smiles.iclou.com.br Open in urlscan Pro
5.161.90.154 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://smailes.com.br/
Effective URL:
http://smiles.iclou.com.br/
Submission Tags: falconsandbox
Submission: On February 20 via api (February 20th 2023, 10:55:16 pm UTC) from US — Scanned from DE

Summary HTTP 176 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 25 IPs in 2 countries across 31 domains to perform 176 HTTP transactions. The main IP is 5.161.90.154, located in United States and belongs to HETZNER-CLOUD2-AS, DE. The main domain is smiles.iclou.com.br.

This is the only time smiles.iclou.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	5.161.90.154 5.161.90.154	213230 (HETZNER-C...) (HETZNER-CLOUD2-AS)
1	13.58.124.244 13.58.124.244	16509 (AMAZON-02) (AMAZON-02)
21	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3034::6815:5f5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2 8	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3 39	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:807::200e	() ()
1	2a00:1450:400... 2a00:1450:400d:80e::200e	() ()
1	2a00:1450:400... 2a00:1450:400d:803::200e	() ()
3	2a02:fa8:8806... 2a02:fa8:8806:20::2040	() ()
1 1	151.101.130.49 151.101.130.49	() ()
2 18	142.250.181.226 142.250.181.226	() ()
2 2	35.186.193.173 35.186.193.173	() ()
3 3	35.156.135.89 35.156.135.89	() ()
2 2	54.77.141.150 54.77.141.150	() ()
2 2	216.52.2.48 216.52.2.48	() ()
3 3	213.19.147.45 213.19.147.45	() ()
2 2	76.223.111.18 76.223.111.18	() ()
1 2	2606:4700::68... 2606:4700::6812:18ad	() ()
1	34.96.105.8 34.96.105.8	() ()
2 2	185.64.190.78 185.64.190.78	() ()
3 3	18.156.0.31 18.156.0.31	() ()
2 4	51.89.9.251 51.89.9.251	() ()
2 2	52.58.18.234 52.58.18.234	() ()
2 2	37.157.4.39 37.157.4.39	() ()
2 2	37.252.171.21 37.252.171.21	() ()
176	25

6 5.161.90.154 (United States) 1 redirects

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.154.90.161.5.clients.your-server.de

smailes.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
smiles.iclou.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.58.124.244 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-124-244.us-east-2.compute.amazonaws.com

contatonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::6815:5f5f (United States)

ASN13335 (CLOUDFLARENET, US)

redirecionador.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::200e (None, )

ASN- ()

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::200e (None, )

ASN- ()

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::200e (None, )

ASN- ()

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:20::2040 (None, )

ASN- ()

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (None, ) 1 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.181.226 (None, ) 2 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (None, ) 2 redirects

ASN- ()

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.156.135.89 (None, ) 3 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.141.150 (None, ) 2 redirects

ASN- ()

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (None, ) 2 redirects

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (None, ) 3 redirects

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (None, ) 2 redirects

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (None, ) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (None, )

ASN- ()

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (None, ) 2 redirects

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (None, ) 3 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.251 (None, ) 2 redirects

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.18.234 (None, ) 2 redirects

ASN- ()

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.39 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.21 (None, ) 2 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	googlesyndication.com 3 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 137	529 KB
38	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net	253 KB
25	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com	376 KB
16	google.com 2 redirects cse.google.com — Cisco Umbrella Rank: 2697 adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 424	171 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	6 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	335 KB
5	google.de adservice.google.de — Cisco Umbrella Rank: 9006	1 KB
5	iclou.com.br smiles.iclou.com.br	61 KB
4	onetag-sys.com 2 redirects onetag-sys.com	983 B
3	yahoo.com 3 redirects ups.analytics.yahoo.com	1009 B
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	dotomi.com dclk-match.dotomi.com	310 B
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 346	49 KB
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	adform.net 2 redirects c1.adform.net	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	3lift.com 2 redirects eb2.3lift.com	960 B
2	1rx.io 2 redirects sync.1rx.io	2 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	scoota.co 2 redirects r.scoota.co	1 KB
2	ctnsnet.com 2 redirects gcm.ctnsnet.com	1 KB
2	redirecionador.info redirecionador.info	3 KB
1	blismedia.com tr.blismedia.com	174 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	577 B
1	everesttech.net 1 redirects sync-tm.everesttech.net	543 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 863	603 B
1	contatonline.com contatonline.com	367 B
1	smailes.com.br 1 redirects smailes.com.br	236 B
0	travelaudience.com Failed ads.travelaudience.com Failed
176	31

