d511-1feb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4KM1XSF6RTgyxRT%2FncC7nYkGnpvXe6w%2FNFwwwhpus3LVONaBPk8RUGV4nabwORVcYq69whbEBHaW41U0YS0EcoHtkmBK4Q9IKlHchkR%2Ff5GuCyOvXN4MdK6fxffKZwTIclHhkwEE0Cyxyfkag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e2797739e2a9bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 29 Jun 2024 22:25:58 GMT

GET
H2 200 regenerator-runtime.min.js Show response
finanzaspy.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 642ms
638ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Feb 2023 15:56:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63e274b5-19cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCYhDR49Dd4qqugn4kNOix7p0othMKCVoYKqo%2FQRfmApQZN74AbZnzqepkQ1KYIZXixn%2FYFMDEfBVHX%2F1CnII6QHGt%2FlPgIggO%2BibTNtqG%2F9Cou87%2FDGngumIxlIUkc0nRWGaCdJ0jPBS2roBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e2797739e2d9bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:43 GMT

GET
H2 200 wp-polyfill.min.js Show response
finanzaspy.com/wp-includes/js/dist/vendor/ 17 KB
7 KB 853ms
849ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6329dfa1-459f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxWSRW3QL8ynk7TMDIzbOaI6%2BR%2FWbem0WJZaJ3zYErxBUY%2FMUZX3UruM0JrV6w5XqGDKsQxryKQLfslczXw8k7D6mDktuRBPqBFupNwtPpUUWN51nXyOetciqd9dscDXt83fsEcZAYFBHUQAPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e2797739e2f9bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:43 GMT

GET
H2 200 hooks.min.js Show response
finanzaspy.com/wp-includes/js/dist/ 5 KB
2 KB 639ms
636ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6254194e-132e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMDtlV%2Fs7oGcthsm56BRMY0KwRb6sU0IRq4%2BaVx3TEfu86N%2FXzTHN2CYpfAOkrOc%2Fw828gP8MelSDR0ZZ%2F15XXQE96%2Btmf3YEa6axGGEDCKNa24lbAjq5i1vpTRjuOXGjQ2TJwa7qG8LbeMjeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e2797739e319bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:43 GMT

GET
H2 200 i18n.min.js Show response
finanzaspy.com/wp-includes/js/dist/ 10 KB
4 KB 32ms
29ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 476204
etag: W/"632e0f32-27f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmJM2TCwqR52clrZ4KL4akUKuP%2FhojFWmeY3Xu0i0w07IGIbfkQia6dt%2FqEeIVB%2FJcsOKi3u9sQhZH1iY%2BFtSYl5LigCm1kXFMIFQ%2FPSXRTAa%2BcTw5M67uP%2FYjQ%2Bk26zSldyWnN%2Bo1nKCiF5nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e2797739e339bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Jun 2024 23:26:58 GMT

GET
H2 200 frontend.min.js Show response
finanzaspy.com/wp-content/plugins/elementor-pro/assets/js/ 21 KB
6 KB 845ms
842ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.10.2
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e64d7a39b7943a79300d1387808fbeca64ea5f0876f673f62506fc520308a34c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 15:40:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64970e62-543c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9irx%2FPa7%2BuDRF0PRpYCemHiOrD6rc%2FR2tvOeF7672ddc02ooNGmRpG7mSa9BoUJBLO5uYV8EtrQ%2BI%2F8bvnVR53d%2BU2YRDTPVpC4HbKIg8EC8ysJca8HmfEPNdjN0cpHMuPwIx4n%2Fj%2FFudCSH2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e2797739e359bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:43 GMT

GET
H2 200 waypoints.min.js Show response
finanzaspy.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 698ms
695ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 15:40:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64970e64-2fa6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8EZmmJb7xeZiNN9cW%2F1yiYNMvVsYh3btPLn9paVxdqV%2Fb%2Fwlzn90rgSv87UX1TqeKEBdGz4%2Fvr6jOLYhwYU%2F1NnBm1%2Fo8OrRWLYxLq2Doft63lBaU4cO13EK8jwwklRfec8V7tyBbfFYFuM7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e2797739e369bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:43 GMT

GET
H2 200 core.min.js Show response
finanzaspy.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 805ms
802ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 16:36:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63dbe690-53be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CtaC1y%2B%2Fu7mQbUtzlF%2BS8zR9L8bNEzNjpjdRa4VbuWToOo9eWqMQ2eHiT%2Bb3RLA6%2Fb4N1ZfNxt0eyfTemd4iY8MWCZq%2BQ5AX%2F%2BwzDTaDuOZimkEnm%2F9%2BovjF2qPMNl8VgElkWc4t%2BzxzJWCAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e2797739e389bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:43 GMT

GET
H2 200 frontend.min.js Show response
finanzaspy.com/wp-content/plugins/elementor/assets/js/ 40 KB
13 KB 804ms
801ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.12.2
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa18b1ec5d3e9b4c089118323819e51e6674e4756fbcd1de4e86ef58a3dba31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 15:40:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64970e64-9e8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAdybqzumfNK%2F4TXnyUCxMG5sSnq%2BFMXoaLv5Cj9J0Zhhd4ZJVv4kuM5l6hiAMUzCAxLVLLv%2Ft%2F8I7WSeEUZrCLYkYukRi5mI%2FF9ZBQBAeZNgQ7lmicjV1DnhzV47Nm5Rh2ZADztMr%2FcVtfppw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e2797739e3a9bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:43 GMT

GET
H2 200 elements-handlers.min.js Show response
finanzaspy.com/wp-content/plugins/elementor-pro/assets/js/ 27 KB
7 KB 789ms
787ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.10.2
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2637add90e2a39ddd207c014a172fa99e2281bc4010bf92de258a67194e0ed3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 15:40:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64970e62-6b45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bmLEJxLPjrNwuVjem4zcfxcWxjvS6M2ZAKcInP7HCvQx7wzzDI59sm4bOD9wPYavCFHv0t2QZcE4IusL4efBZ%2BSVlIS3vZcakOAKTdlpoJk40wwWCfEf4%2FpCFX5f4JuVMHnRE%2BzFr8FgUfZCPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e2797739e3c9bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:43 GMT

GET
H3 200 60a671c1f0b96311608015c66d07ebbf.js Show response
finanzaspy.com/wp-content/bs-booster-cache/ 249 KB
74 KB 24ms
24ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-content/bs-booster-cache/60a671c1f0b96311608015c66d07ebbf.js?ver=6.2.2
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c23a922318e559e2e157d98b61f3cec9f46d007dd96d6bbe1d2cda38506f8ebe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51664
cf-polished: origSize=256350
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 24 Jun 2023 15:40:57 GMT
server: cloudflare
etag: W/"64970e89-3e95e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P82EAHStT%2FWaq4MU5ih%2BMnP1Rsm7dG27bt1VJ1EL4zK3KLDdl%2F2KmWA9TCRHNSIvNlF32ZKgAC3ePdGpO9foEVGh8daFYG2xMzCuXysJonCsHPFe3PDNsM7bgGuNnErHbbInE4%2BlJ8PEDoyWzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e27977cbfaa9018-FRA
expires: Sat, 29 Jun 2024 21:22:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
83 KB 27ms
25ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K8SJGQ54N2

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4fd05d23aa381aa84d3fdaa3dd74ffebd91fc2befa8bdd903d14871aae0aba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84474
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 06 Jul 2023 11:43:44 GMT

GET
H3 200 lazyload.min.js Show response
finanzaspy.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
3 KB 17ms
15ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 15:40:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 849976
etag: W/"64970e6c-22bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRGPDtF2ijuMbOi62cVgR0KijnAyvpM9TIeS68jjx2eH4H91Wh%2F8MqPjnnV3l4E7jNUNBm%2F55UgMbCuZUDoq648QNhocTCSnZEse1fsizaocq8kc0R%2BskyE%2F3EvW4Eque9YU5drSRp9b4OavmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e27977cefe59018-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 20 Jun 2024 15:37:28 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10883628328/ 3 KB
2 KB 77ms
48ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10883628328/?random=1688643823879&cv=11&fst=1688643823879&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&hn=www.googleadservices.com&frm=0&tiba=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&auid=571045654.1688643824&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10883628328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32cd5d50341d4bed6b84a9a6112ad1bbc33f0f78f07c3e46df8e78c3a3b64906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1382
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
69 KB 32ms
29ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11147108511&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10883628328

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d3ef6781941112897babde32f4404dab54f8a1e216d2e705f74483f6b15449d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70304
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jul 2023 11:43:44 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
69 KB 33ms
30ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11152135350&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10883628328

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

881a778b66dedc572a672bd8f58974ae13ab129d3647777e192983afa273eaa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70192
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jul 2023 11:43:44 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11147108511/ 3 KB
2 KB 75ms
46ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11147108511/?random=1688643823922&cv=11&fst=1688643823922&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&hn=www.googleadservices.com&frm=0&tiba=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&auid=571045654.1688643824&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11147108511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d085ce793c6438ed3f03525e9794865b77eec6c92e77c14c2d8aa0c9d0c97c55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1382
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11152135350/ 3 KB
2 KB 77ms
48ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11152135350/?random=1688643823969&cv=11&fst=1688643823969&bg=ffffff&guid=ON&async=1&gtm=45be36s0h1&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&hn=www.googleadservices.com&frm=0&tiba=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&auid=571045654.1688643824&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11152135350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

058cc154d7702c10427494703ef9d765ce280b626ff56ec35b558d5406faccf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1386
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/ 392 KB
125 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2096
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127514
x-xss-protection: 0
server: cafe
etag: 13498126467117012333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 05 Jul 2024 11:08:48 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/10883628328/ 3 KB
2 KB 93ms
46ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/10883628328/?random=1688643824126&cv=11&fst=1688643824126&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&label=sgBQCMy6kYMYEKj628Uo&hn=www.googleadservices.com&frm=0&tiba=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&gtm_ee=1&auid=571045654.1688643824&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10883628328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

618d939f77784674bcf1f125a3650ae878e562c06a6626db9e2f88b3f62a9084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1623
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 189 KB
69 KB 23ms
21ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11152165732&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10883628328

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

abaad11a1d286a370dfe9b18c5a66056db439291e52a6d67cd3ce8caca4956c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70210
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jul 2023 11:43:44 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 28ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jul 2023 11:43:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: q0NMY0bvfNiakTga9UpXZABYRAyNBqRg3phPRqxIqonXoeLycyqnYNF24zyo8u6jEkrKMNfvUTVQMPJNaGMWtQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 843d014cccdff92607c56b9e6518619a50b7e2d78b255f7fa4ce22a5f2c6ecde

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 43ms
13ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CRoboto%3A400%2C500%2C400italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://finanzaspy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:45 GMT
x-content-type-options: nosniff
age: 417719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 15:41:45 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3094df668475dbed6848e14f37580e1c7eb03348062fc8087e4fc7233610d7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 14ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://finanzaspy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 412769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:04:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 12ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://finanzaspy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 01:50:32 GMT
x-content-type-options: nosniff
age: 467592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 01:50:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
81 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K8SJGQ54N2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10883628328

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88c6a863babcb62506b2b5e9470a77342fa1c3089109b3b7308b3a620edb3c2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83404
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 06 Jul 2023 11:43:44 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11147108511/ 42 B
456 B 46ms
19ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11147108511/?random=1688643823922&cv=11&fst=1688641200000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&frm=0&tiba=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2300074619&rmt_tld=0&ipr=y

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11147108511/ 42 B
456 B 47ms
22ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11147108511/?random=1688643823922&cv=11&fst=1688641200000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&frm=0&tiba=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2300074619&rmt_tld=1&ipr=y

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10883628328/ 42 B
109 B 46ms
20ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10883628328/?random=1688643823879&cv=11&fst=1688641200000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&frm=0&tiba=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3673661789&rmt_tld=0&ipr=y

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10883628328/ 42 B
109 B 48ms
23ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10883628328/?random=1688643823879&cv=11&fst=1688641200000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&frm=0&tiba=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3673661789&rmt_tld=1&ipr=y

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11152135350/ 42 B
109 B 45ms
21ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11152135350/?random=1688643823969&cv=11&fst=1688641200000&bg=ffffff&guid=ON&async=1&gtm=45be36s0h1&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&frm=0&tiba=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2338820959&rmt_tld=0&ipr=y

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11152135350/ 42 B
109 B 47ms
22ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11152135350/?random=1688643823969&cv=11&fst=1688641200000&bg=ffffff&guid=ON&async=1&gtm=45be36s0h1&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&frm=0&tiba=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2338820959&rmt_tld=1&ipr=y

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11152165732/ 3 KB
2 KB 47ms
46ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11152165732/?random=1688643824283&cv=11&fst=1688643824283&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&label=3ZB0COzR5ZoYEOSW4sUp&hn=www.googleadservices.com&frm=0&tiba=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&gtm_ee=1&auid=571045654.1688643824&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11152165732&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

77fb2955f4bea1a1bb885c85e8731bf239fe47d75019454a4750c7d54c99f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1622
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/ 344 KB
118 KB 96ms
82ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9060780421721333&plah=finanzaspy.com&bust=31075780

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9060780421721333

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a767d23f46f777c0d284f2b4da7b7328c26b7780858fc55d1f621289f7df016d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121032
x-xss-protection: 0
server: cafe
etag: 211392847008496126
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 06 Jul 2023 11:43:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230628/r20190131/ Frame 3363 10 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230628/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9060780421721333

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 06:20:56 GMT
etag: 12368291122986407432
expires: Thu, 20 Jul 2023 06:20:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 175 KB
64 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-201994943-7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8SJGQ54N2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d48d34fb78c6bedd5032227f7c807209f45551a8649bd8f729350ca12f6ea2bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65414
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jul 2023 11:43:44 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 47ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-K8SJGQ54N2&gtm=45je36s0&_p=732917418&cid=380639831.1688643824&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1688643824&sct=1&seg=0&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&dt=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8SJGQ54N2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://finanzaspy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/10883628328/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10883628328/?random=572317725&cv=11&fst=1688643824126&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffin...
https://www.google.com/pagead/1p-conversion/10883628328/?random=572317725&cv=11&fst=1688643824126&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa...
https://www.google.de/pagead/1p-conversion/10883628328/?random=572317725&cv=11&fst=1688643824126&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-...

42 B
109 B

26ms
25ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/10883628328/?random=572317725&cv=11&fst=1688643824126&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&label=sgBQCMy6kYMYEKj628Uo&hn=www.googleadservices.com&frm=0&tiba=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&gtm_ee=1&auid=571045654.1688643824&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE15WnBRWVE1ZDdJd1A3eDhjQzdBUklsQU5PWHY5ZmJqbVlKSEphU05scFpMUjBjdmxrcy1zTEx5UV9DRkJOcWtLdjdTbFVLWUEaV0NoQUk4TXlacFFZUWhaWDU3T25XMktjckVpMEFlU3dpcldVREJwb3ZkSkJERGE1T1dHQ2ltYXJTSE1FazZQeG9XNmxMYWM4bW4xei1YWndWMFE2NmY2WSITCOf9rLqA-v8CFRh1GQodLEkAqA&is_vtc=1&ocp_id=8KimZOfFDJjqZaySgcAK&cid=CAQSKQBygQiD0KI0yFQl5icSUUyAIL1ZdSGIYcDMhe4XuBZu3J_pOvCBFCW4&random=1427606730&ipr=y

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/10883628328/?random=572317725&cv=11&fst=1688643824126&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&label=sgBQCMy6kYMYEKj628Uo&hn=www.googleadservices.com&frm=0&tiba=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&gtm_ee=1&auid=571045654.1688643824&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE15WnBRWVE1ZDdJd1A3eDhjQzdBUklsQU5PWHY5ZmJqbVlKSEphU05scFpMUjBjdmxrcy1zTEx5UV9DRkJOcWtLdjdTbFVLWUEaV0NoQUk4TXlacFFZUWhaWDU3T25XMktjckVpMEFlU3dpcldVREJwb3ZkSkJERGE1T1dHQ2ltYXJTSE1FazZQeG9XNmxMYWM4bW4xei1YWndWMFE2NmY2WSITCOf9rLqA-v8CFRh1GQodLEkAqA&is_vtc=1&ocp_id=8KimZOfFDJjqZaySgcAK&cid=CAQSKQBygQiD0KI0yFQl5icSUUyAIL1ZdSGIYcDMhe4XuBZu3J_pOvCBFCW4&random=1427606730&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1331296934088577 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 133ms
132ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1331296934088577?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b3ed4320a1f62c3c7b025cb71a29ab89c67bdcca4b9dfdeeeb95a88f6eafff38

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jul 2023 11:43:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: txduKs7lGEyLMBN4KfioZ6Z1tySkvw101xA5Xwp4wIsSPx3C6smfMg+tXffPLCBChI28zzHU0z5uymDClfHehg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
878 B 27ms
7ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Jul 2023 11:43:44 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1433
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230045-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 40ms
6ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 04:47:06 GMT
content-encoding: gzip
age: 1580198
x-guploader-uploadid: ADPycdvJ9f2JAcW_u33Wuncj8S73-G6Q6wRUusXGmU1oTYHkwdtBIiLp1LRa7LAdcbtsWxYQGd2x5956XBCXTVQq42M4_Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Mon, 17 Jun 2024 04:47:06 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 54ms
19ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: 1WTS3PXJ3PW0DRYQ
age: 2848
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7e27977f0af391d1-FRA
x-amz-id-2: b6msF3rN/zhF2drF/ZyVJ/eaOX6n6q7WjUHiW7fgtpM7i2lpEc/zln9UFz7xrVPSz52wpUIlNcU=

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 65ms
31ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20e74dbf3ee183f6fe1447dd7efef616905f78e10733e618dfd67f54c8a25ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 29 Jun 2023 05:28:55 GMT
server: nginx
etag: W/"649d1697-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 07 Jul 2023 11:43:44 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 52ms
7ms Script
text/javascript 2600:9000:2250:fe00:a:e047:753:be1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fe00:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
Date: Thu, 06 Jul 2023 05:33:17 GMT
Via: 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 22228
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: KRlwX70JWMxbtrSHmB1KMrCiMNSi1yzy8E7uvHZuASqGIyfahOMNTw==

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 38ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=finanzaspy.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 56 KB
13 KB 1350ms
1350ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3537348392657576&correlator=901953498665310&eid=31072020%2C31075760%2C31075787%2C31075817&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=22526454507%2Cfinanzaspy.com%2CFinanzaspy_Content1_20230624&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=250x250%7C300x250%7C336x280&ifi=2&adks=1925420202&sfv=1-0-40&cust_params=id_post_wp%3D2392%26utm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&sc=1&cookie_enabled=1&abxe=1&dt=1688643824471&lmt=1688577888&dlt=1688643822631&idt=1789&adxs=240&adys=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&frm=20&vis=1&psz=1120x0&msz=1120x0&fws=0&ohw=0&ga_vid=380639831.1688643824&ga_sid=1688643824&ga_hid=732917418&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRi91o_YkjFIAFICCGQSGQoKcHViY2lkLm9yZxi61o_YkjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YvdaP2JIxSABSAghkEhQKBW9wZW54GLzWj9iSMUgAUgIIZBIZCgp1aWRhcGkuY29tGL7Wj9iSMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5833a23ba091e6150b5dfdbbc292453c336955e9ddfe2eb8fa8a942683015de4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13513
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://finanzaspy.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DA3F 6 KB
3 KB 53ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:44 GMT
expires: Fri, 05 Jul 2024 11:43:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 66 KB
20 KB 232ms
231ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3537348392657576&correlator=901953498665310&eid=31072020%2C31075760%2C31075787%2C31075817&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=22526454507%2Cfinanzaspy.com%2CFinanzaspy_Interstitial_20230624&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&adks=2795193930&sfv=1-0-40&ists=1&fas=8&cust_params=id_post_wp%3D2392%26utm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&sc=1&cookie_enabled=1&abxe=1&dt=1688643824489&lmt=1688577888&dlt=1688643822631&idt=1789&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=380639831.1688643824&ga_sid=1688643824&ga_hid=732917418&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRi91o_YkjFIAFICCGQSGQoKcHViY2lkLm9yZxi61o_YkjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YvdaP2JIxSABSAghkEhQKBW9wZW54GLzWj9iSMUgAUgIIZBIZCgp1aWRhcGkuY29tGL7Wj9iSMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a59803efc1fcb6f62bd359a5eec2c57eeabcb331ca728fc6e9fb644cc5ef43e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20358
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://finanzaspy.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/ 37 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl_page_level_ads.js?cb=31075787

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d6256c00ec47909aed0ff141dc3ade34b82dc1eaa57922edaa443409d0f768a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 422
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13151
x-xss-protection: 0
server: cafe
etag: 13663737688922070526
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 05 Jul 2024 11:36:42 GMT

GET
H3 200 CAIXA-TEM-2.png
finanzaspy.com/wp-content/uploads/2023/04/ 267 KB
268 KB 937ms
937ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finanzaspy.com/wp-content/uploads/2023/04/CAIXA-TEM-2.png
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30356530efa4f20e42a4863a7401d4e4227662838f2e6bdba2e437df8c9d9392

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:45 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 15:40:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64970e50-42dd5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQs5xBGtyc9o3xakmwzYLVtH1g97YvV8%2Bae4s%2F03tt9FEK25ziGwzi3TzTEkMMTe3B1WbAhFExcs4WxmCeuzrsPpQOmAI2u4EDeLX9281LJE0XyfOFIOEjfsZpK70MskfOzCiRHCHqOckrO8iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7e27977f6aa49018-FRA
alt-svc: h3=":443"; ma=86400
content-length: 273877
expires: Sun, 30 Jun 2024 11:43:45 GMT

GET
H3 200 caixa-tem-aplicativo-logo-A3E8807627-seeklogo.com_.png
finanzaspy.com/wp-content/uploads/2023/02/ 9 KB
10 KB 624ms
623ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finanzaspy.com/wp-content/uploads/2023/02/caixa-tem-aplicativo-logo-A3E8807627-seeklogo.com_.png
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ba7b24088ced5ffe836b6ccb3256a298ae314fa39370d81660f900617f3519a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:45 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Jun 2023 15:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64970e53-2471"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=se6LwtLQM1FbSJ3yzRBtQ4CE4EpIjs1vDxytovlim2CNCMuC3TU0zikZ%2F6TRRZIc7%2Fz8Bh%2Fx4MzNdtsLRLTUokBprGKyQC9f5ppe4PSDcb4if71XsYRwIjodDU44xJzhyT1exGv9SQ28ERo7MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7e27977f6aa59018-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9329
expires: Sun, 30 Jun 2024 11:43:45 GMT

GET
H3 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
finanzaspy.com/wp-content/plugins/elementor/assets/js/ 1 KB
1 KB 14ms
14ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanzaspy.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.12.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19bdcc42d8493c4c89fff6e24832b553a87e170b38d2564c823efb5dd931748a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 24 Jun 2023 15:40:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 51664
etag: W/"64970e64-550"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K3aCC7%2BR8uSFWLEeUJMsHY1t7XmtWYYUjiCQnvMbHrbR9uVZ4mY4O5BDgEtwEF%2B%2FRUNHKnb9O9o52Uew39GQpJynxvYeB1Bo%2Feeqh7QBTI5HlwbyAWigLiSjQpkltH6UsD94q0MgRrORqLAuMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e27977f7ab49018-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 29 Jun 2024 21:22:40 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/11152165732/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11152165732/?random=1221820452&cv=11&fst=1688643824283&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffi...
https://www.google.com/pagead/1p-conversion/11152165732/?random=1221820452&cv=11&fst=1688643824283&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caix...
https://www.google.de/pagead/1p-conversion/11152165732/?random=1221820452&cv=11&fst=1688643824283&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa...

42 B
64 B

21ms
21ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/11152165732/?random=1221820452&cv=11&fst=1688643824283&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&label=3ZB0COzR5ZoYEOSW4sUp&hn=www.googleadservices.com&frm=0&tiba=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&gtm_ee=1&auid=571045654.1688643824&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE15WnBRWVE1ZDdJd1A3eDhjQzdBUklsQU5PWHY5ZmJqbVlKSEphU05scFpMUjBjdmxrcy1zTEx5UV9DRkJOcWtLdjdTbFVLWUEaV0NoQUk4TXlacFFZUWhaWDU3T25XMktjckVpMEFlU3dpcmVPRmFaZy01b2E0YzQ0NTdQVGctYktRNm90dWI3Xy1LRm0tTndNa19abzUxZXYwbXF2Z1ptSSITCObYs7qA-v8CFQ9VGQodj60Ppg&is_vtc=1&ocp_id=8KimZOagE4-qZY_bvrAK&cid=CAQSKQBygQiDPeqUU5O-Oegvki-iuAV_cX1HdYUqt6SYSbOKQesR-kNTA3k3&random=145206773&ipr=y

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/11152165732/?random=1221820452&cv=11&fst=1688643824283&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&label=3ZB0COzR5ZoYEOSW4sUp&hn=www.googleadservices.com&frm=0&tiba=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&gtm_ee=1&auid=571045654.1688643824&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE15WnBRWVE1ZDdJd1A3eDhjQzdBUklsQU5PWHY5ZmJqbVlKSEphU05scFpMUjBjdmxrcy1zTEx5UV9DRkJOcWtLdjdTbFVLWUEaV0NoQUk4TXlacFFZUWhaWDU3T25XMktjckVpMEFlU3dpcmVPRmFaZy01b2E0YzQ0NTdQVGctYktRNm90dWI3Xy1LRm0tTndNa19abzUxZXYwbXF2Z1ptSSITCObYs7qA-v8CFQ9VGQodj60Ppg&is_vtc=1&ocp_id=8KimZOagE4-qZY_bvrAK&cid=CAQSKQBygQiDPeqUU5O-Oegvki-iuAV_cX1HdYUqt6SYSbOKQesR-kNTA3k3&random=145206773&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
608 B 37ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=finanzaspy.com&callback=_gfp_s_&client=ca-pub-9060780421721333

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9060780421721333&plah=finanzaspy.com&bust=31075780

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64336e9f87d1846b9228a8ccf271c753c2d085106f05967d4af560b82868fe59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 21F0 129 KB
42 KB 1061ms
1061ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060780421721333&output=html&adk=1812271804&adf=3025194257&lmt=1688577888&plat=8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688643824303&bpp=5&bdt=1672&idt=282&shv=r20230628&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=202269717543&frm=20&pv=2&ga_vid=380639831.1688643824&ga_sid=1688643824&ga_hid=732917418&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075780%2C31075849%2C44788441&oid=2&pvsid=3537348392657576&tmod=525144901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=303

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dadccb24cb539383924eddfd48475bc99c3353e7874367da0629803d2405938c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 42993
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:45 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 admin-ajax.php Show response
finanzaspy.com/wp-admin/ 0
567 B 980ms
979ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://finanzaspy.com/wp-admin/admin-ajax.php

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Cache-Control: no-cache
Referer: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 06 Jul 2023 11:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlvISZO510cgg3GTR0lzed8TW8FXAs1mvDOZUAbylE3PHlCrW%2BFMdVKHDgu0F4yDGw8sOYTILaIakakOZMtV3EkVW5Nt%2FM7M2vYMoPtK2LV6rZ%2FGiSAJaoBeebyoaYwjraaTCftCm2MQL21JcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://finanzaspy.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 7e27977feb1d9018-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
77 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3YZ7QXRM3P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-201994943-7&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bdd16aa6594e3da7c2d8f9ea1e99c8f25283dbcf0eb45b155f8bc9d960432d5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79192
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 06 Jul 2023 11:43:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-201994943-7&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Jul 2023 10:35:20 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4104
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 06 Jul 2023 12:35:20 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rid=esp&cc=1

85 B
203 B

119ms
117ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rid=esp&cc=1
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 8f98ffcff25b63f951b4b953529363c60ff41c8f050aa79d3b91decc2c6fc4bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-oShmkmktrThon6h8g7+vYwvbtBc"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://finanzaspy.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 06 Jul 2023 11:43:44 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://finanzaspy.com
location: /esp?url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9A1A 15 KB
6 KB 48ms
19ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=finanzaspy.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:44 GMT
server: Kestrel
server-processing-duration-in-ticks: 277261
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
323 B 54ms
28ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://finanzaspy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://finanzaspy.com
date: Thu, 06 Jul 2023 11:43:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 945416829912562 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 132ms
131ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/945416829912562?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8cfe208b19f5d55fee3d55631889bf8257b0e8dd9bf74d6f6e589922e991ab81

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jul 2023 11:43:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: wctgygRDNFmZTE/NaOJ/WA6cUbaWNESt4kp9uXVjwndbLC78dzCC9A6FUdTHxbUv8XpBNwIixz7bss7vCtkhWw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 15ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=732917418&t=pageview&_s=1&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&ul=en-us&de=UTF-8&dt=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1602469504&gjid=1016864480&cid=380639831.1688643824&tid=UA-201994943-7&_gid=328157756.1688643825&_r=1&gtm=457e36s0&jsscut=1&z=370281483

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://finanzaspy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://finanzaspy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9A1A
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=finanzaspy.com&sn=ChromeSyncframe&so=0&topUrl=finanzaspy.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=RPVXr3x5UGM5UDNKSVZhVlhUKzJuelNmdDJrZnB3UElyZ3lKOEpUeFlyd1NkTXdSWkJGRFVVQkRxWDZSeCtUaTgzTFpkTHE5dCtaRjlzN0ZtakcvbUFtTGIwN3hBNkxPYnRlZTBkcDBtNENEd0M0UW5wTThFMTBZUk00OW...

430 B
654 B

72ms
17ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=RPVXr3x5UGM5UDNKSVZhVlhUKzJuelNmdDJrZnB3UElyZ3lKOEpUeFlyd1NkTXdSWkJGRFVVQkRxWDZSeCtUaTgzTFpkTHE5dCtaRjlzN0ZtakcvbUFtTGIwN3hBNkxPYnRlZTBkcDBtNENEd0M0UW5wTThFMTBZUk00OWtYZEF3U2lpUi81OUZrUUhITThaM1haTG5nYlVQV2VqQkxEMHM3eUZ1MUtJeWx4Q1R4bERtenJ5ZDlhQjZPTHNON3NtTXA0QlZUUGdLbkQwVjVFb2Y0Zlk4UDNIR2dUQWI4NnI1Q0gzenlmRzZJaHJEV2hDM3Q2SDNETHpQTmV1VHd4UklwV3ZVRXJtSW0vVHhjamZ6a2ZpZ0ZmOHJOVmFuRjNNWnF5Y1pWcHV2Qm44VlBHND18&cppv=2

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1bc483bd3424c7eac0ffbfa3dd95cd7b60fc125b50ae24e17ede52dea471c97f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1231007
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=RPVXr3x5UGM5UDNKSVZhVlhUKzJuelNmdDJrZnB3UElyZ3lKOEpUeFlyd1NkTXdSWkJGRFVVQkRxWDZSeCtUaTgzTFpkTHE5dCtaRjlzN0ZtakcvbUFtTGIwN3hBNkxPYnRlZTBkcDBtNENEd0M0UW5wTThFMTBZUk00OWtYZEF3U2lpUi81OUZrUUhITThaM1haTG5nYlVQV2VqQkxEMHM3eUZ1MUtJeWx4Q1R4bERtenJ5ZDlhQjZPTHNON3NtTXA0QlZUUGdLbkQwVjVFb2Y0Zlk4UDNIR2dUQWI4NnI1Q0gzenlmRzZJaHJEV2hDM3Q2SDNETHpQTmV1VHd4UklwV3ZVRXJtSW0vVHhjamZ6a2ZpZ0ZmOHJOVmFuRjNNWnF5Y1pWcHV2Qm44VlBHND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 238045
content-length: 0
expires: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
55 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3YZ7QXRM3P&gtm=45je36s0h1&_p=732917418&cid=380639831.1688643824&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&ngs=1&_s=1&sid=1688643824&sct=1&seg=0&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&dt=e-caixa-tem-app-melhor%20-%20Finanzas%20Py&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3YZ7QXRM3P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://finanzaspy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1E40 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:44 GMT
expires: Fri, 05 Jul 2024 11:43:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 1E40 4 KB
770 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 10:46:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jul 2023 11:43:44 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame BEC7 2 KB
3 KB 73ms
35ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hbzavxszxxvbxttfs4320evkt2z9nytjg2j3p5g7jq84twk3knyc7538cmwebwqwqcn8061sg4cg5md7zna0tgmb8kg4zjtrcz0wyyg284rae3hmacp22eap6s6cx044atxbm3f4r1b1605y9r7zdn2bk0yczdsm4g2c0bm1phgxxwtzxpec5fcm2wr2j0w7481tkcd25890jv9erreny681drwm3jt8czhv67sv192ajzxct5gw42qs8svpah7kj14e2a5p5g2q9svgfqvfns5bfcm48j6arkm3dyj1qs5bf217s3xyhaq321sxjmn0je9v6k8dxfv1mjw35479321fpp09e576tptgv7xetwtrgjyctqwtpfwtxqq0gn04rp858tmrar7vf3526dxnx3gm9ztj29qwmmjctw5e87r613b254c9cnr31r0xsqxzwcmvxr2em9g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwvki8KimZLeFIJK81gbgr5PIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4OTQyMDk4NzA4NTc5MDXIAQmpAkz3zoOgN7I-4AIAqAMBqgSjAk_Qe4qJbqtBCWrey87IZ9gaIXobGW8l74vb_YvK-xbgTuGi_hraHPaY8FDeeNDh5Foqr78lJTj_txom9GlH-VlXj5TAB6ou30d5y84ufu1jm3OQH8p-Xyi6jm0fHnIsjWMXThFf9ubw7fF2deOp8ugJ2Iggfo40BDe_MN99s55fEqeoyk9LCgtbv6lfJJKSEEUppP0d3gi_lbMyy2VmkjOJ5Gy9HsTb45JZ2gs--2V4WkNxhbodO6AUgG2DUXiy-OniNI95fsbmFx7JnmufOAdk2sYwWPAOz9m81imeXkTepOtDDUR4vQGzNlALkl46aJ-ECrF-lKrs-hQo8H3TK0hI1POF9c50pTY211RhrH6QK6nwpspFCN1y1TK2crXdGGad7uAEAYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Vb69ptDZRPJHDuNpI-Z8yyqgJ3g%26client%3Dca-pub-4894209870857905%26adurl%3D

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5d7f3a6fb8c6dfd3190f9f20d57a30e3768b19ef57930fc5c9d1b1e45f0a543

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e2797815bbe91e3-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:44 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame F0B9 3 KB
1 KB 49ms
10ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/window_focus_fy2021.js

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:32:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 693
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 11:32:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 80F2 1 KB
643 B 8ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67868
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 16:52:36 GMT
etag: 48472445140208031
expires: Thu, 06 Jul 2023 16:52:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame F0B9 20 KB
9 KB 43ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:14:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:14:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F0B9 0
0 17ms
14ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT4mJ6HImHBJBQinGyxzIYe67h2CIwr2is0ivPYv154B8-SjW-IHUxMMOJVn7KJoqP3vl0xLqo-9q8Ubk5fuEgug329kA
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F0B9 24 KB
7 KB 44ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 19:05:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 405495
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 30 Jun 2024 19:05:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F0B9 179 KB
57 KB 49ms
24ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 11:43:44 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/elements/html/ Frame 1E40 20 KB
9 KB 46ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43007
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8599
x-xss-protection: 0
server: cafe
etag: 12796843930313450165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:46:57 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 80F2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEG7pw-ageT4HOlnGPocy8LQ&google_cver=1&google_push=AaAOQGGpwOIKc9z5w2XP4tefzd1DXVE60vk7NtVzONgaVfEcpvRrxpbpTC-0rXtHgkNrKGEE8T_mhMWxJBwndEgL...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGpwOIKc9z5w2XP4tefzd1DXVE60vk7NtVzONgaVfEcpvRrxpbpTC-0rXtHgkNrKGEE8T_mhMWxJBwndEgLR-vB_hShUs6a

170 B
233 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGpwOIKc9z5w2XP4tefzd1DXVE60vk7NtVzONgaVfEcpvRrxpbpTC-0rXtHgkNrKGEE8T_mhMWxJBwndEgLR-vB_hShUs6a

Requested by

Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 06 Jul 2023 11:43:44 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x30 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGpwOIKc9z5w2XP4tefzd1DXVE60vk7NtVzONgaVfEcpvRrxpbpTC-0rXtHgkNrKGEE8T_mhMWxJBwndEgLR-vB_hShUs6a
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 06 Jul 2023 11:43:43 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 80F2
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKtixcDY_kJIpNEb88bBVqc&google_cver=1&google_push=AaAOQGE3ky9P44FG4hJT_9AuU2gtk4YN24f8h1yn9p9v1c3vdmu985_9tZ4hAjfz_igS_b6grRKhJVIJ97hHIOAUA2a2vUIhE8OD&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKtixcDY_kJIpNEb88bBVqc&google_cver=1&google_push=AaAOQGE3ky9P44FG4hJT_9AuU2gtk4YN24f8h1yn9p9v1c3vdmu985_9tZ4hAjfz_igS_b6grRKhJVIJ97hHIOAUA2a2vUIhE8O...

43 B
428 B

199ms
189ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKtixcDY_kJIpNEb88bBVqc&google_cver=1&google_push=AaAOQGE3ky9P44FG4hJT_9AuU2gtk4YN24f8h1yn9p9v1c3vdmu985_9tZ4hAjfz_igS_b6grRKhJVIJ97hHIOAUA2a2vUIhE8OD&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE3ky9P44FG4hJT_9AuU2gtk4YN24f8h1yn9p9v1c3vdmu985_9tZ4hAjfz_igS_b6grRKhJVIJ97hHIOAUA2a2vUIhE8OD%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:45 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e279782ab149052-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:45 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 766
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKtixcDY_kJIpNEb88bBVqc&google_cver=1&google_push=AaAOQGE3ky9P44FG4hJT_9AuU2gtk4YN24f8h1yn9p9v1c3vdmu985_9tZ4hAjfz_igS_b6grRKhJVIJ97hHIOAUA2a2vUIhE8OD&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE3ky9P44FG4hJT_9AuU2gtk4YN24f8h1yn9p9v1c3vdmu985_9tZ4hAjfz_igS_b6grRKhJVIJ97hHIOAUA2a2vUIhE8OD%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e27978189b89052-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 80F2 70 B
266 B 95ms
29ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEO368eePSJrWyXePguq-kOQ&google_cver=1&google_push=AaAOQGHdUL_KPKYtkmI9T6YR1E9wtH6RSJAxy3ouKynIRoktcLCTfAQeJBoix8Jv1CzjPWCsI3oZ12-WRMOg8Jp6WIac7x-fTtj3
Requested by: Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 80F2
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIjFdOPZ6KTevU5T2X-E9p8&google_cver=1&google_push=AaAOQGFAvssTetpwdKBgnFq2kafYPimYlA6ZdhHc5ex2mloz6zWCc2DoJnje_Nqe9nY-qIyroBNJYvTk___nqHJ3dRhq0Nd...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFAvssTetpwdKBgnFq2kafYPimYlA6ZdhHc5ex2mloz6zWCc2DoJnje_Nqe9nY-qIyroBNJYvTk___nqHJ3dRhq0Nd436o&google_hm=eS1tdzBnSVJORTJwSGlUczh...

170 B
233 B

17ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFAvssTetpwdKBgnFq2kafYPimYlA6ZdhHc5ex2mloz6zWCc2DoJnje_Nqe9nY-qIyroBNJYvTk___nqHJ3dRhq0Nd436o&google_hm=eS1tdzBnSVJORTJwSGlUczhMcUwyUzlyQk15akVPX1VKdn5B

Requested by

Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 06 Jul 2023 11:43:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFAvssTetpwdKBgnFq2kafYPimYlA6ZdhHc5ex2mloz6zWCc2DoJnje_Nqe9nY-qIyroBNJYvTk___nqHJ3dRhq0Nd436o&google_hm=eS1tdzBnSVJORTJwSGlUczhMcUwyUzlyQk15akVPX1VKdn5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 80F2
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIrqa8_7r11hsI4SPi1hX2s&google_cver=1&google_push=AaAOQGGlCob0bTT3EG5WFjQBeI8TrRsSeD8BJPquJux8sJP_LyRHdsm5ry2QGTgsD4UlYwdEL_FIHUXTCEthLDPZ...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGlCob0bTT3EG5WFjQBeI8TrRsSeD8BJPquJux8sJP_LyRHdsm5ry2QGTgsD4UlYwdEL_FIHUXTCEthLDPZOGQr1QW0nVjN

170 B
330 B

17ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGlCob0bTT3EG5WFjQBeI8TrRsSeD8BJPquJux8sJP_LyRHdsm5ry2QGTgsD4UlYwdEL_FIHUXTCEthLDPZOGQr1QW0nVjN

Requested by

Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 06 Jul 2023 11:43:44 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGlCob0bTT3EG5WFjQBeI8TrRsSeD8BJPquJux8sJP_LyRHdsm5ry2QGTgsD4UlYwdEL_FIHUXTCEthLDPZOGQr1QW0nVjN
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: U5eR8qdk5tBh3wyCgG25DPBC0-7FXHSHTOJVtmpKvFm6jnIMnhuzlA==

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 80F2 0
45 B 179ms
25ms Image
text/plain 185.86.139.101
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPgW7MMQLCV6qc9-SDBhBhQ&google_cver=1&google_push=AaAOQGEOpzcPOlAEwXP60aLLKXrTxrG3_LR1OhfCp4NI7XC_XD_8o7Vmli8SND6yoS1qkyYi4-GVUsuaZJSK5eKb4OyiXh9SdD7J
Requested by: Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 80F2
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEKo7H85ZIYKL-3jgeQH9ZA8&google_cver=1&google_push=AaAOQGFrRB1-RgWrK...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEKo7H85ZIYKL-3jgeQH9ZA8%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTIwOTM4MTg1MDI4MDQ2OTMwOA%3D%3D&google_gid=CAESEKo7H85ZIYKL-3jgeQH9ZA8&google_cver=1&google_push=AaAOQGFrRB1-RgWrKQD8EScP-wES7MPt7t...

170 B
233 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTIwOTM4MTg1MDI4MDQ2OTMwOA%3D%3D&google_gid=CAESEKo7H85ZIYKL-3jgeQH9ZA8&google_cver=1&google_push=AaAOQGFrRB1-RgWrKQD8EScP-wES7MPt7t_KsTzjoDGfWdz12rg8CIa1vSwZwTPv4XIuYLMH3qCQQLLNOWgiyHEZ362a4rGDhReKhg

Requested by

Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 06 Jul 2023 11:43:44 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 21af9997-12d6-4356-9b82-2a6fd3785845
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTIwOTM4MTg1MDI4MDQ2OTMwOA%3D%3D&google_gid=CAESEKo7H85ZIYKL-3jgeQH9ZA8&google_cver=1&google_push=AaAOQGFrRB1-RgWrKQD8EScP-wES7MPt7t_KsTzjoDGfWdz12rg8CIa1vSwZwTPv4XIuYLMH3qCQQLLNOWgiyHEZ362a4rGDhReKhg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 80F2 0
131 B 58ms
16ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LnV7BZcH2_yqtLi1WI3kVZvo8FR9QH2puReKM4rUiGNl0ggboxERjsWluyOgz86t8dwHBg3g

Requested by

Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 981122423314429 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 135ms
135ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/981122423314429?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

063c913b0fa5cc93ef434215316d4473aa2e026295f03e9cac687186252ef751

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jul 2023 11:43:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: UvLlql0IGd/X0kSpl6iKjK2UVw4Zcbm0A05eyWCUaLKn/KnwXkiW2JIF9k7KxDI7WPuTJ1KUVhU1UxA6aYpZuQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame BEC7 114 KB
14 KB 20ms
19ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hbzavxszxxvbxttfs4320evkt2z9nytjg2j3p5g7jq84twk3knyc7538cmwebwqwqcn8061sg4cg5md7zna0tgmb8kg4zjtrcz0wyyg284rae3hmacp22eap6s6cx044atxbm3f4r1b1605y9r7zdn2bk0yczdsm4g2c0bm1phgxxwtzxpec5fcm2wr2j0w7481tkcd25890jv9erreny681drwm3jt8czhv67sv192ajzxct5gw42qs8svpah7kj14e2a5p5g2q9svgfqvfns5bfcm48j6arkm3dyj1qs5bf217s3xyhaq321sxjmn0je9v6k8dxfv1mjw35479321fpp09e576tptgv7xetwtrgjyctqwtpfwtxqq0gn04rp858tmrar7vf3526dxnx3gm9ztj29qwmmjctw5e87r613b254c9cnr31r0xsqxzwcmvxr2em9g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwvki8KimZLeFIJK81gbgr5PIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4OTQyMDk4NzA4NTc5MDXIAQmpAkz3zoOgN7I-4AIAqAMBqgSjAk_Qe4qJbqtBCWrey87IZ9gaIXobGW8l74vb_YvK-xbgTuGi_hraHPaY8FDeeNDh5Foqr78lJTj_txom9GlH-VlXj5TAB6ou30d5y84ufu1jm3OQH8p-Xyi6jm0fHnIsjWMXThFf9ubw7fF2deOp8ugJ2Iggfo40BDe_MN99s55fEqeoyk9LCgtbv6lfJJKSEEUppP0d3gi_lbMyy2VmkjOJ5Gy9HsTb45JZ2gs--2V4WkNxhbodO6AUgG2DUXiy-OniNI95fsbmFx7JnmufOAdk2sYwWPAOz9m81imeXkTepOtDDUR4vQGzNlALkl46aJ-ECrF-lKrs-hQo8H3TK0hI1POF9c50pTY211RhrH6QK6nwpspFCN1y1TK2crXdGGad7uAEAYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Vb69ptDZRPJHDuNpI-Z8yyqgJ3g%26client%3Dca-pub-4894209870857905%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hbzavxszxxvbxttfs4320evkt2z9nytjg2j3p5g7jq84twk3knyc7538cmwebwqwqcn8061sg4cg5md7zna0tgmb8kg4zjtrcz0wyyg284rae3hmacp22eap6s6cx044atxbm3f4r1b1605y9r7zdn2bk0yczdsm4g2c0bm1phgxxwtzxpec5fcm2wr2j0w7481tkcd25890jv9erreny681drwm3jt8czhv67sv192ajzxct5gw42qs8svpah7kj14e2a5p5g2q9svgfqvfns5bfcm48j6arkm3dyj1qs5bf217s3xyhaq321sxjmn0je9v6k8dxfv1mjw35479321fpp09e576tptgv7xetwtrgjyctqwtpfwtxqq0gn04rp858tmrar7vf3526dxnx3gm9ztj29qwmmjctw5e87r613b254c9cnr31r0xsqxzwcmvxr2em9g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwvki8KimZLeFIJK81gbgr5PIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4OTQyMDk4NzA4NTc5MDXIAQmpAkz3zoOgN7I-4AIAqAMBqgSjAk_Qe4qJbqtBCWrey87IZ9gaIXobGW8l74vb_YvK-xbgTuGi_hraHPaY8FDeeNDh5Foqr78lJTj_txom9GlH-VlXj5TAB6ou30d5y84ufu1jm3OQH8p-Xyi6jm0fHnIsjWMXThFf9ubw7fF2deOp8ugJ2Iggfo40BDe_MN99s55fEqeoyk9LCgtbv6lfJJKSEEUppP0d3gi_lbMyy2VmkjOJ5Gy9HsTb45JZ2gs--2V4WkNxhbodO6AUgG2DUXiy-OniNI95fsbmFx7JnmufOAdk2sYwWPAOz9m81imeXkTepOtDDUR4vQGzNlALkl46aJ-ECrF-lKrs-hQo8H3TK0hI1POF9c50pTY211RhrH6QK6nwpspFCN1y1TK2crXdGGad7uAEAYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Vb69ptDZRPJHDuNpI-Z8yyqgJ3g%26client%3Dca-pub-4894209870857905%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 693038
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNfnPS1rOEVkMlnzXXmCEUkJgh%2BD58Yf%2Fdx%2Ff3Fe202kv6a%2FRpAAkcpB0lhgjaKHSvyMfKGuYpzaavGrrDOFdSaON%2BfCss%2BN6MdDHwPkHics%2F13oM00cozE%2F9ozDKkfBZ2SJsVg6at4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7e279781fca791e3-FRA
expires: Thu, 06 Jul 2023 12:43:44 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame BEC7 25 KB
10 KB 28ms
18ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hbzavxszxxvbxttfs4320evkt2z9nytjg2j3p5g7jq84twk3knyc7538cmwebwqwqcn8061sg4cg5md7zna0tgmb8kg4zjtrcz0wyyg284rae3hmacp22eap6s6cx044atxbm3f4r1b1605y9r7zdn2bk0yczdsm4g2c0bm1phgxxwtzxpec5fcm2wr2j0w7481tkcd25890jv9erreny681drwm3jt8czhv67sv192ajzxct5gw42qs8svpah7kj14e2a5p5g2q9svgfqvfns5bfcm48j6arkm3dyj1qs5bf217s3xyhaq321sxjmn0je9v6k8dxfv1mjw35479321fpp09e576tptgv7xetwtrgjyctqwtpfwtxqq0gn04rp858tmrar7vf3526dxnx3gm9ztj29qwmmjctw5e87r613b254c9cnr31r0xsqxzwcmvxr2em9g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwvki8KimZLeFIJK81gbgr5PIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4OTQyMDk4NzA4NTc5MDXIAQmpAkz3zoOgN7I-4AIAqAMBqgSjAk_Qe4qJbqtBCWrey87IZ9gaIXobGW8l74vb_YvK-xbgTuGi_hraHPaY8FDeeNDh5Foqr78lJTj_txom9GlH-VlXj5TAB6ou30d5y84ufu1jm3OQH8p-Xyi6jm0fHnIsjWMXThFf9ubw7fF2deOp8ugJ2Iggfo40BDe_MN99s55fEqeoyk9LCgtbv6lfJJKSEEUppP0d3gi_lbMyy2VmkjOJ5Gy9HsTb45JZ2gs--2V4WkNxhbodO6AUgG2DUXiy-OniNI95fsbmFx7JnmufOAdk2sYwWPAOz9m81imeXkTepOtDDUR4vQGzNlALkl46aJ-ECrF-lKrs-hQo8H3TK0hI1POF9c50pTY211RhrH6QK6nwpspFCN1y1TK2crXdGGad7uAEAYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Vb69ptDZRPJHDuNpI-Z8yyqgJ3g%26client%3Dca-pub-4894209870857905%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 578259
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrqtoBx0xwBtCPjKWGhV1xKH%2FbhmW3yTFH6TgiughOb4magQOtAB43%2Bo31pMIttn0J4%2BfjU%2FBbeV%2B6lm2UVo5v%2Fsyzhfi1qF3KiamDAikY6bw678bsHQ1sFDoxv5MUkmHEs0Qh4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7e2797820cbb91e3-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 27 Jun 2023 13:46:21 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame A406 0
177 B 177ms
146ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 06 Jul 2023 11:43:45 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 frame.html Show response
ad4m.at/ Frame 2125 2 KB
1 KB 20ms
20ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 665162
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7e2797823ccc1cb5-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 06 Jul 2023 11:43:45 GMT
expires: Thu, 08 Jun 2023 00:41:56 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=in7G3PCEBRkkQmddpPVA3oGNWYd8RngiOtyZvhxAoUMauzNT8hWkhU%2FouCySIg4kpB3ASBplvKbAE34a0CjP9xYEYMgn7Mjfjx0iUu1XuQ3P%2BxPa49JbIysF3dmcSC%2F4joDVs%2FI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 636091274641533 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 136ms
136ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/636091274641533?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ba17f68d06d3e8eff6b73022cc07ba20e5d9029203f38f7835bcbbf2588f50ba

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jul 2023 11:43:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: R/HhJG2afz4PdHkPU8UMm/nbfjLHsaXV0jnYx9DneB5i4Um7PvYnUIH+EgCpbgW+DlNYLUpB8h1GK4kXBYT8tA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 43ms
32ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e2797827caa2c3d-FRA
content-length: 24
content-type: text/plain
date: Thu, 06 Jul 2023 11:43:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKDNT08voonVHBmivQJvc%2BeJUh8kEMOarQepvkMe98k29To0B%2Bh2flvgxWf2InaMt4ybTTwmY09e%2FCUxI44c0fbVJyt%2BBMzNA9b6x1mF5UOdb5DjORNfDSoE4Z5WakDPw8gCGTw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-tp53

POST
H3 200 rs Show response
ad4m.at/ Frame BEC7 2 KB
2 KB 37ms
37ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acaca852a0596d74e66800358e4de1329b18fbd68eebc10850598760214a35a5

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 06 Jul 2023 11:43:45 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BlQTQ7LI52WbYgDpzJX7AvQcbzRrkotXh2%2FqYndqj5popgFrNpfvIa8jwPQO1BWOOPfy1dla0Gc27fdjRXy3HmuWJswuvbaONETU4T7YmIEyK0MY6Zg%2F5o1VuLkILghWUZK5frA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7e279782bd012c3d-FRA
x-backend-server: aa-reachservice-group-europe-west1-tp53
alt-svc: h3=":443"; ma=86400

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 9C41 11 KB
4 KB 35ms
35ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=22cefa9c92ae77da7e3e87435cd7c28e%2F3726556781543493662&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688643825094&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnkq3vgyj1g4q27qhbfaf6hfj34c6q2f2jqw3czapajdhsev4fsztbeagyrdrfk988tqmb3v2cxt9bvwgqh7gr4r3wtqw6yg7yy8x7qtpk2b37zrs99nkjjhtm1fay283t4bbca4zfws5x48ne85qfc5wse5ps39sr2xxygch64qsjrxys8j7e0gdzptgkfv298gc34b1t6n879wnw1y6p35cwczk268qga4y0qg2xrpznnp545k2w9zx968jsnpt33d0qt58xc1yk262m5ntvmf4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwvki8KimZLeFIJK81gbgr5PIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4OTQyMDk4NzA4NTc5MDXIAQmpAkz3zoOgN7I-4AIAqAMBqgSjAk_Qe4qJbqtBCWrey87IZ9gaIXobGW8l74vb_YvK-xbgTuGi_hraHPaY8FDeeNDh5Foqr78lJTj_txom9GlH-VlXj5TAB6ou30d5y84ufu1jm3OQH8p-Xyi6jm0fHnIsjWMXThFf9ubw7fF2deOp8ugJ2Iggfo40BDe_MN99s55fEqeoyk9LCgtbv6lfJJKSEEUppP0d3gi_lbMyy2VmkjOJ5Gy9HsTb45JZ2gs--2V4WkNxhbodO6AUgG2DUXiy-OniNI95fsbmFx7JnmufOAdk2sYwWPAOz9m81imeXkTepOtDDUR4vQGzNlALkl46aJ-ECrF-lKrs-hQo8H3TK0hI1POF9c50pTY211RhrH6QK6nwpspFCN1y1TK2crXdGGad7uAEAYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Vb69ptDZRPJHDuNpI-Z8yyqgJ3g%2526client%253Dca-pub-4894209870857905%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08a6b14f3a16d37496558d2ac246e0be9d0239301fb0c5bb67b84e443f6d2f34

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hbzavxszxxvbxttfs4320evkt2z9nytjg2j3p5g7jq84twk3knyc7538cmwebwqwqcn8061sg4cg5md7zna0tgmb8kg4zjtrcz0wyyg284rae3hmacp22eap6s6cx044atxbm3f4r1b1605y9r7zdn2bk0yczdsm4g2c0bm1phgxxwtzxpec5fcm2wr2j0w7481tkcd25890jv9erreny681drwm3jt8czhv67sv192ajzxct5gw42qs8svpah7kj14e2a5p5g2q9svgfqvfns5bfcm48j6arkm3dyj1qs5bf217s3xyhaq321sxjmn0je9v6k8dxfv1mjw35479321fpp09e576tptgv7xetwtrgjyctqwtpfwtxqq0gn04rp858tmrar7vf3526dxnx3gm9ztj29qwmmjctw5e87r613b254c9cnr31r0xsqxzwcmvxr2em9g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwvki8KimZLeFIJK81gbgr5PIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4OTQyMDk4NzA4NTc5MDXIAQmpAkz3zoOgN7I-4AIAqAMBqgSjAk_Qe4qJbqtBCWrey87IZ9gaIXobGW8l74vb_YvK-xbgTuGi_hraHPaY8FDeeNDh5Foqr78lJTj_txom9GlH-VlXj5TAB6ou30d5y84ufu1jm3OQH8p-Xyi6jm0fHnIsjWMXThFf9ubw7fF2deOp8ugJ2Iggfo40BDe_MN99s55fEqeoyk9LCgtbv6lfJJKSEEUppP0d3gi_lbMyy2VmkjOJ5Gy9HsTb45JZ2gs--2V4WkNxhbodO6AUgG2DUXiy-OniNI95fsbmFx7JnmufOAdk2sYwWPAOz9m81imeXkTepOtDDUR4vQGzNlALkl46aJ-ECrF-lKrs-hQo8H3TK0hI1POF9c50pTY211RhrH6QK6nwpspFCN1y1TK2crXdGGad7uAEAYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Vb69ptDZRPJHDuNpI-Z8yyqgJ3g%26client%3Dca-pub-4894209870857905%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e279782fe171cb5-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:45 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 9C41 114 KB
14 KB 21ms
21ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=22cefa9c92ae77da7e3e87435cd7c28e%2F3726556781543493662&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688643825094&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnkq3vgyj1g4q27qhbfaf6hfj34c6q2f2jqw3czapajdhsev4fsztbeagyrdrfk988tqmb3v2cxt9bvwgqh7gr4r3wtqw6yg7yy8x7qtpk2b37zrs99nkjjhtm1fay283t4bbca4zfws5x48ne85qfc5wse5ps39sr2xxygch64qsjrxys8j7e0gdzptgkfv298gc34b1t6n879wnw1y6p35cwczk268qga4y0qg2xrpznnp545k2w9zx968jsnpt33d0qt58xc1yk262m5ntvmf4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwvki8KimZLeFIJK81gbgr5PIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4OTQyMDk4NzA4NTc5MDXIAQmpAkz3zoOgN7I-4AIAqAMBqgSjAk_Qe4qJbqtBCWrey87IZ9gaIXobGW8l74vb_YvK-xbgTuGi_hraHPaY8FDeeNDh5Foqr78lJTj_txom9GlH-VlXj5TAB6ou30d5y84ufu1jm3OQH8p-Xyi6jm0fHnIsjWMXThFf9ubw7fF2deOp8ugJ2Iggfo40BDe_MN99s55fEqeoyk9LCgtbv6lfJJKSEEUppP0d3gi_lbMyy2VmkjOJ5Gy9HsTb45JZ2gs--2V4WkNxhbodO6AUgG2DUXiy-OniNI95fsbmFx7JnmufOAdk2sYwWPAOz9m81imeXkTepOtDDUR4vQGzNlALkl46aJ-ECrF-lKrs-hQo8H3TK0hI1POF9c50pTY211RhrH6QK6nwpspFCN1y1TK2crXdGGad7uAEAYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Vb69ptDZRPJHDuNpI-Z8yyqgJ3g%2526client%253Dca-pub-4894209870857905%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=22cefa9c92ae77da7e3e87435cd7c28e%2F3726556781543493662&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688643825094&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnkq3vgyj1g4q27qhbfaf6hfj34c6q2f2jqw3czapajdhsev4fsztbeagyrdrfk988tqmb3v2cxt9bvwgqh7gr4r3wtqw6yg7yy8x7qtpk2b37zrs99nkjjhtm1fay283t4bbca4zfws5x48ne85qfc5wse5ps39sr2xxygch64qsjrxys8j7e0gdzptgkfv298gc34b1t6n879wnw1y6p35cwczk268qga4y0qg2xrpznnp545k2w9zx968jsnpt33d0qt58xc1yk262m5ntvmf4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwvki8KimZLeFIJK81gbgr5PIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4OTQyMDk4NzA4NTc5MDXIAQmpAkz3zoOgN7I-4AIAqAMBqgSjAk_Qe4qJbqtBCWrey87IZ9gaIXobGW8l74vb_YvK-xbgTuGi_hraHPaY8FDeeNDh5Foqr78lJTj_txom9GlH-VlXj5TAB6ou30d5y84ufu1jm3OQH8p-Xyi6jm0fHnIsjWMXThFf9ubw7fF2deOp8ugJ2Iggfo40BDe_MN99s55fEqeoyk9LCgtbv6lfJJKSEEUppP0d3gi_lbMyy2VmkjOJ5Gy9HsTb45JZ2gs--2V4WkNxhbodO6AUgG2DUXiy-OniNI95fsbmFx7JnmufOAdk2sYwWPAOz9m81imeXkTepOtDDUR4vQGzNlALkl46aJ-ECrF-lKrs-hQo8H3TK0hI1POF9c50pTY211RhrH6QK6nwpspFCN1y1TK2crXdGGad7uAEAYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Vb69ptDZRPJHDuNpI-Z8yyqgJ3g%2526client%253Dca-pub-4894209870857905%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 693039
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2Biu1XbRoKsErodQkl4Gdas%2BB5M8SbZ47SJOimfJ0wI90GQVbduYxQTS88WujBrn07eT5NKWYcskJLJjkbjjzE0l2Ez6pTYtepjiw%2FwBEJZGQbApTBgGWK5hYin8NXi9ImSXPvpvfls%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7e2797833e731cb5-FRA
expires: Thu, 06 Jul 2023 12:43:45 GMT

GET
H2 200 C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame 9C41 5 KB
5 KB 30ms
20ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=22cefa9c92ae77da7e3e87435cd7c28e%2F3726556781543493662&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688643825094&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnkq3vgyj1g4q27qhbfaf6hfj34c6q2f2jqw3czapajdhsev4fsztbeagyrdrfk988tqmb3v2cxt9bvwgqh7gr4r3wtqw6yg7yy8x7qtpk2b37zrs99nkjjhtm1fay283t4bbca4zfws5x48ne85qfc5wse5ps39sr2xxygch64qsjrxys8j7e0gdzptgkfv298gc34b1t6n879wnw1y6p35cwczk268qga4y0qg2xrpznnp545k2w9zx968jsnpt33d0qt58xc1yk262m5ntvmf4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwvki8KimZLeFIJK81gbgr5PIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4OTQyMDk4NzA4NTc5MDXIAQmpAkz3zoOgN7I-4AIAqAMBqgSjAk_Qe4qJbqtBCWrey87IZ9gaIXobGW8l74vb_YvK-xbgTuGi_hraHPaY8FDeeNDh5Foqr78lJTj_txom9GlH-VlXj5TAB6ou30d5y84ufu1jm3OQH8p-Xyi6jm0fHnIsjWMXThFf9ubw7fF2deOp8ugJ2Iggfo40BDe_MN99s55fEqeoyk9LCgtbv6lfJJKSEEUppP0d3gi_lbMyy2VmkjOJ5Gy9HsTb45JZ2gs--2V4WkNxhbodO6AUgG2DUXiy-OniNI95fsbmFx7JnmufOAdk2sYwWPAOz9m81imeXkTepOtDDUR4vQGzNlALkl46aJ-ECrF-lKrs-hQo8H3TK0hI1POF9c50pTY211RhrH6QK6nwpspFCN1y1TK2crXdGGad7uAEAYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Vb69ptDZRPJHDuNpI-Z8yyqgJ3g%2526client%253Dca-pub-4894209870857905%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1960040
cf-polished: origFmt=png, origSize=10283
alt-svc: h3=":443"; ma=86400
content-length: 4736
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Apr 2023 12:21:02 GMT
server: cloudflare
etag: "b90d04a587c2a1ab6749e51d8bb195d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y07a7nhyqTW8ExdegaTtNcJipcrrVb9Gvflqpy74W213nc09GjOgi5YdZ1N77e%2BetSU9ZaKJU2uBzP7Dh2EbT%2BrPFFr6Y6r%2B79JpLgehvCzAat9Em%2BTolgC%2FFDkTBi5baP6Z%2BDoqu9o4pbza"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2797834eae91e3-FRA
expires: Fri, 07 Jul 2023 11:43:45 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 9C41 54 KB
55 KB 39ms
30ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=22cefa9c92ae77da7e3e87435cd7c28e%2F3726556781543493662&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688643825094&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnkq3vgyj1g4q27qhbfaf6hfj34c6q2f2jqw3czapajdhsev4fsztbeagyrdrfk988tqmb3v2cxt9bvwgqh7gr4r3wtqw6yg7yy8x7qtpk2b37zrs99nkjjhtm1fay283t4bbca4zfws5x48ne85qfc5wse5ps39sr2xxygch64qsjrxys8j7e0gdzptgkfv298gc34b1t6n879wnw1y6p35cwczk268qga4y0qg2xrpznnp545k2w9zx968jsnpt33d0qt58xc1yk262m5ntvmf4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwvki8KimZLeFIJK81gbgr5PIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4OTQyMDk4NzA4NTc5MDXIAQmpAkz3zoOgN7I-4AIAqAMBqgSjAk_Qe4qJbqtBCWrey87IZ9gaIXobGW8l74vb_YvK-xbgTuGi_hraHPaY8FDeeNDh5Foqr78lJTj_txom9GlH-VlXj5TAB6ou30d5y84ufu1jm3OQH8p-Xyi6jm0fHnIsjWMXThFf9ubw7fF2deOp8ugJ2Iggfo40BDe_MN99s55fEqeoyk9LCgtbv6lfJJKSEEUppP0d3gi_lbMyy2VmkjOJ5Gy9HsTb45JZ2gs--2V4WkNxhbodO6AUgG2DUXiy-OniNI95fsbmFx7JnmufOAdk2sYwWPAOz9m81imeXkTepOtDDUR4vQGzNlALkl46aJ-ECrF-lKrs-hQo8H3TK0hI1POF9c50pTY211RhrH6QK6nwpspFCN1y1TK2crXdGGad7uAEAYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Vb69ptDZRPJHDuNpI-Z8yyqgJ3g%2526client%253Dca-pub-4894209870857905%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1058780
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400
content-length: 55786
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkn%2FtAzNS2dp7zOuuDfPMVpsBAYMuLM35y68RGGRRnKzxbW%2Fpcj66xQiPc%2FYUESMzgNdi%2FEEuZZ%2B%2FZI5rsyYMLZH4zRUuvp8rEj3aI0%2F3dNhv4%2FOAMWjQzfynjWBlhoQT1qwyrSm%2FF7VpVfR"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2797834eb091e3-FRA
expires: Fri, 07 Jul 2023 11:43:45 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 9C41 2 KB
3 KB 38ms
29ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=22cefa9c92ae77da7e3e87435cd7c28e%2F3726556781543493662&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688643825094&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnkq3vgyj1g4q27qhbfaf6hfj34c6q2f2jqw3czapajdhsev4fsztbeagyrdrfk988tqmb3v2cxt9bvwgqh7gr4r3wtqw6yg7yy8x7qtpk2b37zrs99nkjjhtm1fay283t4bbca4zfws5x48ne85qfc5wse5ps39sr2xxygch64qsjrxys8j7e0gdzptgkfv298gc34b1t6n879wnw1y6p35cwczk268qga4y0qg2xrpznnp545k2w9zx968jsnpt33d0qt58xc1yk262m5ntvmf4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwvki8KimZLeFIJK81gbgr5PIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4OTQyMDk4NzA4NTc5MDXIAQmpAkz3zoOgN7I-4AIAqAMBqgSjAk_Qe4qJbqtBCWrey87IZ9gaIXobGW8l74vb_YvK-xbgTuGi_hraHPaY8FDeeNDh5Foqr78lJTj_txom9GlH-VlXj5TAB6ou30d5y84ufu1jm3OQH8p-Xyi6jm0fHnIsjWMXThFf9ubw7fF2deOp8ugJ2Iggfo40BDe_MN99s55fEqeoyk9LCgtbv6lfJJKSEEUppP0d3gi_lbMyy2VmkjOJ5Gy9HsTb45JZ2gs--2V4WkNxhbodO6AUgG2DUXiy-OniNI95fsbmFx7JnmufOAdk2sYwWPAOz9m81imeXkTepOtDDUR4vQGzNlALkl46aJ-ECrF-lKrs-hQo8H3TK0hI1POF9c50pTY211RhrH6QK6nwpspFCN1y1TK2crXdGGad7uAEAYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Vb69ptDZRPJHDuNpI-Z8yyqgJ3g%2526client%253Dca-pub-4894209870857905%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2390468
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRlZ%2FlfqbU3zDmNrla0tQz7Ih8h4s%2FGzrWK1e7nlaZNIBOJaaz3BRO7gJn48Pbl5KmeCxz%2BM6qvxVdLEO4z0%2FqJNsnevyTM7xwP6rOMYBGaaVSLNyYvDnbgdjBNw9mD40AsOvqt8BCQMXzFz"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2797834eaf91e3-FRA
expires: Fri, 07 Jul 2023 11:43:45 GMT

GET
H2 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 9C41 253 KB
254 KB 29ms
20ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=22cefa9c92ae77da7e3e87435cd7c28e%2F3726556781543493662&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688643825094&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnkq3vgyj1g4q27qhbfaf6hfj34c6q2f2jqw3czapajdhsev4fsztbeagyrdrfk988tqmb3v2cxt9bvwgqh7gr4r3wtqw6yg7yy8x7qtpk2b37zrs99nkjjhtm1fay283t4bbca4zfws5x48ne85qfc5wse5ps39sr2xxygch64qsjrxys8j7e0gdzptgkfv298gc34b1t6n879wnw1y6p35cwczk268qga4y0qg2xrpznnp545k2w9zx968jsnpt33d0qt58xc1yk262m5ntvmf4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwvki8KimZLeFIJK81gbgr5PIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4OTQyMDk4NzA4NTc5MDXIAQmpAkz3zoOgN7I-4AIAqAMBqgSjAk_Qe4qJbqtBCWrey87IZ9gaIXobGW8l74vb_YvK-xbgTuGi_hraHPaY8FDeeNDh5Foqr78lJTj_txom9GlH-VlXj5TAB6ou30d5y84ufu1jm3OQH8p-Xyi6jm0fHnIsjWMXThFf9ubw7fF2deOp8ugJ2Iggfo40BDe_MN99s55fEqeoyk9LCgtbv6lfJJKSEEUppP0d3gi_lbMyy2VmkjOJ5Gy9HsTb45JZ2gs--2V4WkNxhbodO6AUgG2DUXiy-OniNI95fsbmFx7JnmufOAdk2sYwWPAOz9m81imeXkTepOtDDUR4vQGzNlALkl46aJ-ECrF-lKrs-hQo8H3TK0hI1POF9c50pTY211RhrH6QK6nwpspFCN1y1TK2crXdGGad7uAEAYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Vb69ptDZRPJHDuNpI-Z8yyqgJ3g%2526client%253Dca-pub-4894209870857905%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1172581
cf-polished: origFmt=png, origSize=431531
alt-svc: h3=":443"; ma=86400
content-length: 259252
cf-bgj: imgq:85,h2pri
last-modified: Fri, 16 Jun 2023 10:20:07 GMT
server: cloudflare
etag: "16f7fe8ce7119ba0f513f8179ecb2d3a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuKe%2FGpJTD0vlDXUC0r75Fi2S%2FwZboc%2Bj1uBhF5hj5elVJJr55VrH7sSdOWL6yeRDUPgC%2Br9S1uSl4%2B29dxg73dT9Gvp7JUV3qWew5gP5PUbfvIw3skJAHk%2BzCV6MC8lxn%2BHr%2BEUWR1slOhl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2797834eab91e3-FRA
expires: Fri, 07 Jul 2023 11:43:45 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9C41 43 B
704 B 215ms
139ms Image
image/gif 104.64.118.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=22cefa9c92ae77da7e3e87435cd7c28e%2F3726556781543493662&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688643825094&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnkq3vgyj1g4q27qhbfaf6hfj34c6q2f2jqw3czapajdhsev4fsztbeagyrdrfk988tqmb3v2cxt9bvwgqh7gr4r3wtqw6yg7yy8x7qtpk2b37zrs99nkjjhtm1fay283t4bbca4zfws5x48ne85qfc5wse5ps39sr2xxygch64qsjrxys8j7e0gdzptgkfv298gc34b1t6n879wnw1y6p35cwczk268qga4y0qg2xrpznnp545k2w9zx968jsnpt33d0qt58xc1yk262m5ntvmf4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwvki8KimZLeFIJK81gbgr5PIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4OTQyMDk4NzA4NTc5MDXIAQmpAkz3zoOgN7I-4AIAqAMBqgSjAk_Qe4qJbqtBCWrey87IZ9gaIXobGW8l74vb_YvK-xbgTuGi_hraHPaY8FDeeNDh5Foqr78lJTj_txom9GlH-VlXj5TAB6ou30d5y84ufu1jm3OQH8p-Xyi6jm0fHnIsjWMXThFf9ubw7fF2deOp8ugJ2Iggfo40BDe_MN99s55fEqeoyk9LCgtbv6lfJJKSEEUppP0d3gi_lbMyy2VmkjOJ5Gy9HsTb45JZ2gs--2V4WkNxhbodO6AUgG2DUXiy-OniNI95fsbmFx7JnmufOAdk2sYwWPAOz9m81imeXkTepOtDDUR4vQGzNlALkl46aJ-ECrF-lKrs-hQo8H3TK0hI1POF9c50pTY211RhrH6QK6nwpspFCN1y1TK2crXdGGad7uAEAYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Vb69ptDZRPJHDuNpI-Z8yyqgJ3g%2526client%253Dca-pub-4894209870857905%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-118-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 11:43:45 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 9C41 36 KB
36 KB 25ms
18ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=22cefa9c92ae77da7e3e87435cd7c28e%2F3726556781543493662&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688643825094&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnkq3vgyj1g4q27qhbfaf6hfj34c6q2f2jqw3czapajdhsev4fsztbeagyrdrfk988tqmb3v2cxt9bvwgqh7gr4r3wtqw6yg7yy8x7qtpk2b37zrs99nkjjhtm1fay283t4bbca4zfws5x48ne85qfc5wse5ps39sr2xxygch64qsjrxys8j7e0gdzptgkfv298gc34b1t6n879wnw1y6p35cwczk268qga4y0qg2xrpznnp545k2w9zx968jsnpt33d0qt58xc1yk262m5ntvmf4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwvki8KimZLeFIJK81gbgr5PIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4OTQyMDk4NzA4NTc5MDXIAQmpAkz3zoOgN7I-4AIAqAMBqgSjAk_Qe4qJbqtBCWrey87IZ9gaIXobGW8l74vb_YvK-xbgTuGi_hraHPaY8FDeeNDh5Foqr78lJTj_txom9GlH-VlXj5TAB6ou30d5y84ufu1jm3OQH8p-Xyi6jm0fHnIsjWMXThFf9ubw7fF2deOp8ugJ2Iggfo40BDe_MN99s55fEqeoyk9LCgtbv6lfJJKSEEUppP0d3gi_lbMyy2VmkjOJ5Gy9HsTb45JZ2gs--2V4WkNxhbodO6AUgG2DUXiy-OniNI95fsbmFx7JnmufOAdk2sYwWPAOz9m81imeXkTepOtDDUR4vQGzNlALkl46aJ-ECrF-lKrs-hQo8H3TK0hI1POF9c50pTY211RhrH6QK6nwpspFCN1y1TK2crXdGGad7uAEAYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Vb69ptDZRPJHDuNpI-Z8yyqgJ3g%2526client%253Dca-pub-4894209870857905%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 627294
cf-polished: origFmt=png, origSize=62828
alt-svc: h3=":443"; ma=86400
content-length: 36446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDX2FoN3wePJIEPLb8jfTvOCJxZhx90TcI5U1NqaCMNGeCZ60ejxGRv4IGs6QGh3U6LQyda%2FGZRTctwPLSNvDsrp8pkwyj7v0MDQiJSHWVAhBczxvEHQZ1%2FWt2fm2TAG4nyRol2HOTT30TnH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2797834ead91e3-FRA
expires: Fri, 07 Jul 2023 11:43:45 GMT

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 9C41 28 KB
28 KB 37ms
30ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=22cefa9c92ae77da7e3e87435cd7c28e%2F3726556781543493662&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688643825094&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnkq3vgyj1g4q27qhbfaf6hfj34c6q2f2jqw3czapajdhsev4fsztbeagyrdrfk988tqmb3v2cxt9bvwgqh7gr4r3wtqw6yg7yy8x7qtpk2b37zrs99nkjjhtm1fay283t4bbca4zfws5x48ne85qfc5wse5ps39sr2xxygch64qsjrxys8j7e0gdzptgkfv298gc34b1t6n879wnw1y6p35cwczk268qga4y0qg2xrpznnp545k2w9zx968jsnpt33d0qt58xc1yk262m5ntvmf4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwvki8KimZLeFIJK81gbgr5PIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4OTQyMDk4NzA4NTc5MDXIAQmpAkz3zoOgN7I-4AIAqAMBqgSjAk_Qe4qJbqtBCWrey87IZ9gaIXobGW8l74vb_YvK-xbgTuGi_hraHPaY8FDeeNDh5Foqr78lJTj_txom9GlH-VlXj5TAB6ou30d5y84ufu1jm3OQH8p-Xyi6jm0fHnIsjWMXThFf9ubw7fF2deOp8ugJ2Iggfo40BDe_MN99s55fEqeoyk9LCgtbv6lfJJKSEEUppP0d3gi_lbMyy2VmkjOJ5Gy9HsTb45JZ2gs--2V4WkNxhbodO6AUgG2DUXiy-OniNI95fsbmFx7JnmufOAdk2sYwWPAOz9m81imeXkTepOtDDUR4vQGzNlALkl46aJ-ECrF-lKrs-hQo8H3TK0hI1POF9c50pTY211RhrH6QK6nwpspFCN1y1TK2crXdGGad7uAEAYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Vb69ptDZRPJHDuNpI-Z8yyqgJ3g%2526client%253Dca-pub-4894209870857905%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2210833
cf-polished: qual=85, origFmt=jpeg, origSize=133780
alt-svc: h3=":443"; ma=86400
content-length: 28740
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8xu4LGlPUkclAki%2FuvWTb1%2BTjifcinqSA%2FmnhgJr1CSatHShZXRuPEml9B3a6HjMnauGiT%2F2Kja0SqgD%2Fsdq2N5ImXBea9XYt6kfetQwN%2FNpY1QuvFuyykLlNHZsMFG1Eut9tGKT6EjNdV1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2797834eb191e3-FRA
expires: Fri, 07 Jul 2023 11:43:45 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9C41 43 B
704 B 150ms
75ms Image
image/gif 104.64.118.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-118-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 11:43:45 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 603827755051214 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 146ms
146ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/603827755051214?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

65ae76bf94c8e61546b7cf9565f3aebe238d3f70e26b73776c119862fc99320f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jul 2023 11:43:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: GpgiQIefNzJ9smoJJ1/VLM6n3tQi/DoiPRra1uscYMDGPgXSpDzkpsHUDYp7BGrW6HuP2NU7BmBkfjFbRHxqSg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 9C41 2 KB
2 KB 160ms
103ms Script
text/html 13.41.28.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hwte5geh5ah7b4pz5s188jmjjtph1gxeb50nbp01pgapa84akengfssc303b8f49b7t61f12ykdr752fnys8z0v5d9sty4eme9s2w6ajjbbnsrbx37396csrnxk0j03xmev6d2s5vy7swfy2802ych3y9h1jg1wrdcke3qeenareh1b20m0p4sy8q25yvehx9phy6s2j9r034w8m1hh7qd4ad3vg4whgemd026ftawm3216p3dkvqask0kwrva9ep7g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hnkq3vgyj1g4q27qhbfaf6hfj34c6q2f2jqw3czapajdhsev4fsztbeagyrdrfk988tqmb3v2cxt9bvwgqh7gr4r3wtqw6yg7yy8x7qtpk2b37zrs99nkjjhtm1fay283t4bbca4zfws5x48ne85qfc5wse5ps39sr2xxygch64qsjrxys8j7e0gdzptgkfv298gc34b1t6n879wnw1y6p35cwczk268qga4y0qg2xrpznnp545k2w9zx968jsnpt33d0qt58xc1yk262m5ntvmf4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCwvki8KimZLeFIJK81gbgr5PIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4OTQyMDk4NzA4NTc5MDXIAQmpAkz3zoOgN7I-4AIAqAMBqgSjAk_Qe4qJbqtBCWrey87IZ9gaIXobGW8l74vb_YvK-xbgTuGi_hraHPaY8FDeeNDh5Foqr78lJTj_txom9GlH-VlXj5TAB6ou30d5y84ufu1jm3OQH8p-Xyi6jm0fHnIsjWMXThFf9ubw7fF2deOp8ugJ2Iggfo40BDe_MN99s55fEqeoyk9LCgtbv6lfJJKSEEUppP0d3gi_lbMyy2VmkjOJ5Gy9HsTb45JZ2gs--2V4WkNxhbodO6AUgG2DUXiy-OniNI95fsbmFx7JnmufOAdk2sYwWPAOz9m81imeXkTepOtDDUR4vQGzNlALkl46aJ-ECrF-lKrs-hQo8H3TK0hI1POF9c50pTY211RhrH6QK6nwpspFCN1y1TK2crXdGGad7uAEAYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2Vb69ptDZRPJHDuNpI-Z8yyqgJ3g%252526client%25253Dca-pub-4894209870857905%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=22cefa9c92ae77da7e3e87435cd7c28e%2F3726556781543493662&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688643825094&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnkq3vgyj1g4q27qhbfaf6hfj34c6q2f2jqw3czapajdhsev4fsztbeagyrdrfk988tqmb3v2cxt9bvwgqh7gr4r3wtqw6yg7yy8x7qtpk2b37zrs99nkjjhtm1fay283t4bbca4zfws5x48ne85qfc5wse5ps39sr2xxygch64qsjrxys8j7e0gdzptgkfv298gc34b1t6n879wnw1y6p35cwczk268qga4y0qg2xrpznnp545k2w9zx968jsnpt33d0qt58xc1yk262m5ntvmf4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwvki8KimZLeFIJK81gbgr5PIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4OTQyMDk4NzA4NTc5MDXIAQmpAkz3zoOgN7I-4AIAqAMBqgSjAk_Qe4qJbqtBCWrey87IZ9gaIXobGW8l74vb_YvK-xbgTuGi_hraHPaY8FDeeNDh5Foqr78lJTj_txom9GlH-VlXj5TAB6ou30d5y84ufu1jm3OQH8p-Xyi6jm0fHnIsjWMXThFf9ubw7fF2deOp8ugJ2Iggfo40BDe_MN99s55fEqeoyk9LCgtbv6lfJJKSEEUppP0d3gi_lbMyy2VmkjOJ5Gy9HsTb45JZ2gs--2V4WkNxhbodO6AUgG2DUXiy-OniNI95fsbmFx7JnmufOAdk2sYwWPAOz9m81imeXkTepOtDDUR4vQGzNlALkl46aJ-ECrF-lKrs-hQo8H3TK0hI1POF9c50pTY211RhrH6QK6nwpspFCN1y1TK2crXdGGad7uAEAYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Vb69ptDZRPJHDuNpI-Z8yyqgJ3g%2526client%253Dca-pub-4894209870857905%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.28.186 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-28-186.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 65de491a93d7e43d2064d6e5c31282821c1b4192d7ae1dff475c23eb0648cb2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:45 GMT
last-modified: Thu, 06 Jul 2023 11:43:45 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 06 Jul 2023 11:44:45 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 9C41 85 KB
31 KB 46ms
7ms Script
text/javascript 18.66.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hwte5geh5ah7b4pz5s188jmjjtph1gxeb50nbp01pgapa84akengfssc303b8f49b7t61f12ykdr752fnys8z0v5d9sty4eme9s2w6ajjbbnsrbx37396csrnxk0j03xmev6d2s5vy7swfy2802ych3y9h1jg1wrdcke3qeenareh1b20m0p4sy8q25yvehx9phy6s2j9r034w8m1hh7qd4ad3vg4whgemd026ftawm3216p3dkvqask0kwrva9ep7g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hnkq3vgyj1g4q27qhbfaf6hfj34c6q2f2jqw3czapajdhsev4fsztbeagyrdrfk988tqmb3v2cxt9bvwgqh7gr4r3wtqw6yg7yy8x7qtpk2b37zrs99nkjjhtm1fay283t4bbca4zfws5x48ne85qfc5wse5ps39sr2xxygch64qsjrxys8j7e0gdzptgkfv298gc34b1t6n879wnw1y6p35cwczk268qga4y0qg2xrpznnp545k2w9zx968jsnpt33d0qt58xc1yk262m5ntvmf4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCwvki8KimZLeFIJK81gbgr5PIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4OTQyMDk4NzA4NTc5MDXIAQmpAkz3zoOgN7I-4AIAqAMBqgSjAk_Qe4qJbqtBCWrey87IZ9gaIXobGW8l74vb_YvK-xbgTuGi_hraHPaY8FDeeNDh5Foqr78lJTj_txom9GlH-VlXj5TAB6ou30d5y84ufu1jm3OQH8p-Xyi6jm0fHnIsjWMXThFf9ubw7fF2deOp8ugJ2Iggfo40BDe_MN99s55fEqeoyk9LCgtbv6lfJJKSEEUppP0d3gi_lbMyy2VmkjOJ5Gy9HsTb45JZ2gs--2V4WkNxhbodO6AUgG2DUXiy-OniNI95fsbmFx7JnmufOAdk2sYwWPAOz9m81imeXkTepOtDDUR4vQGzNlALkl46aJ-ECrF-lKrs-hQo8H3TK0hI1POF9c50pTY211RhrH6QK6nwpspFCN1y1TK2crXdGGad7uAEAYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2Vb69ptDZRPJHDuNpI-Z8yyqgJ3g%252526client%25253Dca-pub-4894209870857905%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:41:10 GMT
content-encoding: gzip
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 82956
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 0r5qbicQI7E0PKmbunmhClN3ppszUn8HsdwemRKu4QxD6H0tOUS-Lg==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 9C41 15 KB
15 KB 43ms
7ms Image
image/png 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1688644125&Signature=oMtjqvb94-b-gVKEOgITA0te4BP4SP4810DjurA31yHfFwQsNwTuNkWuqb7bQqPpsO5TRC7wCnP7CctlwBX5aGC3NymQ8oTri-y8ZAtZ1~hgFvTjiCxIcXjyzud48Q25arCq2jzn8GIXH614AaXiUCzRfs3CsBg4B5-h8ZcI0CN42oD0B8POIG2h0qHssrIza6qvvlwdks20iEdLOiSv1P2rY-pidVOib-BXX6yyNnEqoZ96O8Pw6fqa-~37wOBtMHExq1tNBTpxtujibsMU0uL1X2aq-LajuZ8dkJTz1OOTgYOQ7t9UTepauNyhHSqGzjncPPqEmPg3~ms-gtjyjA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=22cefa9c92ae77da7e3e87435cd7c28e%2F3726556781543493662&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688643825094&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnkq3vgyj1g4q27qhbfaf6hfj34c6q2f2jqw3czapajdhsev4fsztbeagyrdrfk988tqmb3v2cxt9bvwgqh7gr4r3wtqw6yg7yy8x7qtpk2b37zrs99nkjjhtm1fay283t4bbca4zfws5x48ne85qfc5wse5ps39sr2xxygch64qsjrxys8j7e0gdzptgkfv298gc34b1t6n879wnw1y6p35cwczk268qga4y0qg2xrpznnp545k2w9zx968jsnpt33d0qt58xc1yk262m5ntvmf4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwvki8KimZLeFIJK81gbgr5PIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4OTQyMDk4NzA4NTc5MDXIAQmpAkz3zoOgN7I-4AIAqAMBqgSjAk_Qe4qJbqtBCWrey87IZ9gaIXobGW8l74vb_YvK-xbgTuGi_hraHPaY8FDeeNDh5Foqr78lJTj_txom9GlH-VlXj5TAB6ou30d5y84ufu1jm3OQH8p-Xyi6jm0fHnIsjWMXThFf9ubw7fF2deOp8ugJ2Iggfo40BDe_MN99s55fEqeoyk9LCgtbv6lfJJKSEEUppP0d3gi_lbMyy2VmkjOJ5Gy9HsTb45JZ2gs--2V4WkNxhbodO6AUgG2DUXiy-OniNI95fsbmFx7JnmufOAdk2sYwWPAOz9m81imeXkTepOtDDUR4vQGzNlALkl46aJ-ECrF-lKrs-hQo8H3TK0hI1POF9c50pTY211RhrH6QK6nwpspFCN1y1TK2crXdGGad7uAEAYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Vb69ptDZRPJHDuNpI-Z8yyqgJ3g%2526client%253Dca-pub-4894209870857905%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 06 Jul 2023 05:02:59 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 24047
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: nIV9bpwoQIU6mMUJGSm6PWDtUUbPHB6Mqs-nqK4tP066VtPIgUb7_Q==

GET
H3 200 790534505586497 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 133ms
133ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/790534505586497?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

24629d426a75ea1c7d5ca2d5cf6337e29cea83899ba3e65b8f35a29637fc12d7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jul 2023 11:43:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: +VpzHefdzbV4rI49kI++JmQeEcqh2ezsUBY3Ebcq+2rkKplmua+zl+drZYXYiwlsHlHcCHNRxh2rNm3/5mwL9A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 19ms
18ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=finanzaspy.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
11 KB 833ms
832ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3537348392657576&correlator=3387087040287532&eid=31072020%2C31075760%2C31075787%2C31075817&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=22526454507%2Cfinanzaspy.com%2CFinanzaspy_Content1_20230624&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=250x250%7C300x250%7C336x280&ifi=4&adks=1925420202&sfv=1-0-40&ris=1&rcs=1&eri=1&cust_params=id_post_wp%3D2392%26utm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&sc=1&cookie=ID%3De289cb14f1576a06%3AT%3D1688643824%3ART%3D1688643824%3AS%3DALNI_MYrNjdD-bvHpzgKH3TZUW0yp0YtPw&gpic=UID%3D00000c639b908e14%3AT%3D1688643824%3ART%3D1688643824%3AS%3DALNI_Maq7u35oxWvLFJqekMRzJLcJO82cg&abxe=1&dt=1688643825522&lmt=1688577888&dlt=1688643822631&idt=1789&adxs=240&adys=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&frm=20&vis=1&psz=1120x0&msz=1120x0&fws=0&ohw=0&ga_vid=380639831.1688643824&ga_sid=1688643824&ga_hid=732917418&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcY69eP2JIxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGL3Wj9iSMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lPVkZKWm5jck9WaFVjWEZSTVdsS05YRmxZa2hUVVQwOUluMD0Yv9qP2JIxSAASGQoKdWlkYXBpLmNvbRi-1o_YkjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJLZj9iSMUgAUgIIag..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f79edb64baa11fa94dfdf305e744c7802757eb6b14aab61aaf47510872b40f03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:46 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10999
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://finanzaspy.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 185299934360235 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 137ms
136ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/185299934360235?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

36959a9ee8744a0bfca75876588188c1bd4c509a6fe8a498c1c374ee7f8dd519

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jul 2023 11:43:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: mv17oCwdifdl9OeV4EcqisNhTP1QrctlS/1VzKMNKNh2eUfcr6vnBMTkNVoO0ZTu++sBpMT918cFL4B9hGRH8A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/ 154 KB
52 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/reactive_library_fy2021.js?bust=31075780

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb76b54e06d5b54e6284c8877432ff85673f8aebbde9cd69d5311d602275d072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53437
x-xss-protection: 0
server: cafe
etag: 7042070035490738438
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Jul 2023 11:43:45 GMT

GET
H3 200 155336737200353 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 131ms
131ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/155336737200353?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

16b8520a83989773d55c2b4a4d708f5e3c10e2e2ce5423702c0aaa84fa30e8c0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jul 2023 11:43:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 9+V4HrQOTefKkyNZTFLwexaPo9uxmTR07cl0M0DrOWKQt4XkjVho/79RpjvXyF2p8DIlAh3071RSS/hXv/w6Hg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=finanzaspy.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/ Frame 4681 10 KB
4 KB 8ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15348
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 07:27:57 GMT
etag: 12368291122986407432
expires: Thu, 20 Jul 2023 07:27:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 4681 4 KB
655 B 21ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jul 2023 11:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 10:56:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jul 2023 11:43:45 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/4929448376555896514/ Frame 4681 76 KB
76 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4929448376555896514/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e6fc09a692b7e619b106aa886d76f19cfb92af7921b68f3f780b51450421277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 14:09:14 GMT
x-content-type-options: nosniff
age: 77671
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77808
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 08:20:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 04 Jul 2024 14:09:14 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame 4681 2 KB
973 B 12ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:15:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44877
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:15:48 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/ Frame 4681 23 KB
9 KB 15ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:14:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44977
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:14:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame 4681 3 KB
1 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:32:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 11:32:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4837 1 KB
643 B 14ms
9ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67869
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 16:52:36 GMT
etag: 48472445140208031
expires: Thu, 06 Jul 2023 16:52:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame 4681 20 KB
8 KB 12ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:14:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44977
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:14:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4681 0
0 18ms
14ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaStOKVsl0wugCfD7v-BnWZx1iJBtzSohr_JXhrNs3u5XJa9gpppUdx9t_FyDace5Hl-c5bDK6y4XD2rD-3WCJ-BRrI1jA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4681 179 KB
56 KB 22ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 11:43:45 GMT

GET
H2 200 5f03bef6f00b7a8cf9d43233a2aa7e67.js Show response
www.gstatic.com/mysidia/ Frame 4681 33 KB
14 KB 174ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5f03bef6f00b7a8cf9d43233a2aa7e67.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a5fa3073b94aa8259d04802566504c897fd640610ea9f36654cfacc615f325e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 19:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 576336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 19:09:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 19:38:10 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012306202201000/ Frame 80C1 222 KB
61 KB 157ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 17:10:51 GMT
age: 66775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61909
x-xss-protection: 0
server: sffe
etag: "f919e19544cf979d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 17:10:51 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 80C1 15 KB
5 KB 168ms
17ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:19:04 GMT
age: 69882
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "64cbd7fca0464c6f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:19:04 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 80C1 94 KB
28 KB 169ms
18ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:18:55 GMT
age: 69891
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28896
x-xss-protection: 0
server: sffe
etag: "4dcd9a8c59f0d36a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:18:55 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 80C1 5 KB
2 KB 171ms
20ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:19:04 GMT
age: 69882
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1898
x-xss-protection: 0
server: sffe
etag: "b82574a955fb50a0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:19:04 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 80C1 40 KB
13 KB 172ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:18:58 GMT
age: 69888
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12958
x-xss-protection: 0
server: sffe
etag: "5e14f2792a869535"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:18:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 80C1 6 KB
706 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jul 2023 11:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 11:21:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jul 2023 11:43:45 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 80C1 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 17:10:02 GMT
x-content-type-options: nosniff
server: cafe
age: 66823
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Thu, 06 Jul 2023 17:10:02 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 80C1 344 B
449 B 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 13:35:10 GMT
x-content-type-options: nosniff
server: cafe
age: 79715
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 06 Jul 2023 13:35:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 80C1 0
0 15ms
14ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQO0o_Z75O_O4otP4pSvaIkmF8nHcOZ-N03OnlK9F7HkLTMHn8GIGJcPy4Q2AU4pCjnJ0Ngha-2gmB7BsBrXSCjeb5w7Q
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 80C1 0
0 54ms
53ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQHII8KimZNytK-7rmLAPhpCSoAmzp4H_btOqkMmMEfKYrrrDOBABIKSdl48BYJXikIKgB6ABzsXcxSjIAQmpAs75TLsbNrI-4AIAqAMByAMKqgSHAk_QmTlTTre86AnTw89BFVmuVhLiqnLpLrxQKlUzuJZG9hnLAexvj-P7M-ZSfg95k-3URzmxiqQp2PWmnofy5yoxZyrESG3NvIu-oIwWZK690Nl6ZoRDqhySREZE13ZvFvrsNWWWRTv1piqrFl1qUbQU_e6AGMJbWsa7d9uhHkr8i16AolhlOMiIv1IEWxpHERqh0UIIZ3sXpIyvqlsIJ1nd60_sg50lV4JbLTA3JyeZe2chsJCHlyRAd1hv0Qs-Ix-hTdV3Go_QgL0Ya57ccQAvOpBz153gBERVyAhAaF-qkzrqNC6SkrmY5E17kB2E1unWou6457tWp0wYhF09Mz6alAZIwongwATrw5iysgTgBAGSBQQIBBgBkgUECAUYBKAGLoAHzv2spQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCutAPSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsBuBPkA9gTDIgUA9AVAZgWAYAXAbIXHgocCAASFHB1Yi04NTE5NTY2NDAxODUxMjM2GNPafg&sigh=YHF1aKol7V4&uach_m=[UACH]&cid=CAQSPABygQiDQXaqhNO9tLEWG4N3Wh5c4ho6m8WgGmSIXsbsqgMVbadGSlfVrEVWUDVHwIcPWzQot6kVbuH53xgB&template_id=484
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/7989391614315001243/ Frame 80C1 38 KB
38 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7989391614315001243/2076313506083323656

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3349c61435c2c57938f47f0b58872045c669a21502920a98b2307a4464465fa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 06:09:59 GMT
x-content-type-options: nosniff
age: 365626
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38516
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 15:41:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 01 Jul 2024 06:09:59 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1693614039876342798/ Frame 80C1 1 KB
1 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1693614039876342798/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84707ce073612ad493a5c23bd5b5fedc2949d22336382ed550a1f7deb86e4872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:40:31 GMT
x-content-type-options: nosniff
age: 453794
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1390
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 16:38:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 30 Jun 2024 05:40:31 GMT

GET
DATA 200
OK truncated
/ Frame 80C1 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 80C1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a02a9b5dfde0a35493a2550fd1c1f71cb481f29ea53f4ee1a22e336d093aba29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 80C1 15 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://finanzaspy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 412770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:04:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 80C1 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://finanzaspy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 418732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 15:24:53 GMT

GET
DATA 200
OK truncated
/ Frame 4681 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fd17428544db19e8b2ff3951b612f09217a5ef45329586d97c510c6913ad3d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4837 35 B
466 B 94ms
9ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHPG5dUXqu87XKEgJ-fncGw&google_cver=1&google_push=AaAOQGGCAFaUTopRSGw2nrwZjpLCdqRVPNdtrBIOYg-l3RArT49gUOfwFFTRjD2BvMvCv8-UjBTvBC9sKk4bIuNzcIBXa7ASzLBCc90

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4837
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA09fZzOBTYkU6JNmVOmUKA&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA09fZzOBTYkU6JNmVOmUKA&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnBpdHhwTkQxUWhub0s1&google_gid=CAESEA09fZzOBTYkU6JNmVOmUKA&google_cver=1&google_push=AaAOQGGdfRErcT_I_lSQwqCskfK-T6q20vmq2cY04gXgT4r...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnBpdHhwTkQxUWhub0s1&google_gid=CAESEA09fZzOBTYkU6JNmVOmUKA&google_cver=1&google_push=AaAOQGGdfRErcT_I_lSQwqCskfK-T6q20vmq2cY04gXgT4rJT2gxOJs5ef1kNpmIPMetD-ige47TnkthRTJcIyT9QaU_SpnCEilurBA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 11:43:45 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-0afa2568184f9f5d2@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnBpdHhwTkQxUWhub0s1&google_gid=CAESEA09fZzOBTYkU6JNmVOmUKA&google_cver=1&google_push=AaAOQGGdfRErcT_I_lSQwqCskfK-T6q20vmq2cY04gXgT4rJT2gxOJs5ef1kNpmIPMetD-ige47TnkthRTJcIyT9QaU_SpnCEilurBA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame 4837 43 B
419 B 186ms
183ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEKtixcDY_kJIpNEb88bBVqc&google_cver=1&google_push=AaAOQGE5-5fJivMNyaRgoZSK3TgR1lwrZgBZXT9C2T5Ybdb3uWMfpQzSfwXOKVOAMg-jkQ9lKYboD8BLtfDgm6jGyh4NGDLWmAj89Mc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE5-5fJivMNyaRgoZSK3TgR1lwrZgBZXT9C2T5Ybdb3uWMfpQzSfwXOKVOAMg-jkQ9lKYboD8BLtfDgm6jGyh4NGDLWmAj89Mc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e27978818cc9052-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4837
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEZLQRhflzyaDTI2T6ddVs8&google_cver=1&google_push=AaAOQGHX7YgOU5mgiDdmq_nSoiq23t-UfXAaC7eR9V0brjOu19GvndRmcvyJNBTg_aLaXPujTIb0N8SLaFkaep...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MjY3MDAwNzI2MjY0MDI3MA%3D%3D&google_push=AaAOQGHX7YgOU5mgiDdmq_nSoiq23t-UfXAaC7eR9V0brjOu19GvndRmcvyJNBTg_aLaXPujTIb0N8SLaFkaeptDsb...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MjY3MDAwNzI2MjY0MDI3MA%3D%3D&google_push=AaAOQGHX7YgOU5mgiDdmq_nSoiq23t-UfXAaC7eR9V0brjOu19GvndRmcvyJNBTg_aLaXPujTIb0N8SLaFkaeptDsbmopoyXOCYwyuk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MjY3MDAwNzI2MjY0MDI3MA%3D%3D&google_push=AaAOQGHX7YgOU5mgiDdmq_nSoiq23t-UfXAaC7eR9V0brjOu19GvndRmcvyJNBTg_aLaXPujTIb0N8SLaFkaeptDsbmopoyXOCYwyuk
Date: Thu, 06 Jul 2023 11:43:46 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4837
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESED2IR9rzmemJJAtdCMdHM5g&google_cver=1&google_push=AaAOQGGzQtqKitw9cYbbtQd6RAw7RzkT0XpA03v8TCf2YSmcGTJat5sc0s4IPgUHGnALnqDVaCUEmzjc-Jh1x4OinUnHoGm...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESED2IR9rzmemJJAtdCMdHM5g&google_cver=1&google_push=AaAOQGGzQtqKitw9cYbbtQd6RAw7RzkT0XpA03v8TCf2YSmcGTJat5sc0s4IPgUHGnALnqDVaCUEmzjc-Jh1x4OinUnHo...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGGzQtqKitw9cYbbtQd6RAw7RzkT0XpA03v8TCf2YSmcGTJat5sc0s4IPgUHGnALnqDVaCUEmzjc-Jh1x4OinUnHoGmUkdnlwM4

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGGzQtqKitw9cYbbtQd6RAw7RzkT0XpA03v8TCf2YSmcGTJat5sc0s4IPgUHGnALnqDVaCUEmzjc-Jh1x4OinUnHoGmUkdnlwM4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGGzQtqKitw9cYbbtQd6RAw7RzkT0XpA03v8TCf2YSmcGTJat5sc0s4IPgUHGnALnqDVaCUEmzjc-Jh1x4OinUnHoGmUkdnlwM4
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 4837
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-ABsR5CvY5cjtaMG9h1kLffCKOQLUfEmv-ZysvQ&google_push=PUSH_DATA
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

43 B
369 B

16ms
16ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 111458
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 4837
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEN4njK2I_Qc...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGGnThi61S22znrS5nRF-rJhg7Z8GpiSkB9fnH3Qc48FALQpfrjLE2UyVANlVWUctOvUrZ_OvV0fPdJTOP6INs99Ueg8D0hkPRo
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
165 B

37ms
37ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Thu, 06 Jul 2023 11:43:46 GMT
pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4837 0
12 B 16ms
15ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iq1giOU6j2C2Ru-jhNkl07XufzzFKywnbmLsrWgucM3s23xd0BKXHLqtKoQ7gvsLlV7VZatg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 761765835504492 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 127ms
126ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/761765835504492?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67e1dcbe0ff21e8ff9de35bcce5f4c69a517064154e83e0f1b8c582344d71478

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jul 2023 11:43:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ttt8GbcTydR6l0z7MsaoQ8KU5gYvaHpYBeBzqJOVE/NtceXkawRz5dF4y2nVRII71HqZy/VHb6KdObya/Wf9yg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4681 0
19 B 52ms
52ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cc1_v8KimZKf0JtrVtwfH16f4D_-H7ZBw6veehe0Rrs3d1cUBEAEgpauPlgFgleKQgqAHoAGZlr7FKcgBCakCTPfOg6A3sj6oAwHIA8sEqgTuAU_Qk3-3r2tcVo9CyK0YB46K1Vc5p5kXMBoQICjyZORT68PcWTF_0MII5x8qrwUaPq4gHU1eu6h0-1u0JN7NC3jjNOJQ6NFemDkZHdjmUZrdzuLeCIDJeam2xMdICpFaG9WLU2kCazroAJ3ohozDf7vJaqrwKuIPhnZhLj-CfsT6-eLIc8hKE3-tkZXNDCuUDw0DLRdyy0Bop52Q7l2xE6PlkiTpC005xY23cvD--Mut0akug3S59WrYRBC3I4PbChteRb8xDQuYPlmK6um2snbDd94HCIcDzazHKU8thRtWNDLwjdZZ-QjEuI1QAqnABKPdraW9BJIFBAgEGAGSBQQIBRgEoAYugAeZzo6lBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIamBdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwG4E-QD2BMK0BUBgBcBshccChoIABIUcHViLTkwNjA3ODA0MjE3MjEzMzMYAA&sigh=PhZ0Oa-1djE&uach_m=[UACH]&cid=CAQSKQBygQiDzy6M_QoZseK_HLkK1HKCfT-Gtm1AopggpT9ACaxZ68K-lDTJGAE&template_id=484&cbvp=2&vis=1

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 06 Jul 2023 11:43:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 251E 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 09:46:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jul 2024 09:46:38 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 9C41 16 B
210 B 63ms
62ms Fetch
application/json 13.40.20.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.40.20.169 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-40-20-169.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 06 Jul 2023 11:43:46 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 78ms
20ms Preflight 13.40.20.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.40.20.169 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-40-20-169.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 06 Jul 2023 11:43:46 GMT
server: nginx

GET
H3 200 1924582474564165 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 137ms
136ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1924582474564165?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

92acef203b18ea8d16f39ad1387ff524243435e7ac4d8aef0985bfba467ab76b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jul 2023 11:43:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: duLrV9t/e58hpmQr0Zxd9vqk0YwkDq8Y60hadM5dpwEypsQ3tCnCnuKRjmLOyptFcJb5LKnFQ+MkNPJrNfOPCg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 container.html Show response
b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 77EE 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:44 GMT
expires: Fri, 05 Jul 2024 11:43:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 89BD 624 B
242 B 48ms
46ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIY_sGa7QEwAQ&v=APEucNVF664w4GrvzsDok0bOMxcMcuXIUAb3uEqTwUnN5uH2OQqiQA-5G8WKwNDXL96qjtO-VxfMBGkKyfSwxOoC3DAs_ferYyzjygQxkt7Dp3AAZM15yRXnsKForgxYvaCj76KwIkHbrTHrJ3gN-ppYzio_ZGx-ibFWOODoh0OC3T7a9Z38X4U

Requested by

Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 77EE 78 KB
27 KB 86ms
85ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 06 Jul 2023 11:43:46 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 77EE 42 B
63 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DZkSneCWV-Aidq5i2Oxc98xTUBThDKelLNLASBhGd0Xs51NE8UjB-y6woFt6OLwsT6pfSRI9pbOibimS-TMRZo1M-z9zuh4ZqXn-8Uz4341j97Quk

Requested by

Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 77EE 0
20 B 43ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7986416437829659917&x=1&ct=76

Requested by

Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame 77EE 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/window_focus_fy2021.js

Requested by

Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:13:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame 77EE 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:14:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:14:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 77EE 0
0 16ms
15ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQUOi7I4JlvbdVRXCkYYtl-ojcKtChTLxzPbVPsx4yhryRcZhdIxGVd4H45vqfd9_6tkPNi5pxRR-Q3I27IErGf9xG9MA
Requested by: Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 77EE 179 KB
56 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 11:43:46 GMT

GET
H3 200 9038410082867569 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 147ms
146ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/9038410082867569?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46baa2a6f37fa5c72a78c3f0db33d5a626985b4f9ce5fb1d5ba9bd8360c1b307

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jul 2023 11:43:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: /EkSSMO66WVtfU4vAG9xfKqGmU6nngPLkFW3ReST5sOMdiAyIbYEpuUfRXiPkote5mu2CHyQKw9AP0RuQAK+jw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 89BD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxOL2sseh9JAfgR-c2LznY&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxOL2sseh9JAfgR-c2LznY&google_cver=1&C=1

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxOL2sseh9JAfgR-c2LznY&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIY_sGa7QEwAQ&v=APEucNVF664w4GrvzsDok0bOMxcMcuXIUAb3uEqTwUnN5uH2OQqiQA-5G8WKwNDXL96qjtO-VxfMBGkKyfSwxOoC3DAs_ferYyzjygQxkt7Dp3AAZM15yRXnsKForgxYvaCj76KwIkHbrTHrJ3gN-ppYzio_ZGx-ibFWOODoh0OC3T7a9Z38X4U
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 11:43:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 11:43:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESENxOL2sseh9JAfgR-c2LznY&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 89BD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKao8p-ctnlOQB7yMOCAywAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxOL2sseh9JAfgR-c2LznY&google_cver=1

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxOL2sseh9JAfgR-c2LznY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIY_sGa7QEwAQ&v=APEucNVF664w4GrvzsDok0bOMxcMcuXIUAb3uEqTwUnN5uH2OQqiQA-5G8WKwNDXL96qjtO-VxfMBGkKyfSwxOoC3DAs_ferYyzjygQxkt7Dp3AAZM15yRXnsKForgxYvaCj76KwIkHbrTHrJ3gN-ppYzio_ZGx-ibFWOODoh0OC3T7a9Z38X4U
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 11:43:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxOL2sseh9JAfgR-c2LznY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 89BD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEF_T_dG9rx6WkwLO3hrDuxA&google_cver=1

43 B
839 B

17ms
13ms

Image
image/gif

185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEF_T_dG9rx6WkwLO3hrDuxA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIY_sGa7QEwAQ&v=APEucNVF664w4GrvzsDok0bOMxcMcuXIUAb3uEqTwUnN5uH2OQqiQA-5G8WKwNDXL96qjtO-VxfMBGkKyfSwxOoC3DAs_ferYyzjygQxkt7Dp3AAZM15yRXnsKForgxYvaCj76KwIkHbrTHrJ3gN-ppYzio_ZGx-ibFWOODoh0OC3T7a9Z38X4U

Protocol

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
an-x-request-uuid: 2358308c-6afb-4559-b2e4-c4bc92dab989
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.77; 45.141.152.77; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEF_T_dG9rx6WkwLO3hrDuxA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 89BD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIwOTM4MTg1MDI4MDQ2OTMwOA%3D%3D

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIwOTM4MTg1MDI4MDQ2OTMwOA%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
an-x-request-uuid: 6846b275-7174-4f81-bcea-734750c7770b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIwOTM4MTg1MDI4MDQ2OTMwOA%3D%3D
x-proxy-origin: 45.141.152.77; 45.141.152.77; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 77EE 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=18891927276&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 77EE 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=18891927276&version=m202301230201&ct=76&x=1&cor=7986416437829660000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 77EE 104 KB
40 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AR5hiQuzlBB9Yocn36D7fNMWGO6kkjJ_4RGa2Xf7ESzLr5NjLVG6OkwUoiK6XjbTvhGCkkeDY2xUFYfgeAyUS7QE9YC8RcPStXGr89aIe3cheffuoH2pw6OsBsK6UlRSpMm9SjsiluwM0IIJ7Q0SFb6BIwGqeCe6jU2mhnzT-823Tgr-w&dbm_d=AKAmf-DdCsk85WY834RpVcB0AXE-THfzKhdDhX11xtqZNhOx7zrBrb_LQroVfUqQBGTPvEvorsL1ySLy0e6uHvqu7KZWc-HCrGaS3srex5cYccRGXENSyCI2wc0CeVYgy9X3TqLtVPqayWFKfYl8iuCDgj6Z2CzsDghD9aIZhNQwi8vG_R0O9Du1JaNxVm28jqlvEavKrz0Vv5NiI3b5Ar0ZWe85iPnRKpTJOvX0hgpvLM-aA8wIvLgV1Dq8uD6BpDNaXbO0sNMwS1v5LXVHSP1YTvo7ydzG0HfV1YDZubiSZosFaSRDt-4sMByciTwu07t-jhmzazLz0zR21B_COKFqc79jcMuchNfwN9wCoz3B7dT1HhgWmoZaSzJmKVClo2Ni_ZX3-TKnHJhy4pwViPWtq7wKf3pLzfs4_qrk0VONuawOiEh1i4B95cb74PLOAUKG80r3EpU5y8kqU4se9kmmXqfq1NoO7ydc8tpebyj_8EaNADhNFAaQcEsI1n6q5UFvrVU-AqzBXwMnzq-Mg3LB4orJBbsZYtTiHWoQ0AdfDGVlQ_D7NEBoBQtRXJwi8Evl_V8G6VaiEci2Iu-30YwMqOLzonkDbM_fKH1QMRcKUVZuofRwluJAE1XhZ1Z2ApB1HwrSfia_FjLa4fXpiG6FSP82LpqTTE_2bXGdQVjh6prAhmxHu0YA6lPnxNy0YkyyW3PvW3itQ7YjIQ4J0etL9awS0vhrZ7uFWiNNmzQWXkCxyr-AK9_P5UEY6RyHzDQlY8m6aGvZfzpyHUAfTuaHOVB3TV0dk4q_bdDTpgGmYHKOn0bh3UQ_0EHfhjo0CrnVW6AgmJKyFN3FpkuycLdtdGikhPCB3ElbJ9rvoShkvD6XCw9xfi4rbU_jf5V1vk8FSljpuuuWO2nTFO-r50yRn-kHC00q9oRPjquxGq8MwFgtFTyqL5zn4AfmY9CMZwXXHTiS1dN2PYV8MD4nTDoiaG6BB4dfnQauE4MsyhqkFGiv2PuAwebkV3InaqiDOEabWc6d97EiEC-OwOzYDWkK0SMWavVU9AY9wkT3kPwsozbwg5eQQQaKpgtk3Y3eLKyvQ2oe1c6ZUdaGSnTliU2YMSUG2Y-VFdvrXJb47enNg5k1QyCdLWfDBrKYUmg4dFooXGY5ECAHeI_ZQodA1dKQHEIWol-tCym6YLe5WgBKXFMLDfUQHcQIfreYizaxaOWfFVQk3MNOvC6UFpx6yyZ4_BmMwtie3gicZ_LYYDImGfvShXL6mAi0esyoGpLQwEYau4xvYuZ-ib65-Znbdf8UaNKq44rQzhNkHb9FCQUHvVmdYZPfffN9LFmVrLGaG0iGMwR42QCRuKmgCmMY928l2wazOJQQ6Qy8n2yeGj2iCSccP8Tfq9H0ZMTQDginAb0qcQfX2cAJ3dK6cFGGARc_pCxYVonfiomgFIooaOphj64goq47V6_8h743qsXcq97uazfQ2S5xwGmID8vtcK9TOlEL-bFRwrOWGaPQOQqtZaJAq9PpGSnNDwjR7UF_DEkXwfxbjTh7FZ4rCY3U6XC28Zyceh2arAiyB86Cpl_vIpLHYfF76HFmuog7snaeBiUMp-NL7qqZrz9Uw-XWGduOHqN9hMpeHSCDJ7fYyhBTJI9ALWodfnZngp3OyA-MJD2xk6ylVUbWUn-PVedrfBVseaMMqKF8Aw-U-5yviH7nX9h7ZF2et7zvmwUZ5izI_yjNTkLwgH9nfSY60HOOsvGQ9mBN98C-v8Y4Q6vLHtAuFICtYZw1eeSwLUa89vwM589ugk5U3KgarldOP1HpbqInHLVLPrIv6eVci_amhDIyxdLERvIluEkC151A8LCMUn55ounb2W4Q8fwSntB-u9QNL4r2tGKphTU_QkxBTjhWaLhyfqfen6bIfCYvaFqkakAQf-s6TQG8zpp20WF9m-pa9CVWOIWjRW3-wXlurO8NV4M5r15qDlhczMX3l_3F0JW3DIIAKzXWob6oAWgqRjLTqm5AR__3jyudWIYC7mdSXHFi26swx01c-LfLnBn1URoGcbxuD4U9KaHUfIEzcsKra3bUa270OvF_Wi3W8hEpdarVXKYM0SAkg-1gUh16D3MQEWTK6fOkpmGrnFSZP7W2fCmrqLEl7XDDqM0BSAPdW0uBSXqKNjWxYFn-t2LLELV8-7tEx3vlsAzi-ib8fob-1cqziJvKR9lRcztMhNKxMssNxAcoXLqqOGyqU_-QbvUzL5SoVU78qZYJbxl-K3n8Ns5XvIOnK1_1_mVrEQt3tx9YTjBfS98XxlBC7FIzDV_WJsUqpn9Tod4TUWNNQhRBBLfoVaCOxkhnFtHAC1fzIu-pfQ_i_7biZAmY59t-j2yolDmRUwsiK12YA_NjeVT7agwEVhuKqu1RCyOeR20-GtmjppSvunZWQq_eHbBvpt15DMdK0pOEt9flOhd_Yr3qAkDryfv7oD94Z5BtXi-75nH9ctmwRoGP9IK-w7LB8sBjWxPINgPkGfHlr1XqvBWd6GnKQ4lXXpAGV4njgDD7IXjPkQ8CC8TUU3C8MX_IPICQzFmSQjwB3zGrH49fesY6VSJMvdNEyli8GVWBsarvdyPEVlWvi8dwWkMizcFykCRPt7DxXa8dBvUxdECiEcy1PjR1CH8RDoAlltgAmGRKYK_Do-eDKsJszmoCi2yg8mGC7kkHbRfh1VYpO6i567ZqPplrIt4--b49o79B6Tgs630V8L0IzafVqOQB3stYftJJx_OSCRtsT7JXMHe4-q45vIlDk018WF27GKFqpuMPUco5pLx6eBHNpkykU09HWZUCRGyE-69RUdZKtOs1frhr8LPUj4LQs2x0TVQQRFHgZRWNnYCX4izoXXd_KesxeeQ8i9gkqhYuP9puuyI9991t6fSO2JsmyQ9HYozzucx3BXP-82GNgGlcbTTzWvh4OyYwAc_nKUaxzWsDpRBXiPg5Ft2XquC_w2nBx5abHM7UEBJQ8JG5mmV1iS5zAG7ofUyRJXMCxbKRJjcnioBKI6pwfhy28U4SqvpWYNGwa-aMP5DOvPtnYEbim3fEhDlshFam5U4abnKXqOhuuSuc5s5dwugZ5CdKFpKgDrSq69AZXEgIfovuwvYlMgzsucnlXYlIr3rBgMpLRVV5UAd_52E1UBxNUU2Oaodw8aG_rRDcNYNf-41t970Ki6fpAfHPtk5f4Y9jAq0a0Kbyzo8qEyYL2R_cmwZaSbVJz7GcHhyY4mLf3Z_CgStU96dkEEk-ipIclNfk6820Ay5s67iSKp8eB6vyv9lUkmUJotpHJ38Qb8lklI7F9_cWxSy-BV51U-7R54Y0rm2K-NlxkZxAr1J-bGSUjqNocmqjMIUedWFUcNdL8rx7EEkM9WmseagVLNweWsdqwUjhfZVTxCWKVmCIOaEwE3y515ojJkNjjVhuECcSd6X61Ry3XRxCu14o3qTHQS7-T2oYaNclQPoGox-8HB54eC7e_rslrBu6Fxv0VhN9QXeF6U35iVqwSVV6gqRSh0wy9IZRXm_5KPcG2SAjhfVqM9O8nkuNCZM-ZCzoMaOeuhF-JMFVW6JZOWraWxttNwIOSSvf&cid=CAQSPABygQiDM9Rv0EVvdbJXB3Wg4gh_rWcqgTssx9IR01eclIrQXBfY0SNfXWsvVHq38f9-UHVKngX_MKpKaBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Ffinanzaspy.com%2F&ds=l&xdt=1&iif=1&cor=7986416437829660000&adk=2857193498&idt=90&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

988be2b727eb388bf5232cd03f2bcb4a2b53950480e286e022a999ad9a4eba24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1512463/71854823/ Frame 77EE 245 KB
74 KB 131ms
37ms Script
application/javascript 34.240.84.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1512463/71854823/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013433103&ias_pubId=pub-4894209870857905&ias_chanId=1&ias_placementId=20291930156&bidurl=https://finanzaspy.com/e-caixa-tem-app-melhor/&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0j0rYNyIYB5Oii3tM7oVLrf
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.84.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-84-191.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 20bed5a478617a324d3e618e018279c565790a2f321056fdf1e6d09e89ba41d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 77EE 111 KB
39 KB 43ms
6ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
Origin: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 10:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5201
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 10:17:05 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230628/r20110914/elements/html/ Frame 77EE 11 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230628/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AR5hiQuzlBB9Yocn36D7fNMWGO6kkjJ_4RGa2Xf7ESzLr5NjLVG6OkwUoiK6XjbTvhGCkkeDY2xUFYfgeAyUS7QE9YC8RcPStXGr89aIe3cheffuoH2pw6OsBsK6UlRSpMm9SjsiluwM0IIJ7Q0SFb6BIwGqeCe6jU2mhnzT-823Tgr-w&dbm_d=AKAmf-DdCsk85WY834RpVcB0AXE-THfzKhdDhX11xtqZNhOx7zrBrb_LQroVfUqQBGTPvEvorsL1ySLy0e6uHvqu7KZWc-HCrGaS3srex5cYccRGXENSyCI2wc0CeVYgy9X3TqLtVPqayWFKfYl8iuCDgj6Z2CzsDghD9aIZhNQwi8vG_R0O9Du1JaNxVm28jqlvEavKrz0Vv5NiI3b5Ar0ZWe85iPnRKpTJOvX0hgpvLM-aA8wIvLgV1Dq8uD6BpDNaXbO0sNMwS1v5LXVHSP1YTvo7ydzG0HfV1YDZubiSZosFaSRDt-4sMByciTwu07t-jhmzazLz0zR21B_COKFqc79jcMuchNfwN9wCoz3B7dT1HhgWmoZaSzJmKVClo2Ni_ZX3-TKnHJhy4pwViPWtq7wKf3pLzfs4_qrk0VONuawOiEh1i4B95cb74PLOAUKG80r3EpU5y8kqU4se9kmmXqfq1NoO7ydc8tpebyj_8EaNADhNFAaQcEsI1n6q5UFvrVU-AqzBXwMnzq-Mg3LB4orJBbsZYtTiHWoQ0AdfDGVlQ_D7NEBoBQtRXJwi8Evl_V8G6VaiEci2Iu-30YwMqOLzonkDbM_fKH1QMRcKUVZuofRwluJAE1XhZ1Z2ApB1HwrSfia_FjLa4fXpiG6FSP82LpqTTE_2bXGdQVjh6prAhmxHu0YA6lPnxNy0YkyyW3PvW3itQ7YjIQ4J0etL9awS0vhrZ7uFWiNNmzQWXkCxyr-AK9_P5UEY6RyHzDQlY8m6aGvZfzpyHUAfTuaHOVB3TV0dk4q_bdDTpgGmYHKOn0bh3UQ_0EHfhjo0CrnVW6AgmJKyFN3FpkuycLdtdGikhPCB3ElbJ9rvoShkvD6XCw9xfi4rbU_jf5V1vk8FSljpuuuWO2nTFO-r50yRn-kHC00q9oRPjquxGq8MwFgtFTyqL5zn4AfmY9CMZwXXHTiS1dN2PYV8MD4nTDoiaG6BB4dfnQauE4MsyhqkFGiv2PuAwebkV3InaqiDOEabWc6d97EiEC-OwOzYDWkK0SMWavVU9AY9wkT3kPwsozbwg5eQQQaKpgtk3Y3eLKyvQ2oe1c6ZUdaGSnTliU2YMSUG2Y-VFdvrXJb47enNg5k1QyCdLWfDBrKYUmg4dFooXGY5ECAHeI_ZQodA1dKQHEIWol-tCym6YLe5WgBKXFMLDfUQHcQIfreYizaxaOWfFVQk3MNOvC6UFpx6yyZ4_BmMwtie3gicZ_LYYDImGfvShXL6mAi0esyoGpLQwEYau4xvYuZ-ib65-Znbdf8UaNKq44rQzhNkHb9FCQUHvVmdYZPfffN9LFmVrLGaG0iGMwR42QCRuKmgCmMY928l2wazOJQQ6Qy8n2yeGj2iCSccP8Tfq9H0ZMTQDginAb0qcQfX2cAJ3dK6cFGGARc_pCxYVonfiomgFIooaOphj64goq47V6_8h743qsXcq97uazfQ2S5xwGmID8vtcK9TOlEL-bFRwrOWGaPQOQqtZaJAq9PpGSnNDwjR7UF_DEkXwfxbjTh7FZ4rCY3U6XC28Zyceh2arAiyB86Cpl_vIpLHYfF76HFmuog7snaeBiUMp-NL7qqZrz9Uw-XWGduOHqN9hMpeHSCDJ7fYyhBTJI9ALWodfnZngp3OyA-MJD2xk6ylVUbWUn-PVedrfBVseaMMqKF8Aw-U-5yviH7nX9h7ZF2et7zvmwUZ5izI_yjNTkLwgH9nfSY60HOOsvGQ9mBN98C-v8Y4Q6vLHtAuFICtYZw1eeSwLUa89vwM589ugk5U3KgarldOP1HpbqInHLVLPrIv6eVci_amhDIyxdLERvIluEkC151A8LCMUn55ounb2W4Q8fwSntB-u9QNL4r2tGKphTU_QkxBTjhWaLhyfqfen6bIfCYvaFqkakAQf-s6TQG8zpp20WF9m-pa9CVWOIWjRW3-wXlurO8NV4M5r15qDlhczMX3l_3F0JW3DIIAKzXWob6oAWgqRjLTqm5AR__3jyudWIYC7mdSXHFi26swx01c-LfLnBn1URoGcbxuD4U9KaHUfIEzcsKra3bUa270OvF_Wi3W8hEpdarVXKYM0SAkg-1gUh16D3MQEWTK6fOkpmGrnFSZP7W2fCmrqLEl7XDDqM0BSAPdW0uBSXqKNjWxYFn-t2LLELV8-7tEx3vlsAzi-ib8fob-1cqziJvKR9lRcztMhNKxMssNxAcoXLqqOGyqU_-QbvUzL5SoVU78qZYJbxl-K3n8Ns5XvIOnK1_1_mVrEQt3tx9YTjBfS98XxlBC7FIzDV_WJsUqpn9Tod4TUWNNQhRBBLfoVaCOxkhnFtHAC1fzIu-pfQ_i_7biZAmY59t-j2yolDmRUwsiK12YA_NjeVT7agwEVhuKqu1RCyOeR20-GtmjppSvunZWQq_eHbBvpt15DMdK0pOEt9flOhd_Yr3qAkDryfv7oD94Z5BtXi-75nH9ctmwRoGP9IK-w7LB8sBjWxPINgPkGfHlr1XqvBWd6GnKQ4lXXpAGV4njgDD7IXjPkQ8CC8TUU3C8MX_IPICQzFmSQjwB3zGrH49fesY6VSJMvdNEyli8GVWBsarvdyPEVlWvi8dwWkMizcFykCRPt7DxXa8dBvUxdECiEcy1PjR1CH8RDoAlltgAmGRKYK_Do-eDKsJszmoCi2yg8mGC7kkHbRfh1VYpO6i567ZqPplrIt4--b49o79B6Tgs630V8L0IzafVqOQB3stYftJJx_OSCRtsT7JXMHe4-q45vIlDk018WF27GKFqpuMPUco5pLx6eBHNpkykU09HWZUCRGyE-69RUdZKtOs1frhr8LPUj4LQs2x0TVQQRFHgZRWNnYCX4izoXXd_KesxeeQ8i9gkqhYuP9puuyI9991t6fSO2JsmyQ9HYozzucx3BXP-82GNgGlcbTTzWvh4OyYwAc_nKUaxzWsDpRBXiPg5Ft2XquC_w2nBx5abHM7UEBJQ8JG5mmV1iS5zAG7ofUyRJXMCxbKRJjcnioBKI6pwfhy28U4SqvpWYNGwa-aMP5DOvPtnYEbim3fEhDlshFam5U4abnKXqOhuuSuc5s5dwugZ5CdKFpKgDrSq69AZXEgIfovuwvYlMgzsucnlXYlIr3rBgMpLRVV5UAd_52E1UBxNUU2Oaodw8aG_rRDcNYNf-41t970Ki6fpAfHPtk5f4Y9jAq0a0Kbyzo8qEyYL2R_cmwZaSbVJz7GcHhyY4mLf3Z_CgStU96dkEEk-ipIclNfk6820Ay5s67iSKp8eB6vyv9lUkmUJotpHJ38Qb8lklI7F9_cWxSy-BV51U-7R54Y0rm2K-NlxkZxAr1J-bGSUjqNocmqjMIUedWFUcNdL8rx7EEkM9WmseagVLNweWsdqwUjhfZVTxCWKVmCIOaEwE3y515ojJkNjjVhuECcSd6X61Ry3XRxCu14o3qTHQS7-T2oYaNclQPoGox-8HB54eC7e_rslrBu6Fxv0VhN9QXeF6U35iVqwSVV6gqRSh0wy9IZRXm_5KPcG2SAjhfVqM9O8nkuNCZM-ZCzoMaOeuhF-JMFVW6JZOWraWxttNwIOSSvf&cid=CAQSPABygQiDM9Rv0EVvdbJXB3Wg4gh_rWcqgTssx9IR01eclIrQXBfY0SNfXWsvVHq38f9-UHVKngX_MKpKaBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Ffinanzaspy.com%2F&ds=l&xdt=1&iif=1&cor=7986416437829660000&adk=2857193498&idt=90&cac=0&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:23:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230628/r20110914/ Frame 77EE 30 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230628/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:23:11 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 77EE 41 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 07:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jul 2024 07:09:29 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AA54 1 KB
643 B 9ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 16:52:36 GMT
etag: 48472445140208031
expires: Thu, 06 Jul 2023 16:52:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 77EE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e59dd6466f840e49e6b2bd3c030eae6f3f78b3e141e5e66dad181c7e3c73b3a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 66BB 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 102793
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 07:10:33 GMT
expires: Thu, 04 Jul 2024 07:10:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame AA54
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKr0ziAZ4k9LUehxv4WAH-o&google_cver=1&google_push=AaAOQGENV22FLzXZsZbxxiR2M4Rh4di5eOmUZrRga5TKTXWdINgFE-QUwN4nAZd_FDQQ3EMfpHGf5n9i07pAtrOEjipk8KH93y3R
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODE3NzI3NzE4NDg5NDg2NTA3OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKr0ziAZ4k9LUehxv4WAH-o&google_cver=1

43 B
398 B

64ms
25ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKr0ziAZ4k9LUehxv4WAH-o&google_cver=1
Requested by: Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKr0ziAZ4k9LUehxv4WAH-o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame AA54 70 B
265 B 31ms
29ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEO368eePSJrWyXePguq-kOQ&google_cver=1&google_push=AaAOQGHilh9-z5sDtnMRtUeEdb_Kg2oSu5ad3tzwdv3bP2tFN_iMUaNKIZ9Cs6T1pWmnKOP20AZa32E9kJHvoqYzQuRf6BxBX1bX
Requested by: Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame AA54 0
174 B 48ms
18ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAfER07W5twgp0I7lMNuTpQ&google_cver=1&google_push=AaAOQGE3xos2JXy-_Fne7Y1oWygGPsbeBtA7RAa7urC67QKYCHu-2w0N22FABcXREEUSxDXtnxgtCEBsr5ea6MVhBBdedb7m5Ols
Requested by: Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:46 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA54
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESED2IR9rzmemJJAtdCMdHM5g&google_cver=1&google_push=AaAOQGFanvJ9Mbcg_0UOF-ZvAejnS-X_BVgOi5E-GcLzkkgu6Q39MxiSooWUslBORIBhdPoqex31i4sAUEoIGHPfhV8AIAf...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFanvJ9Mbcg_0UOF-ZvAejnS-X_BVgOi5E-GcLzkkgu6Q39MxiSooWUslBORIBhdPoqex31i4sAUEoIGHPfhV8AIAfvSXrD

170 B
188 B

20ms
20ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFanvJ9Mbcg_0UOF-ZvAejnS-X_BVgOi5E-GcLzkkgu6Q39MxiSooWUslBORIBhdPoqex31i4sAUEoIGHPfhV8AIAfvSXrD

Requested by

Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFanvJ9Mbcg_0UOF-ZvAejnS-X_BVgOi5E-GcLzkkgu6Q39MxiSooWUslBORIBhdPoqex31i4sAUEoIGHPfhV8AIAfvSXrD
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame AA54 0
44 B 26ms
25ms Image
text/plain 185.86.139.101
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPgW7MMQLCV6qc9-SDBhBhQ&google_cver=1&google_push=AaAOQGGLc-YFpwM-M_1j1QRIEgf_ciMe6Lt-rU1szHeQYPKObc75kIQ0fomJvbCGoTVu5WK2ybyBybs-__Ru5rgwyhPUVQdGuS9p
Requested by: Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:46 GMT
content-length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58281/ Frame AA54 0
126 B 62ms
10ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDyqJZu14PAY7-eK5xXB7bg&google_cver=1&google_push=AaAOQGFdzjBSqmRwHUqmdMb7WQUDErDWxK_cVKKbpeCCT_7E0u3i3tgv2mhUe7MB-mvwBXCsdJfTtGk4R-5efjXKSe965MO9dzXf

Requested by

Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:46 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame AA54
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELnekx6CFOJBuB_lEQoKT0s&google_cver=1&google_push=AaAOQGFSzNQtR3onrWDuEkrRNbicnY3Bk8QnBSx7PRLsSWQbnuCUMskAQQY09CNUdDacRZxfpqOtIgqsOXx...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFSzNQtR3onrWDuEkrRNbicnY3Bk8QnBSx7PRLsSWQbnuCUMskAQQY09CNUdDacRZxfpqOtIgqsOXxNwsBlqYN831hwQo8WJw
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

7ms
7ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AA54 0
12 B 17ms
16ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lch0yOJwP1nPkAJwSybgyotqtcoNWmRfZXhDsBbaENwLTqjXk_yR7Y45Lx3OWdxfzd92edXlQ

Requested by

Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14668211440419877954/ Frame 5C65 4 KB
1 KB 22ms
7ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14668211440419877954/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70758ae845a438582f3f172eb663b5ecbc5e21fb5ee5e1870d3c46cb9b31db91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 159920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1300
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Jul 2023 15:18:26 GMT
expires: Wed, 03 Jul 2024 15:18:26 GMT
last-modified: Wed, 07 Jun 2023 13:28:31 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 77EE 0
0 90ms
51ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstmM2RdxkpMT6qkdZ6VJUTeHZhuMTgTjDDRMvF91UEeeKBM07ZqrMukgegQvfbTun92HiDwDDcDo2Fy9ZR1q8p8jEUGusicxaYculfBa09R_e6B3iZb_pNVkRu0is71MaKTUT6aGLO6gDaF2ltoXphPy_ig5y9yeHeDuYi8pZU2qDLSajd9eyNbkOVtMt8OBjGj1yGYeTKCaJFs_5IsjwltBjy8A_QlCZ3tX2nRre__VDoESph4_y8NTSK695_a4Tq-_t0mDWN4mLucM9YkC9_oqAuqabLLhDrPOsrKH7nxKoKGiWR9yTclteIZNmLNrmNbV_RisfoaDy6VRUDJ7w7iJiN22L3L3cuhV94FnD0ecy1tdQY-DaLEI-FB1_nZLCCemkJg1YGyExMsb5Bu0b6m9pcphK-6sU2nHak5iREj6lZAcJxP28O9tugpVlphk-1ggL1fCm3bbTkPCX8LUTfAGYQHeVtaC-VAKdjaX5KYszrlmnMgiFUZPHV8gxeTvYfPmXmlbP8FUhPJ4FSlxOrUYAea9w3oc4o86TM6FlDCLC6c9gq3D5JY5CmgDRZsiNO2iCXJ8-_8dHeJ-4h6QXVQ6kDmSULFypw2PErgxcaiB-p3n7eFuC-XvCzCTyKGH2dcYBvdCevAn-NJJSqL6ZH_hUJom8Dx7mDSg_VFlfAz66hXyHQkF50MeKr1Xh1SD-f1xDSJqsUP4vF8HwliG8emPegNLYLEC6ph_mX5WfHDs6KTs3xyHxx1hBIep98dGXz0_ZISwl7mft3t_P-G498PsqbysnECzhdSPriEy8_oBQ7M7GdlofgX-sQ1ALuqv2wu8Yx2_ptEX4oURKh7fKBNPQAgZHDMQuaMGspG3hPUn19l0e3QlW4Hv84hck3pQ5UI6MgSqfV-XFKERTc4tJjCzQK0RE2ySD92E8E7bfVFijD104dkbS3Zf0Y50nxl8MQqAv3-OjHeJhgZnbYeqkYMJ25ECzLRAF3HSV3MpsgGawxFf8K3fY6iE98jsi11NJjgPA4G3CSS3EKRzeb1UHY-KMisreatDnjeORcXByAevssLcfBpgaXmd6atdH_BjxxXAEknMBqjlvsYcu141bTJPjf5lz38rzXXH7gHqMgo5g0StH4wzCo6iCUc8LQ9a9uFDA1AXf421iXnALR4WH110H_a4OTJeSluxGWznfX2hREX3qP72mjV0vtmYFdEPvL4lpUFykFR-nXTXVhNC8kPJTiagM3G6z8neSVfCT86wDLvNcDTCGEyyr9-TTOMmO4IfzL0uyc-VlR40kI0F9fH8hMJsuyR8xRx&sai=AMfl-YT0BWI-7fmfaCvLyyux3jN-ILxhpCrpSGDtbbxATs1j7T5_P19oW0E24SK9ExrNH2vsosIXJ0jj4ccGhS7-N_5L7TduE-Xk_vNMEEA2ioWnbWxBzMVGKWifucZBG_M0qGu9twhKvw8HPCQReR0CxPw3UU6QY4ecvf-rtsLcvLoDNM8yewZY8H92-e-ogWo8cslGIBY8vErbriYn3lDQSiwwhiP3r7zhP65ES_QhCRcUfzi90YiWiKSjou0e3EX2POhTf2LAP9woDQ2dnSjwB7rPn1-WPI0&sig=Cg0ArKJSzLJgg51fkGx5EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=74&cbvp=1&cstd=70&cisv=r20230628.47692&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 06 Jul 2023 11:43:46 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 06 Jul 2023 11:43:46 GMT

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 66BB 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 09:46:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jul 2024 09:46:38 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/14668211440419877954/stylesheets/ Frame 5C65 2 KB
498 B 8ms
7ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14668211440419877954/stylesheets/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14668211440419877954/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33d3970ff8bc037453b42c2b9de20593a8b1d8eab9ec2fcd020306fb48b2fd73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14668211440419877954/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 15:18:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159920
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 469
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 13:28:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 Jul 2024 15:18:26 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/ Frame 5C65 113 KB
33 KB 32ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14668211440419877954/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5421822
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 33534
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1c274"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZn4DRgytvaYriJt1XIZfBaQBgYAOIzSBwkiDGtpSNE%2F2WMsB4z%2FAm6UcT1maFBD2MCgAAAOAVsUtNQ6MAhm8XfoAYYueS2qi2OmZjqpwE5UE%2BpYxPPb9zltGbkzX8tdBZvqao4L7HBxBVxFcWKogV2Y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7e27978d4b799b94-FRA
expires: Tue, 25 Jun 2024 11:43:46 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/14668211440419877954/javascripts/ Frame 5C65 2 KB
791 B 9ms
8ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14668211440419877954/javascripts/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14668211440419877954/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b02f1488cd7ed5e748c3580e56482d11e8409d389263ac1b12c0496d34cb1556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14668211440419877954/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 15:18:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159920
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 762
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 13:28:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 Jul 2024 15:18:26 GMT

GET
H3 200 1525308264668141 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 129ms
128ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1525308264668141?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b20da4706959ccea99f18f20389f9ba18e6f08039972782c71d68b73ff13e0a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jul 2023 11:43:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: l7nx6vxoef85/7DoZNL6Ket0/1E73CXzxr7G/bnDSLBLIMsY7xFtTKrYD+n6VS+DK3g3gE+rcr2PbrzPD8ED/A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 logo02.png
s0.2mdn.net/sadbundle/14668211440419877954/images/ Frame 5C65 9 KB
9 KB 7ms
7ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14668211440419877954/images/logo02.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14668211440419877954/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab43203ab1381240c7e3ed3d2df11ab5231a141265a1cff1d1ad600be194e1dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14668211440419877954/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 15:18:26 GMT
x-content-type-options: nosniff
age: 159920
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9093
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 13:28:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 Jul 2024 15:18:26 GMT

GET
H3 200 symbol.png
s0.2mdn.net/sadbundle/14668211440419877954/images/ Frame 5C65 2 KB
2 KB 10ms
8ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14668211440419877954/images/symbol.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14668211440419877954/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96709a5a10bdb0093ac9d15ba2669f29cfed584e385fb83520288c635074df9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14668211440419877954/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 15:18:26 GMT
x-content-type-options: nosniff
age: 159920
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2514
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 13:28:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 Jul 2024 15:18:26 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/14668211440419877954/images/ Frame 5C65 34 KB
34 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14668211440419877954/images/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14668211440419877954/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca113179b840010e99d9c2381ca8b865ad7b5f018d3493de6b46aaf539a53985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14668211440419877954/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:27:53 GMT
x-content-type-options: nosniff
age: 953
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34627
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 13:28:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jul 2024 11:27:53 GMT

GET
H3 200 push01.png
s0.2mdn.net/sadbundle/14668211440419877954/images/ Frame 5C65 5 KB
5 KB 11ms
10ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14668211440419877954/images/push01.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14668211440419877954/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0891c4cc4b171b71a2f2ad24149aab060acec53cada13b72c03f02c9ae4cf904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14668211440419877954/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 15:18:26 GMT
x-content-type-options: nosniff
age: 159920
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4955
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 13:28:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 Jul 2024 15:18:26 GMT

GET
H3 200 push01b.png
s0.2mdn.net/sadbundle/14668211440419877954/images/ Frame 5C65 4 KB
4 KB 12ms
10ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14668211440419877954/images/push01b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14668211440419877954/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

180840af133e943cda493f147848edc4238a28ecbe86461a49b68e4f535776f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14668211440419877954/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 15:18:26 GMT
x-content-type-options: nosniff
age: 159920
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4349
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 13:28:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 Jul 2024 15:18:26 GMT

GET
H3 200 name.png
s0.2mdn.net/sadbundle/14668211440419877954/images/ Frame 5C65 5 KB
5 KB 10ms
9ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14668211440419877954/images/name.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14668211440419877954/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a71bdfba456d6c08aefad89629b3cd7477aa1557f774ee465f0762f8511647a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14668211440419877954/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 15:18:26 GMT
x-content-type-options: nosniff
age: 159920
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5023
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 13:28:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 Jul 2024 15:18:26 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/14668211440419877954/images/ Frame 5C65 4 KB
4 KB 12ms
11ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14668211440419877954/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14668211440419877954/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1219b7d1b547b244a6fa261b2cd5fbdea7bd55095efadb2560a400828f1b45ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14668211440419877954/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 04:00:36 GMT
x-content-type-options: nosniff
age: 27790
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4162
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 13:28:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jul 2024 04:00:36 GMT

GET
H3 404 legal.png
s0.2mdn.net/sadbundle/14668211440419877954/images/ Frame 5C65 43 B
64 B 133ms
132ms Image
image/gif 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14668211440419877954/images/legal.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14668211440419877954/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14668211440419877954/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:46 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Thu, 06 Jul 2023 11:43:46 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/14668211440419877954/images/ Frame 5C65 6 KB
6 KB 15ms
13ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14668211440419877954/images/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14668211440419877954/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f920c7edaf3b1f00d7b5fdbbd4823adfb3c7823954867a0b119d04270394238d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14668211440419877954/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 15:18:26 GMT
x-content-type-options: nosniff
age: 159920
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6015
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 13:28:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 Jul 2024 15:18:26 GMT

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame 77EE
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1512463/71854823/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013433103&ias_pubId=pub-4894209870857905&ias_chanId=1&ias_placementId=20291930156&bidurl=ht...
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

24ms
12ms

Script
application/javascript

2600:9000:223f:a000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:a000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:42:03 GMT
x-amz-version-id: SJLYBA351pqECJYqjJA4.3WvprugNKiT
content-encoding: gzip
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 57704
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 05 Jul 2023 19:42:00 GMT
server: AmazonS3
etag: W/"589d8955c4906ab1b8e63a2f92d932d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: VpRzEVnkCx8tqSpjN9GFEuGQWqiem-n0Q6bwxQ1TnRPnk56IjyDC-A==

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
server: nginx
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 5408 91 KB
23 KB 56ms
10ms Script
application/javascript 2600:9000:223f:a000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 24869250
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: zADXB8_gGCnCzf9VTyipegjTZSQLG1xDEKYg8a_vAYWEIQZzCITv4w==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 77EE 43 B
216 B 555ms
180ms Image
image/gif 2600:1f13:800:7780:4e56:4440:4fc2:d335
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1512463&asId=2db3e06e-c8c7-5825-14f0-37ec76d4e0e2&tv=%7Bc:hAqWiZ,pingTime:-3,time:51,type:v,im:%7BpBlk:42%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:51,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B45~0%5D,as:%5B45~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJehphA+11%7C12%7C13%7C14%7C15111%7C15112%7C1512%7C16%7C171%7C172%7C18*.1512463-71854823%7C181%7C182%7C1831%7C184,idMap:18*,rmeas:1,rend:0,renddet:na,siq:20%7D&br=c
Requested by: Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:4e56:4440:4fc2:d335 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:47 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 77EE 43 B
216 B 551ms
179ms Image
image/gif 2600:1f13:800:7780:4e56:4440:4fc2:d335
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1512463&asId=2db3e06e-c8c7-5825-14f0-37ec76d4e0e2&tv=%7Bc:hAqWj0,pingTime:-6,time:52,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:52,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJehphA+11%7C12%7C13%7C14%7C15111%7C15112%7C1512%7C16%7C171%7C172%7C18*.1512463-71854823%7C181%7C182%7C1831%7C184,idMap:18*,rmeas:1,rend:0,renddet:na,siq:20%7D&tpiLookup=ao:finanzaspy.com*&br=c
Requested by: Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:4e56:4440:4fc2:d335 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:47 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 77EE 43 B
217 B 544ms
178ms Image
image/gif 2600:1f13:800:7780:4e56:4440:4fc2:d335
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1512463&asId=2db3e06e-c8c7-5825-14f0-37ec76d4e0e2&tv=%7Bc:hAqWj8,pingTime:-2,time:60,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:415,beZ:416,mfA:418,cmA:420,inA:420,inZ:424,prA:424,prZ:430,si:435,poA:436,bl:458,poZ:458,cmZ:458,mfZ:458,loA:467,loZ:470,ltA:475,ltZ:475%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:60,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B54~0%5D,as:%5B54~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJehphA+11%7C12%7C13%7C14%7C15111%7C15112%7C1512%7C16%7C171%7C172%7C18*.1512463-71854823%7C181%7C182%7C1831%7C184,idMap:18*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:20,sinceFw:38,readyFired:true%7D&br=c
Requested by: Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:4e56:4440:4fc2:d335 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:47 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 77EE 0
0 47ms
46ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstmM2RdxkpMT6qkdZ6VJUTeHZhuMTgTjDDRMvF91UEeeKBM07ZqrMukgegQvfbTun92HiDwDDcDo2Fy9ZR1q8p8jEUGusicxaYculfBa09R_e6B3iZb_pNVkRu0is71MaKTUT6aGLO6gDaF2ltoXphPy_ig5y9yeHeDuYi8pZU2qDLSajd9eyNbkOVtMt8OBjGj1yGYeTKCaJFs_5IsjwltBjy8A_QlCZ3tX2nRre__VDoESph4_y8NTSK695_a4Tq-_t0mDWN4mLucM9YkC9_oqAuqabLLhDrPOsrKH7nxKoKGiWR9yTclteIZNmLNrmNbV_RisfoaDy6VRUDJ7w7iJiN22L3L3cuhV94FnD0ecy1tdQY-DaLEI-FB1_nZLCCemkJg1YGyExMsb5Bu0b6m9pcphK-6sU2nHak5iREj6lZAcJxP28O9tugpVlphk-1ggL1fCm3bbTkPCX8LUTfAGYQHeVtaC-VAKdjaX5KYszrlmnMgiFUZPHV8gxeTvYfPmXmlbP8FUhPJ4FSlxOrUYAea9w3oc4o86TM6FlDCLC6c9gq3D5JY5CmgDRZsiNO2iCXJ8-_8dHeJ-4h6QXVQ6kDmSULFypw2PErgxcaiB-p3n7eFuC-XvCzCTyKGH2dcYBvdCevAn-NJJSqL6ZH_hUJom8Dx7mDSg_VFlfAz66hXyHQkF50MeKr1Xh1SD-f1xDSJqsUP4vF8HwliG8emPegNLYLEC6ph_mX5WfHDs6KTs3xyHxx1hBIep98dGXz0_ZISwl7mft3t_P-G498PsqbysnECzhdSPriEy8_oBQ7M7GdlofgX-sQ1ALuqv2wu8Yx2_ptEX4oURKh7fKBNPQAgZHDMQuaMGspG3hPUn19l0e3QlW4Hv84hck3pQ5UI6MgSqfV-XFKERTc4tJjCzQK0RE2ySD92E8E7bfVFijD104dkbS3Zf0Y50nxl8MQqAv3-OjHeJhgZnbYeqkYMJ25ECzLRAF3HSV3MpsgGawxFf8K3fY6iE98jsi11NJjgPA4G3CSS3EKRzeb1UHY-KMisreatDnjeORcXByAevssLcfBpgaXmd6atdH_BjxxXAEknMBqjlvsYcu141bTJPjf5lz38rzXXH7gHqMgo5g0StH4wzCo6iCUc8LQ9a9uFDA1AXf421iXnALR4WH110H_a4OTJeSluxGWznfX2hREX3qP72mjV0vtmYFdEPvL4lpUFykFR-nXTXVhNC8kPJTiagM3G6z8neSVfCT86wDLvNcDTCGEyyr9-TTOMmO4IfzL0uyc-VlR40kI0F9fH8hMJsuyR8xRx&sai=AMfl-YT0BWI-7fmfaCvLyyux3jN-ILxhpCrpSGDtbbxATs1j7T5_P19oW0E24SK9ExrNH2vsosIXJ0jj4ccGhS7-N_5L7TduE-Xk_vNMEEA2ioWnbWxBzMVGKWifucZBG_M0qGu9twhKvw8HPCQReR0CxPw3UU6QY4ecvf-rtsLcvLoDNM8yewZY8H92-e-ogWo8cslGIBY8vErbriYn3lDQSiwwhiP3r7zhP65ES_QhCRcUfzi90YiWiKSjou0e3EX2POhTf2LAP9woDQ2dnSjwB7rPn1-WPI0&sig=Cg0ArKJSzLJgg51fkGx5EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=294&vt=11&dtpt=220&dett=3&cstd=70&cisv=r20230628.47692&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 06 Jul 2023 11:43:46 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 66BB 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeU6A8qimZKXSI6Gf9u8P8bSPqA4AAAAAOAHgBAI&bg=!nZ6lnsrNAAb90kgr3dI7ADkAdvg8Wq2Nmuu_3jBn6x2iyOtM0482Soa1lWPu4oELG62feeoBK5fo5k4JSqDCGUTfgenMUaRxSjoCAAAAqlIAAAAIaAEHmQL62i0L5tc4Kd5axJrX4Rl3o932J2LpparNtNQqe4Cq-x2kodvxByX9GZ_ygiT0cZOk6EHMH9yTIYu9Gxk7WSQGswxrg9DvsS-ueP16MTikaJ9tGPFc5HouILa2AlOFewm5VZtbrKYttlZbwMjaMO676l-rn8Bx1C8pigxlbWWNNx27i9-FJZrwGnC1ZVkz8Ke_4rBkqDxs8lS0GmlTuuO3WCi3ZXBzmNJzELPjdA_Uq4V076cync8UcdZ_iU1iREUQ_rP1xbW9839nog_bZR2NY1oeHWSQQ8vmKLJxu63ymSRfDs9TGeHc1C1936RmJkJOP2ZF_jI2_X7EysZ53g3T9-oNwsrtd3cqQIOW0NJb70CSax0OOH2hmsF9yF1UKosb7N_hYFBZt0qihYl9_qH9W1uql6eQaO3kYSydqr_CS-fPaY1AbUOdLurSohks5Cv058dymaMb6QokqWqpFxdkwOMrH969ep37KzAORmbvQu-LJLhi4NnKYmGtRXQjeOJA53ayIVocg737SZPMzSZV8djTi8Ym4MtL3svnYc5iX82TNDqkNDEuW5-NmC4RHgdIPNNFeUM-qosItXwi2aLf1Em5SJ3tvEOkd78TZgN_k3lVfr7_T5MpZIp-vDlJqkE_Av-rqCrqfDNoUxxSCH25-zYr2zE-BED9CSdKAG14vEkE7hvB_MkD8Ez0jvwDCPAwYIu4TE_U0SwuH2AzDs8YDQKmaFXLu1rgeiGec6sM6jl87k2rut33UZ-uFFjSy4dtSqYmEcQT4Ef0ll7NDesnbTcUnxk45sOyVmc92IH-0tDRgIAPgpqssUhy92ot_NGD_YweIFbH3h6AAhO47Tyn14Dv0hEuaPvBpciEiTx6JFErhNusBQDx0cWChVr63Zr3o1U7A7d4VLrxKutdGHqG_wwxuNgi1hM8Zvud7yXbP4JM9X82noWp6LTYm294cQhp85YsXvWP1BMFAxm9B3wHAnaDAqFgPwiCVWfXIB5fDzyXb3M7_N8LccJX

Requested by

Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 754641726314761 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 132ms
132ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/754641726314761?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4199590c6be3bad05bcff6a38af17d13caa23d300bbb2110619a29255b78b0a1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: MXtHgPGYh440E1uHA1lM+SCkLWQG1GAj4YJotA2bveDOLpZ7Sz43Hb/c9OnErbT4T1+d2CNPxLEkmLKXUwPuNg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 77EE 0
26 B 61ms
46ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstCoxpEUsAi1fCMkMUuM_YDgtchD_XMoXJ9EYiz79HhpEt7_feCmTVTZhkJ7w_ze16SAroreN4fUV09hQzgxM4zfrZSNpG29Ym8OSo8t_AxvFyssawtikGpe8Jlt1HLGfplUCrh_TUrU3PenwlEjPc0T0fNTM4d-MsjPfUmfsw13qkVex5XLfuXLzKFAaPh7BjFsZlX7oN66KboUxtvYnA&sai=AMfl-YREsPQ39qwiR2ax-XE4fQOqkokD5lmCN0d598guZJFxwvFafG-QPCZEbaybPtToLicNC238rU5zhAxD0Rq4k34q1uA4_Fgmbla6t6jbnIElwCeASneM9DmDlb_gvQu_LXIQucc7QuA-x3ly7unOXhm_jg&sig=Cg0ArKJSzK2PKs2lsIpHEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 passback_300x250.js Show response
static.adsafeprotected.com/ Frame 93AC 3 KB
2 KB 6ms
6ms Script
application/javascript 2600:9000:223f:a000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_300x250.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: vr1Fa3eAVtG7AGe6kPa1Y0WAZAHvQkII
content-encoding: gzip
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
date: Wed, 05 Jul 2023 13:39:44 GMT
x-amz-cf-pop: FRA56-P5
age: 79443
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:42 GMT
server: AmazonS3
etag: W/"44f0ac540dc9c11f94344414c879b658"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: Ft8TC-GgQsFTD4WOjrvK2MGt3qipM6fo_--gz6vTrkZRhFqQqMeW5A==

GET
H2 200 IAS_PassbackAds_300x250.png
static.adsafeprotected.com/ Frame 93AC 14 KB
14 KB 7ms
6ms Image
image/png 2600:9000:223f:a000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_300x250.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 5gVOAFoF.BCvnrybv6D.a4lGJXzJNSyO
date: Tue, 04 Jul 2023 17:03:12 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 436752
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 14233
last-modified: Fri, 18 Feb 2022 23:28:59 GMT
server: AmazonS3
etag: "65a8b98b798ce416d94c2847aca40c71"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: 9x5NL6Q2TGI79NskA3LIv77dgh8WmHUpfGRWhq26ObXR6R0HnthNdA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 77EE 43 B
216 B 454ms
179ms Image
image/gif 2600:1f13:800:7780:4e56:4440:4fc2:d335
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1512463&asId=2db3e06e-c8c7-5825-14f0-37ec76d4e0e2&tv=%7Bc:hAqWkB,time:151,type:e,im:%7BpWait:7,pci:%7Btdr:81%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:151,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B145~0%5D,as:%5B145~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJehphA+11%7C12%7C13%7C14%7C15111%7C15112%7C1512%7C16%7C171%7C172%7C18*.1512463-71854823%7C181%7C182%7C1831%7C184,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:20,sis:114%7D&br=c
Requested by: Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:4e56:4440:4fc2:d335 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:47 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 625768818909499 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 130ms
130ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/625768818909499?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

842366650a8484aceebed279c4bfacc1f4a53c4ae848ba7710fd3c54f0c17b17

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: l/0ub7B/5DZu03Ibrhlfp8MX8MB4YUmTduLvXRofzSpeoi2GAnCRQpPiQ4jFXQrQEtgS9imioEsSctjV6by67Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 77EE 43 B
216 B 200ms
180ms Image
image/gif 2600:1f13:800:7780:4e56:4440:4fc2:d335
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1512463&asId=2db3e06e-c8c7-5825-14f0-37ec76d4e0e2&tv=%7Bc:hAqWoG,pingTime:-10,time:404,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1688643827249%7C%7C498d43168149d41fbf75f385100272fa%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7Cb4b76b61b45c3ad044896ba8fb30b954%7C%7C0defd29e89041ef0925a62386effc099%7C%7C0f584c975b836b80ade6fdd6a5e94d68%7C%7Cc8e94b537b3f30439ddc2ec21e240602%7C%7C9e94ee7b8ece9e09e2d0616a0f0dc6cd%7C%7C1663701684%7D
Requested by: Host: b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
URL: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:4e56:4440:4fc2:d335 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:47 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 113161785062262 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 128ms
128ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/113161785062262?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4b938f41310e076a274aa93b1a274d92cfd3f81d3ee2b3913e3ae7ca45641203

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: NNCe0LPjkpVHa2AF51xm8yMQRGPAaljjdBpSnFObKaBpNjkRXNRw1GkjiTQqX9EbbpemP0Z88z5/bItharF/Vg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4681 42 B
175 B 48ms
48ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMGLn5tMfhD1Y_kDFXm07cs8LUPgs8HFFI1QFYgut_GPGPUBsK-fItJ7s5bWxA_mj0dv2Cj6aAq0mAuvosOYNi5PmMFXb7fEGlDpJnlSgvDv-hj8cjzH4SDQHD8xa1ReUbRWcjhrXqtCEf&sai=AMfl-YTEabFtlkxr8l5IL9Ip46zMkfrXjTD5sHDpFs6hmLjjxX9B5sWEuMCkyt_wFjUwJdC3vhShVf1qMV3uKVudDNFQuom9MeYMjFw&sig=Cg0ArKJSzOgpt9M_DuCtEAE&cid=CAQSKQBygQiDzy6M_QoZseK_HLkK1HKCfT-Gtm1AopggpT9ACaxZ68K-lDTJGAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=192,835,1000,1000,1000&tos=192,643,165,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688643825783&rpt=483&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 721321139688191 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 139ms
138ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/721321139688191?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

68f6a5b9778dd186104495cdb8a4973f5ed1f47887d1479f8d587ac0547ba9db

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: G/aLuhIUZxvNJwt7qeJ6xb9bW+WRZzvPBG3ZXQlG6rnSZd626dtpVHRTCcrZWDWQgfDTseyz+gpKo0YdWZcx1Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 30ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1331296934088577&ev=PageView&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827417&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 39ms
16ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=945416829912562&ev=PageView&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827418&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 39ms
17ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=981122423314429&ev=PageView&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827418&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 40ms
18ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=636091274641533&ev=PageView&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827419&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 40ms
18ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=603827755051214&ev=PageView&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827420&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 40ms
18ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790534505586497&ev=PageView&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827420&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 17ms
13ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=185299934360235&ev=PageView&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827421&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 17ms
14ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=155336737200353&ev=PageView&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827421&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 18ms
15ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=761765835504492&ev=PageView&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827422&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 18ms
15ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1924582474564165&ev=PageView&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827422&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 19ms
16ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=9038410082867569&ev=PageView&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827423&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688643824497.4482921852&cs_est=true&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 19ms
16ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1525308264668141&ev=PageView&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827424&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 20ms
16ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=754641726314761&ev=PageView&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827424&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 20ms
17ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=625768818909499&ev=PageView&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827425&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 21ms
17ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=113161785062262&ev=PageView&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827425&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 22ms
19ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1331296934088577&ev=ViewContent&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827426&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 23ms
20ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=945416829912562&ev=ViewContent&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827426&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 23ms
20ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=981122423314429&ev=ViewContent&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827427&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 25ms
22ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=636091274641533&ev=ViewContent&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827427&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 24ms
21ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=603827755051214&ev=ViewContent&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827428&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 26ms
23ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790534505586497&ev=ViewContent&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827428&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 112ms
109ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=185299934360235&ev=ViewContent&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827429&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 25ms
21ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=155336737200353&ev=ViewContent&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827429&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 111ms
108ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=761765835504492&ev=ViewContent&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827430&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 28ms
25ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1924582474564165&ev=ViewContent&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827430&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 28ms
25ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=9038410082867569&ev=ViewContent&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827431&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 26ms
23ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1525308264668141&ev=ViewContent&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827431&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 200ms
197ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=754641726314761&ev=ViewContent&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827431&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 27ms
24ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=625768818909499&ev=ViewContent&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827432&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 27ms
24ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=113161785062262&ev=ViewContent&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827432&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 77EE 43 B
216 B 179ms
178ms Image
image/gif 2600:1f13:800:7780:4e56:4440:4fc2:d335
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1512463&asId=2db3e06e-c8c7-5825-14f0-37ec76d4e0e2&tv=%7Bc:hAqWsM,time:658,type:e,im:%7BpLoad:609%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:658,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B653~0%5D,as:%5B653~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:558,fm:tJehphA+11%7C12%7C13%7C14%7C15111%7C15112%7C1512%7C16%7C171%7C172%7C18*.1512463-71854823%7C181%7C182%7C1831%7C184,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:20,sis:114%7D&br=c
Requested by: Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:4e56:4440:4fc2:d335 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:47 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 7ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=721321139688191&ev=PageView&dl=https%3A%2F%2Ffinanzaspy.com%2Fe-caixa-tem-app-melhor%2F%3Futm_source%3Dactive%26utm_medium%3Demail%26utm_campaign%3D3_active_email_5362&rl=&if=false&ts=1688643827595&cd[page_title]=e-caixa-tem-app-melhor&cd[post_type]=page&cd[post_id]=2392&cd[plugin]=PixelYourSite&cd[user_role]=guest&cd[event_url]=finanzaspy.com%2Fe-caixa-tem-app-melhor%2F&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688643824497.4482921852&it=1688643824391&coo=false&eid=LuDZFxonkXjOZTOv9TeN8X7fakJElKEBbDHM&rqm=GET

Requested by

Host: finanzaspy.com
URL: https://finanzaspy.com/e-caixa-tem-app-melhor/?utm_source=active&utm_medium=email&utm_campaign=3_active_email_5362

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:43:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.3.1/ 20 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-app.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aade4473b4c7427f41a5b3aeacddf7a2e3532f2b7fece88a77644ec0e27d81a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 05:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6586
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:48 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 05:06:23 GMT

GET
H2 200 firebase-analytics.js Show response
www.gstatic.com/firebasejs/8.3.1/ 35 KB
11 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-analytics.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5bda00a5ec63e26748b9f40cf1356b3823db279199d74813874255c748657d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 01:51:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 467562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10746
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 30 Jun 2024 01:51:05 GMT

GET
H2 200 firebase-auth.js Show response
www.gstatic.com/firebasejs/8.3.1/ 173 KB
56 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-auth.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0460dfa53507eb6b050b3035d367ab5ddd0d2c7ccb31fe7a68fc6ac1cfbb2c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 23:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56866
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:55 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 23:36:02 GMT

GET
H2 200 firebase-firestore.js Show response
www.gstatic.com/firebasejs/8.3.1/ 320 KB
89 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-firestore.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d73b123cd2ef3afda65cb6e76579341b1bb1f27faddb0dfc54875e7a05b0114b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 18:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 407231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90517
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:48 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 30 Jun 2024 18:36:36 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.3.1/ 40 KB
11 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-messaging.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5243470d2be31f9aaf768f030f06b894aad081801460b75f6b396aca06fd8dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:12:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10884
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:56 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 30 Jun 2024 15:12:44 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 57ms
57ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306280101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd9d1271aaeb3758a3871b4a8995827d672bf27eb8c9bab5bd0931e05936c481

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11848
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 77EE 42 B
64 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsserz2KFBJfdNRsrs-LCCqTk_lj6HLQEA5kajexrR1aUWtB9Gwbj5p9_Z4h1Ztw6CEtah9ovyeUM9Nvu09vFzTYx0M5KutKnUV6WrPsOWYjCD--3fDmE-FJe2BNPP17Lh6PqQKCZer4Ql8W&sai=AMfl-YS0InW5zWQOXbFR6wMGDyW5A_er5WhA9V0tsS3w7YaBCPiIEAs6XMFaIk-9Qi-qgVYnmCSBsH-llapc6pGZDQxX71P-1SyBsgPrGip9sHi7sQf8td5QnBMkD-N5&sig=Cg0ArKJSzGv4xPDdXTb_EAE&cid=CAQSPABygQiDM9Rv0EVvdbJXB3Wg4gh_rWcqgTssx9IR01eclIrQXBfY0SNfXWsvVHq38f9-UHVKngX_MKpKaBgB&id=lidar2&mcvt=1000&p=1057,240,1307,540&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=0.57&if=1&vu=1&app=0&itpl=20&adk=1925420202&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688643826431&rpt=244&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 11:43:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 316C 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:32:12 GMT
expires: Fri, 05 Jul 2024 11:32:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 659D 783 B
535 B 17ms
16ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aab1365ad6a90d951b0fdb5241dfd4db0e19d68fa7728005888592f275e827f1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-p-LzvhUrD4qYlIeGq4ZOhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-p-LzvhUrD4qYlIeGq4ZOhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:47 GMT
expires: Thu, 06 Jul 2023 11:43:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 316C 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 09:46:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jul 2024 09:46:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 659D 0
0 41ms
40ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306280101&jk=3537348392657576&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 316C 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?egkVoQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame A920 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://finanzaspy.com
Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://finanzaspy.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:47 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 3DD8 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://finanzaspy.com
Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://finanzaspy.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:47 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 7C90 0
15 B 8ms
8ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://finanzaspy.com
Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://finanzaspy.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:47 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 9F00 0
15 B 8ms
8ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://finanzaspy.com
Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://finanzaspy.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:47 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 0DD9 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://finanzaspy.com
Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://finanzaspy.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:47 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 46BD 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://finanzaspy.com
Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://finanzaspy.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:47 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 588C 0
15 B 8ms
6ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://finanzaspy.com
Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://finanzaspy.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:47 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame EFE1 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://finanzaspy.com
Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://finanzaspy.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:47 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame AB84 0
15 B 8ms
6ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://finanzaspy.com
Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://finanzaspy.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:47 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 7EC3 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://finanzaspy.com
Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://finanzaspy.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:47 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8FED 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://finanzaspy.com
Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://finanzaspy.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:47 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 5A54 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://finanzaspy.com
Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://finanzaspy.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:47 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame C083 0
15 B 8ms
8ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://finanzaspy.com
Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://finanzaspy.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:47 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 9B36 0
15 B 9ms
6ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://finanzaspy.com
Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://finanzaspy.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:47 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame C1BB 0
15 B 9ms
7ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://finanzaspy.com
Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://finanzaspy.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:47 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 004A 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://finanzaspy.com
Referer: https://finanzaspy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://finanzaspy.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:43:48 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306280101&jk=3537348392657576&bg=!sbKlsubNAAb90kgr3dI7ADkAdvg8WoJFsOzqnkM3-UnJOBgaFd8723Zlg2EIedvdqcoM3WbiqAu7p5AZq1x4Vk84We_uPEvbXysCAAAAPlIAAAAGaAEHCgA3WQsxrZELQ4wQfyngm4ZRt-MOURgsTkevHAixlsAz0C_F4S7JX9ddL6f5VhES06Yclc_3nqpk7JkCsReV0lX8l5goCHFRub1J1VmoN9yTpuhIX7gfIj32s01W1R8cekgoBfDaO9obx0VRHaJSRD1-HSpkZgIMIJ4NYs8a796L8VIqwjj0iPR9b_rPVoReqbreIJp0e74M-SWhkOBT-ocN_00jF5a6Q933AWotZGwJ17XefQwruZeua7oxDgDTDxk0aFxeBn4KfO2qs_ka-MVa6ovB0-NMg9xS0tdjJApT0YH1F1l9EgNEpkXt9KQn5m67ZqyuwBXaUJHwtLTfAfdoDlYVZFG-_V-C84pN1Otdm-l6L6EPGNmKBtP6uUfXtFeQyHFK-251t77sPStlL2Comk0exxA56-uwr8MLuO7yHuQ-259LSRqQnFXNhff1Ydz4UJ3jtLpJZxblaRR2FNS7Fp027bBhXEf2bCE6uAuJ5t5k9MEA1ToSvf10_RkX0WcFXPA0QXo3xOjFp5h_psL3WB0RnjBx_ylBl3N5-TeMFZw6CTbwt7d-eody33ceuy2NGUl4hamOitYiJjoDmSK5s944opk8VvfXXvmtTkboc3evQb1QVKUHafSrWN_OSbNCgtBLyWDrRzgWlxGIR29SqPQqE9PRsXn4gF2u59yqMdsc5GizD1RH0g0TgeQgMJv5DOfxEjaIhF2CC65VGyqiC5KJkwBvMczzqeom68xVGO6SNMJepD1QnFcV8EJZkJX2nJM_ITmb_5FBzcVC2uAVVVHLmjVxTMRVE-XxfiDv0Y-qLp87uvsLmHlBVrvRynOdgMXnYdFLCRoL15vW1G7sB76oqTzXWnJKX-GeCoynvYTfDtP65jromddX6GDmrYpajrCn2Hri_oIA8ONG9Lz52GMHZ2Eka2dfjv5qdKT_6vite7oB6gS7f0OoPQtcfKVniOkosMl8PPA9wPYcuOnOiiuv9XurHDDwE-DW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 77EE 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=18891927276&version=m202301230201&ct=76&x=1&cor=7986416437829660000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:43:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 script-push.js Show response
script.joinads.me/ 1 KB
1 KB 697ms
694ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.joinads.me/script-push.js
Requested by: Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7eff2c182533ade698b32899eb0da7aa7f6c49b3058928c249991c91f719cb58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzaspy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:43:50 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 01 Apr 2021 12:59:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6065c3b9-5bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZk38p26pt%2F%2FF6iWpcdCMVUpfqa7iFXMKhxp5hDg3bFeEPG5qS8f8so35iDo8cvXpkEz9HvbaBOFi25ahby9fj0Iy9LxOJmmsLCmsfwihTazVa7JH6A0RFhSUaNiTHM8%2BP9vfySBFiD1UUrztQeayA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7e27979f7fd72be0-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 11:43:50 GMT

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.finanzaspy.com/	1970-01-20 15:13:39	Name: _gcl_au Value: 1.1.571045654.1688643824
.finanzaspy.com/	1970-01-20 22:40:03	Name: _ga_K8SJGQ54N2 Value: GS1.1.1688643824.1.0.1688643824.0.0.0
.doubleclick.net/	1970-01-20 22:25:39	Name: IDE Value: AHWqTUmaYyMNFb9d71dUb6C2czAnHtcgkyCfphzlGDtfBIvC6m_ihGZYYxh70nk2
finanzaspy.com/	1970-01-20 13:14:08	Name: _fbp Value: fb.1.1688643824497.4482921852
.criteo.com/	1970-01-20 22:25:39	Name: uid Value: 71eabf53-ac2b-41ca-9995-b7bff8dd153f
.finanzaspy.com/	1970-01-20 13:05:30	Name: _gid Value: GA1.2.328157756.1688643825
.finanzaspy.com/	1970-01-20 13:04:03	Name: _gat_gtag_UA_201994943_7 Value: 1
.finanzaspy.com/	1970-01-20 22:40:03	Name: _ga_3YZ7QXRM3P Value: GS1.1.1688643824.1.0.1688643824.0.0.0
.finanzaspy.com/	1970-01-20 22:40:03	Name: _ga Value: GA1.1.380639831.1688643824
.openx.net/	1970-01-20 21:49:39	Name: i Value: f5021fc3-ef57-4eaa-90d6-2279a9e6c749\|1688643824
.finanzaspy.com/	1970-01-20 22:25:39	Name: cto_bundle Value: xpN1Jl9hUDN1eWExc29hcUtvZmk5OWE4blhIWlJBZW1rdmk2MWFsMEVFb0FWOXNiOERUUDVzazU2MGpxakYyOEZWSk4lMkZETnBZdDNhcHBWb0hncDhmSVhQRXNieTExJTJGWGt0NU9YeTVyOGNNc1RlSndnWllCZG9zUHhrcHRCJTJGTU1nRkVpd0FjcjdhZ2MwJTJGcGMyUjQlMkJkUlQ3Z01RJTNEJTNE
.adnxs.com/	1970-01-20 15:13:39	Name: uuid2 Value: 1209381850280469308
.mathtag.com/	1970-01-20 13:47:15	Name: mt_mop Value: 4:1688643825
.yahoo.com/	1970-01-20 21:50:01	Name: A3 Value: d=AQABBPCopmQCEHC-MR8dh1xAEEE4RhuvBh8FEgEBAQH6p2SwZAAAAAAA_eMAAA&S=AQAAAmLl3VQfcCrc-9_2tTW94gU
.awin1.com/	1970-01-20 13:06:56	Name: awpv14702 Value: 412871\|1688643825\|5d1580f1-1bf2-11ee-909a-2265c0ea454e
.awin1.com/	1970-01-20 13:06:56	Name: awpv20044 Value: 412871\|1688643825\|5d172ea1-1bf2-11ee-9c19-223148ce0464
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924
.finanzaspy.com/	1970-01-20 22:25:39	Name: __gads Value: ID=9f27c19451158146:T=1688643824:RT=1688643824:S=ALNI_MYIJ3CMXFJDDweGJBwYO3xd-c9LOA
.finanzaspy.com/	1970-01-20 22:25:39	Name: __gpi Value: UID=00000c639b96a497:T=1688643824:RT=1688643824:S=ALNI_MbAlGaDb67ey8uDw5R2ecoACt81uA
.adfarm1.adition.com/	1970-01-20 15:13:39	Name: UserID1 Value: 7252670007262640270
.quantserve.com/	1970-01-20 15:13:39	Name: d Value: EAIBCQGzKYEA
.quantserve.com/	1970-01-20 22:34:18	Name: mc Value: 64a6a8f2-04fdf-c39c8-c19d6
.w55c.net/	1970-01-20 22:35:44	Name: wfivefivec Value: 6pitxpND1QhnoK5
.de17a.com/	1970-01-20 21:42:27	Name: guid Value: 1.1358872742402810281
.tribalfusion.com/	1970-01-20 15:13:39	Name: ANON_ID Value: amntuJy4ZawFBA9MAJT7a3uffQKrrvwUY9nCW9oBFgZbiZbrZctFuN8WrDq0towsxxUn2RnHmD3W9Q09Mikt9TJPDQ92
.w55c.net/	1970-01-20 13:47:15	Name: matchgoogle Value: 5
.adnxs.com/	1970-01-20 15:13:39	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilascc[%!]tbPl1M>e)ZlrFUfJ+tGXxoHLv<]Fb7JnsAf8/$S5$`*Sa=HFYZRih_c1rl3If)y3KL9D3I?+RovhaS
.casalemedia.com/	1970-01-20 21:49:39	Name: CMID Value: ZKao8p-ctnlOQB7yMOCAywAA
.casalemedia.com/	1970-01-20 15:13:39	Name: CMPS Value: 5204
.casalemedia.com/	1970-01-20 15:13:39	Name: CMPRO Value: 5204
.blismedia.com/	1970-01-20 21:49:43	Name: b Value: 64A6A8F210DDCB535BFB5584BLIS
.turn.com/	1970-01-20 17:23:15	Name: uid Value: 8177277184894865079
.finanzaspy.com/	1970-01-20 15:13:39	Name: _fbp Value: fb.1.1688643824497.4482921852

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://as.ad4m.at/ad/dr?ed=1hbzavxszxxvbxttfs4320evkt2z9nytjg2j3p5g7jq84twk3knyc7538cmwebwqwqcn8061sg4cg5md7zna0tgmb8kg4zjtrcz0wyyg284rae3hmacp22eap6s6cx044atxbm3f4r1b1605y9r7zdn2bk0yczdsm4g2c0bm1phgxxwtzxpec5fcm2wr2j0w7481tkcd25890jv9erreny681drwm3jt8czhv67sv192ajzxct5gw42qs8svpah7kj14e2a5p5g2q9svgfqvfns5bfcm48j6arkm3dyj1qs5bf217s3xyhaq321sxjmn0je9v6k8dxfv1mjw35479321fpp09e576tptgv7xetwtrgjyctqwtpfwtxqq0gn04rp858tmrar7vf3526dxnx3gm9ztj29qwmmjctw5e87r613b254c9cnr31r0xsqxzwcmvxr2em9g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwvki8KimZLeFIJK81gbgr5PIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4OTQyMDk4NzA4NTc5MDXIAQmpAkz3zoOgN7I-4AIAqAMBqgSjAk_Qe4qJbqtBCWrey87IZ9gaIXobGW8l74vb_YvK-xbgTuGi_hraHPaY8FDeeNDh5Foqr78lJTj_txom9GlH-VlXj5TAB6ou30d5y84ufu1jm3OQH8p-Xyi6jm0fHnIsjWMXThFf9ubw7fF2deOp8ugJ2Iggfo40BDe_MN99s55fEqeoyk9LCgtbv6lfJJKSEEUppP0d3gi_lbMyy2VmkjOJ5Gy9HsTb45JZ2gs--2V4WkNxhbodO6AUgG2DUXiy-OniNI95fsbmFx7JnmufOAdk2sYwWPAOz9m81imeXkTepOtDDUR4vQGzNlALkl46aJ-ECrF-lKrs-hQo8H3TK0hI1POF9c50pTY211RhrH6QK6nwpspFCN1y1TK2crXdGGad7uAEAYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Vb69ptDZRPJHDuNpI-Z8yyqgJ3g%26client%3Dca-pub-4894209870857905%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=22cefa9c92ae77da7e3e87435cd7c28e%2F3726556781543493662&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688643825094&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnkq3vgyj1g4q27qhbfaf6hfj34c6q2f2jqw3czapajdhsev4fsztbeagyrdrfk988tqmb3v2cxt9bvwgqh7gr4r3wtqw6yg7yy8x7qtpk2b37zrs99nkjjhtm1fay283t4bbca4zfws5x48ne85qfc5wse5ps39sr2xxygch64qsjrxys8j7e0gdzptgkfv298gc34b1t6n879wnw1y6p35cwczk268qga4y0qg2xrpznnp545k2w9zx968jsnpt33d0qt58xc1yk262m5ntvmf4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwvki8KimZLeFIJK81gbgr5PIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4OTQyMDk4NzA4NTc5MDXIAQmpAkz3zoOgN7I-4AIAqAMBqgSjAk_Qe4qJbqtBCWrey87IZ9gaIXobGW8l74vb_YvK-xbgTuGi_hraHPaY8FDeeNDh5Foqr78lJTj_txom9GlH-VlXj5TAB6ou30d5y84ufu1jm3OQH8p-Xyi6jm0fHnIsjWMXThFf9ubw7fF2deOp8ugJ2Iggfo40BDe_MN99s55fEqeoyk9LCgtbv6lfJJKSEEUppP0d3gi_lbMyy2VmkjOJ5Gy9HsTb45JZ2gs--2V4WkNxhbodO6AUgG2DUXiy-OniNI95fsbmFx7JnmufOAdk2sYwWPAOz9m81imeXkTepOtDDUR4vQGzNlALkl46aJ-ECrF-lKrs-hQo8H3TK0hI1POF9c50pTY211RhrH6QK6nwpspFCN1y1TK2crXdGGad7uAEAYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Vb69ptDZRPJHDuNpI-Z8yyqgJ3g%2526client%253Dca-pub-4894209870857905%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
network	error	URL: https://s0.2mdn.net/sadbundle/14668211440419877954/images/legal.png Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271801&client=ca-pub-9060780421721333&fa=1&ifi=5&uci=a!5&btvi=1&xpc=fxA2MQEaOt&p=https%3A//finanzaspy.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ad4m.at
adservice.google.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
b5c06c1a04bfaededd68f9c020760aec.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
finanzaspy.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
receitasninja.lt.acemlna.com
region1.google-analytics.com
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
script.joinads.me
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.adsafeprotected.com
static.criteo.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
ups.analytics.yahoo.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.64.118.247
104.75.89.75
13.40.20.169
13.41.28.186
142.250.181.226
142.250.184.194
142.250.186.130
15.197.193.217
162.19.138.118
178.250.7.11
178.250.7.13
18.66.147.98
185.29.132.241
185.80.39.216
185.86.139.101
185.89.210.101
185.89.211.132
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.155.156.185
2600:1f13:800:7780:4e56:4440:4fc2:d335
2600:9000:2057:1800:1b:5138:8a40:93a1
2600:9000:223f:a000:8:48e:53c0:93a1
2600:9000:2250:fe00:a:e047:753:be1
2606:4700:10::6816:3456
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700::6811:180e
2606:4700::6812:18ad
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:802::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2003
2a00:1450:4001:813::2006
2a00:1450:4001:827::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a02:2638:3::c
2a02:2638:d::2
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42::485
2a05:d018:d29:3605:c958:4a7f:3095:994e
2a06:98c1:3121::3
3.122.44.22
3.222.19.112
3.71.149.231
34.102.146.192
34.120.135.53
34.240.84.191
34.96.105.8
34.98.64.218
51.89.9.253
85.114.159.118
99.86.4.36
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
058cc154d7702c10427494703ef9d765ce280b626ff56ec35b558d5406faccf7
063c913b0fa5cc93ef434215316d4473aa2e026295f03e9cac687186252ef751
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0891c4cc4b171b71a2f2ad24149aab060acec53cada13b72c03f02c9ae4cf904
08a6b14f3a16d37496558d2ac246e0be9d0239301fb0c5bb67b84e443f6d2f34
0aade4473b4c7427f41a5b3aeacddf7a2e3532f2b7fece88a77644ec0e27d81a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e59dd6466f840e49e6b2bd3c030eae6f3f78b3e141e5e66dad181c7e3c73b3a
1144ee4f1fdb6eb024f4c7e202260749ac14116c02c3ec392a33b76d99874214
1219b7d1b547b244a6fa261b2cd5fbdea7bd55095efadb2560a400828f1b45ae
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16b8520a83989773d55c2b4a4d708f5e3c10e2e2ce5423702c0aaa84fa30e8c0
180840af133e943cda493f147848edc4238a28ecbe86461a49b68e4f535776f5
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1923762c9fdd239bcdbc215d5e3ec390e7c15ed44cb145a88d9e2a6d1803a584
19bdcc42d8493c4c89fff6e24832b553a87e170b38d2564c823efb5dd931748a
1bc483bd3424c7eac0ffbfa3dd95cd7b60fc125b50ae24e17ede52dea471c97f
1c180ab61aaca37d9820754e36a1f22a65c7c1db0763b3d04650393985ca229c
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1fa18b1ec5d3e9b4c089118323819e51e6674e4756fbcd1de4e86ef58a3dba31
20bed5a478617a324d3e618e018279c565790a2f321056fdf1e6d09e89ba41d3
20e74dbf3ee183f6fe1447dd7efef616905f78e10733e618dfd67f54c8a25ca8
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
24629d426a75ea1c7d5ca2d5cf6337e29cea83899ba3e65b8f35a29637fc12d7
2544474f9ccba4ce5f26230fea52abf96e3129f3a897daa9fd22a4d356658ad3
2637add90e2a39ddd207c014a172fa99e2281bc4010bf92de258a67194e0ed3e
2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30356530efa4f20e42a4863a7401d4e4227662838f2e6bdba2e437df8c9d9392
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32cd5d50341d4bed6b84a9a6112ad1bbc33f0f78f07c3e46df8e78c3a3b64906
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
3349c61435c2c57938f47f0b58872045c669a21502920a98b2307a4464465fa6
33d3970ff8bc037453b42c2b9de20593a8b1d8eab9ec2fcd020306fb48b2fd73
363f06249088d396fed5a0a40a8a770f01d2d01ad374975e8fa71e1d8bdfd168
36959a9ee8744a0bfca75876588188c1bd4c509a6fe8a498c1c374ee7f8dd519
37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa
3a5fa3073b94aa8259d04802566504c897fd640610ea9f36654cfacc615f325e
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3d51baad8d70a6016a099cce8e4e88421c281d68a234e1d17948cf085bc97438
407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717
4199590c6be3bad05bcff6a38af17d13caa23d300bbb2110619a29255b78b0a1
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
4442f88e2b9a921e326f0ec87b26ece4c3c7df31398ad91a349fb6d28b21498b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46baa2a6f37fa5c72a78c3f0db33d5a626985b4f9ce5fb1d5ba9bd8360c1b307
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b938f41310e076a274aa93b1a274d92cfd3f81d3ee2b3913e3ae7ca45641203
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fd17428544db19e8b2ff3951b612f09217a5ef45329586d97c510c6913ad3d2
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba
5243470d2be31f9aaf768f030f06b894aad081801460b75f6b396aca06fd8dda
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5833a23ba091e6150b5dfdbbc292453c336955e9ddfe2eb8fa8a942683015de4
58d5a45eb780fdd73d68a83e8aabc369d76251bd9e9778f559e0948a073c2842
595b53d5c9061d22b8d7932474390a22e0d60513dc510cfa65d640de08e2c0f8
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54
5ba7b24088ced5ffe836b6ccb3256a298ae314fa39370d81660f900617f3519a
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
5e6fc09a692b7e619b106aa886d76f19cfb92af7921b68f3f780b51450421277
6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
618d939f77784674bcf1f125a3650ae878e562c06a6626db9e2f88b3f62a9084
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64336e9f87d1846b9228a8ccf271c753c2d085106f05967d4af560b82868fe59
65ae76bf94c8e61546b7cf9565f3aebe238d3f70e26b73776c119862fc99320f
65de491a93d7e43d2064d6e5c31282821c1b4192d7ae1dff475c23eb0648cb2e
67e1dcbe0ff21e8ff9de35bcce5f4c69a517064154e83e0f1b8c582344d71478
68f6a5b9778dd186104495cdb8a4973f5ed1f47887d1479f8d587ac0547ba9db
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d3ef6781941112897babde32f4404dab54f8a1e216d2e705f74483f6b15449d
70758ae845a438582f3f172eb663b5ecbc5e21fb5ee5e1870d3c46cb9b31db91
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
77fb2955f4bea1a1bb885c85e8731bf239fe47d75019454a4750c7d54c99f295
7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f
7d6256c00ec47909aed0ff141dc3ade34b82dc1eaa57922edaa443409d0f768a
7eff2c182533ade698b32899eb0da7aa7f6c49b3058928c249991c91f719cb58
842366650a8484aceebed279c4bfacc1f4a53c4ae848ba7710fd3c54f0c17b17
843d014cccdff92607c56b9e6518619a50b7e2d78b255f7fa4ce22a5f2c6ecde
846d9bbc4820cb0e03ba84a0ea37f55815059db954763b55d8bc862483adcb04
84707ce073612ad493a5c23bd5b5fedc2949d22336382ed550a1f7deb86e4872
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae
881a778b66dedc572a672bd8f58974ae13ab129d3647777e192983afa273eaa0
88c6a863babcb62506b2b5e9470a77342fa1c3089109b3b7308b3a620edb3c2f
8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154
8b20da4706959ccea99f18f20389f9ba18e6f08039972782c71d68b73ff13e0a
8cfe208b19f5d55fee3d55631889bf8257b0e8dd9bf74d6f6e589922e991ab81
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f98ffcff25b63f951b4b953529363c60ff41c8f050aa79d3b91decc2c6fc4bf
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92acef203b18ea8d16f39ad1387ff524243435e7ac4d8aef0985bfba467ab76b
96709a5a10bdb0093ac9d15ba2669f29cfed584e385fb83520288c635074df9b
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
987b2e5ba1d940ccf76e74235a3339ce993b29a81c7a67599157c3a5640be710
988be2b727eb388bf5232cd03f2bcb4a2b53950480e286e022a999ad9a4eba24
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a59803efc1fcb6f62bd359a5eec2c57eeabcb331ca728fc6e9fb644cc5ef43e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a02a9b5dfde0a35493a2550fd1c1f71cb481f29ea53f4ee1a22e336d093aba29
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5d7f3a6fb8c6dfd3190f9f20d57a30e3768b19ef57930fc5c9d1b1e45f0a543
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a71bdfba456d6c08aefad89629b3cd7477aa1557f774ee465f0762f8511647a6
a767d23f46f777c0d284f2b4da7b7328c26b7780858fc55d1f621289f7df016d
aab1365ad6a90d951b0fdb5241dfd4db0e19d68fa7728005888592f275e827f1
ab43203ab1381240c7e3ed3d2df11ab5231a141265a1cff1d1ad600be194e1dd
ab80d6b71e4c1dd606a2a2543a7c5c3016a3c483f24adecf50b47b2a7b1959d6
abaad11a1d286a370dfe9b18c5a66056db439291e52a6d67cd3ce8caca4956c8
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
acaca852a0596d74e66800358e4de1329b18fbd68eebc10850598760214a35a5
adc89f4602504183c5b29d26d5cfe8bc20a40f4a661c815e9d99d4ddd7318a53
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b02f1488cd7ed5e748c3580e56482d11e8409d389263ac1b12c0496d34cb1556
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3ed4320a1f62c3c7b025cb71a29ab89c67bdcca4b9dfdeeeb95a88f6eafff38
b4fd05d23aa381aa84d3fdaa3dd74ffebd91fc2befa8bdd903d14871aae0aba3
b5bda00a5ec63e26748b9f40cf1356b3823db279199d74813874255c748657d2
b98ada9c8f7a6d9ebd16a16bc152408e90ca22c886b341f120507cc959672fcf
ba17f68d06d3e8eff6b73022cc07ba20e5d9029203f38f7835bcbbf2588f50ba
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
bdd16aa6594e3da7c2d8f9ea1e99c8f25283dbcf0eb45b155f8bc9d960432d5f
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c23a922318e559e2e157d98b61f3cec9f46d007dd96d6bbe1d2cda38506f8ebe
c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32
c7e9892e66464b9c939f81878a76b28761697e4a9b9252ce7c43fedcb95c94e6
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca113179b840010e99d9c2381ca8b865ad7b5f018d3493de6b46aaf539a53985
ca2e20678f4417838ba405511d54e5b1c057bc0a6737ae32758549f2ca1d16b2
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0460dfa53507eb6b050b3035d367ab5ddd0d2c7ccb31fe7a68fc6ac1cfbb2c2
d085ce793c6438ed3f03525e9794865b77eec6c92e77c14c2d8aa0c9d0c97c55
d1f01a3a3a5c26a544345f91cb176e8791b645473b83448490aa2158b97c0072
d48d34fb78c6bedd5032227f7c807209f45551a8649bd8f729350ca12f6ea2bb
d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f
d73b123cd2ef3afda65cb6e76579341b1bb1f27faddb0dfc54875e7a05b0114b
d9d48b70504d7b2cd6bf17b8b46f968c7041dee8b4d9c00c729fe8077a4cee60
dadccb24cb539383924eddfd48475bc99c3353e7874367da0629803d2405938c
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3094df668475dbed6848e14f37580e1c7eb03348062fc8087e4fc7233610d7b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e64d7a39b7943a79300d1387808fbeca64ea5f0876f673f62506fc520308a34c
e65916f9a5c70cdb24ccd28a538a48afb387063bb1f89a69492b7170aa5e1285
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
eaf7ad34258281cbd55c6646bdec20b2b97d91c8dd956db5fe3877bfbe441e49
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f79edb64baa11fa94dfdf305e744c7802757eb6b14aab61aaf47510872b40f03
f920c7edaf3b1f00d7b5fdbbd4823adfb3c7823954867a0b119d04270394238d
fb76b54e06d5b54e6284c8877432ff85673f8aebbde9cd69d5311d602275d072
fd9d1271aaeb3758a3871b4a8995827d672bf27eb8c9bab5bd0931e05936c481

finanzaspy.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

307 Requests

93 %HTTPS

55 %IPv6

47 Domains

69 Subdomains

57 IPs

8 Countries

5059 kBTransfer

14646 kBSize

33 Cookies

0 Outgoing links

Page URL History

Redirected requests

307 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

finanzaspy.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

307
Requests

93 %
HTTPS

55 %
IPv6

47
Domains

69
Subdomains

57
IPs

8
Countries

5059 kB
Transfer

14646 kB
Size

33
Cookies

307 HTTP transactions
6 data transactions