	Domain	Requested by
39	tpc.googlesyndication.com	3 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
20	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net smiles.iclou.com.br
19	pagead2.googlesyndication.com	smiles.iclou.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
18	cm.g.doubleclick.net	2 redirects smiles.iclou.com.br googleads.g.doubleclick.net
11	www.gstatic.com	googleads.g.doubleclick.net
10	fonts.gstatic.com	fonts.googleapis.com
8	www.google.com	2 redirects cse.google.com smiles.iclou.com.br googleads.g.doubleclick.net tpc.googlesyndication.com
8	fonts.googleapis.com	smiles.iclou.com.br googleads.g.doubleclick.net
7	www.googletagservices.com	googleads.g.doubleclick.net
5	adservice.google.com	pagead2.googlesyndication.com
5	adservice.google.de	pagead2.googlesyndication.com
5	smiles.iclou.com.br	smiles.iclou.com.br
4	onetag-sys.com	2 redirects smiles.iclou.com.br
3	ups.analytics.yahoo.com	3 redirects
3	x.bidswitch.net	3 redirects
3	dclk-match.dotomi.com	googleads.g.doubleclick.net
3	cdn.jsdelivr.net	smiles.iclou.com.br
2	secure.adnxs.com	2 redirects
2	c1.adform.net	2 redirects
2	pm.w55c.net	2 redirects
2	image6.pubmatic.com	2 redirects
2	eb2.3lift.com	2 redirects
2	sync.1rx.io	2 redirects
2	ap.lijit.com	2 redirects
2	r.scoota.co	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	cse.google.com	smiles.iclou.com.br www.google.com
2	redirecionador.info	smiles.iclou.com.br redirecionador.info
1	tr.blismedia.com	googleads.g.doubleclick.net
1	s.tribalfusion.com	smiles.iclou.com.br
1	a.tribalfusion.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	clients1.google.com	smiles.iclou.com.br
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	contatonline.com
1	smailes.com.br	1 redirects
0	ads.travelaudience.com Failed	googleads.g.doubleclick.net
176	41

This site contains links to these domains. Also see Links.

Domain
smiles

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-02-12` - `2023-05-13`	3 months	crt.sh

This page contains 24 frames:

Primary Page: http://smiles.iclou.com.br/
Frame ID: 1EDE73EBB22F8615557B0A6CCAE72ED4
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/zrt_lookup.html
Frame ID: 43E57A28C5F336F186E5D8E94E301EEB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&adk=1812271804&adf=3025194257&lmt=1676933712&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_l%7C308x810_r&format=0x0&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&ea=0&pra=5&wgl=1&dt=1676933712194&bpp=7&bdt=204&idt=313&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7585543611985&frm=20&pv=2&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=339
Frame ID: B76B252694EDF1F1BDA0150333260FED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=3582736694&adf=865389875&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933712&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933712553&bpp=3&bdt=562&idt=-M&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=1c4pYHx1Ok&p=http%3A//smiles.iclou.com.br&dtd=8
Frame ID: 800691964A3A1B93676F5A46BF7939C4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1676933712&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933712553&bpp=1&bdt=562&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=o7AK2oubmp&p=http%3A//smiles.iclou.com.br&dtd=15
Frame ID: 1D16C2BB47CCD0DFC1FDA6E853C1BCDE
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=530165087&adf=4093038968&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933713&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933713233&bpp=1&bdt=1243&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=JarfXZJjY1&p=http%3A//smiles.iclou.com.br&dtd=16
Frame ID: DDD2C235A303E3BECA1A1FA1A9212733
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1
Frame ID: 74BF4D9B2BB0F3450166B0CD69D0BF57
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 41F53849A50A44E594C7D7B63C01BFBC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js
Frame ID: 18DE78864AE674422A3043CA5D15811E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js
Frame ID: 047B37939536F9EBDA5F72156DB7D9F0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1676933713&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933713984&bpp=2&bdt=1993&idt=-M&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=3yjm3NzuAj&p=http%3A//smiles.iclou.com.br&dtd=6
Frame ID: E0C1AB46CEF5FAFA62CC9CA2638B76D7
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1676933713&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933713984&bpp=1&bdt=1994&idt=0&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ps5lQ3e7lD&p=http%3A//smiles.iclou.com.br&dtd=10
Frame ID: 15520483DC9369CA91D9620C867934B8
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 25DFF853FDEDED5FBE8EB5883BE08D39
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js
Frame ID: E4CEB19ABE64F1EEEB7CB4D2A7BDDC4C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933714&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933714432&bpp=1&bdt=2441&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM%2CAD37Y7unrdo7xiC5FwijIgSbeO1rLei18uorHkuUV6pyWy7yCi1XEkefis9UKgIKaVAIMDK0IFAYYtmHUNIOtZY%2CAD37Y7tsbAarmlj7y41BGVyjONb9RITV7_tXlmDbDN11-0UMunY57UFvN-rfkYROPm71BtPypm-5ZROzjd5bcf4B4w&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=XOnoLGHMYM&p=http%3A//smiles.iclou.com.br&dtd=5
Frame ID: E6AA999F51D9BFA88AC5216E42DA747C
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js
Frame ID: 7AF2D776C112C626B52E5B47FD0A9B4B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6171CECAAA0FF3F001CE59C4CFC094B8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js
Frame ID: 36510B5C40D2670A521EF09B4286D1C7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 03369A8F6C96C00563AD632A870F4CE2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js
Frame ID: 9FB79CA9547B104E70B07518ADA71106
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2A3D09E82CF16DF0F415F823D4545BD9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js
Frame ID: 93E5EF74B8426CCC5103F90BF9F2E9B6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B85BE22BAFD54480656BCC2305B20D10
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D19B1ED1D43748B7B9893361B9F94E46
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SMILESpesquisar

Page URL History Show full URLs

http://smailes.com.br/ HTTP 302
http://contatonline.com/?q0zuHW4 Page URL
http://smiles.iclou.com.br/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

176
Requests

79 %
HTTPS

53 %
IPv6

31
Domains

41
Subdomains

25
IPs

2
Countries

1787 kB
Transfer

4689 kB
Size

16
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://smiles/
Title: Início

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://smailes.com.br/ HTTP 302
http://contatonline.com/?q0zuHW4 Page URL
http://smiles.iclou.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://smailes.com.br/ HTTP 302
http://contatonline.com/?q0zuHW4

Request Chain 62

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 81

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 108

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 118

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBqUIyrkaPKWY3It-Xjj-lc&google_cver=1&google_push=Aa02lx-G8IjCPZiUlBh2piFeEaHxnaJL4iDPx25bt5HLdGdh-09NqW4pfu-pr8WecQRNZ8ar6VaE3yQexZa-Xgx7MZeLHcFCMLW5sNY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBqUIyrkaPKWY3It-Xjj-lc&google_push=Aa02lx-G8IjCPZiUlBh2piFeEaHxnaJL4iDPx25bt5HLdGdh-09NqW4pfu-pr8WecQRNZ8ar6VaE3yQexZa-Xgx7MZeLHcFCMLW5sNY

Request Chain 119

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKzXvzvzETmHlK7KxLqJzHU&google_cver=1&google_push=Aa02lx-insa8d-rC48AbscEp0o8gymtIjvIRX9V8MLs0EvmTBlH2SOYkWZrFJc5MoklDuBTdtziVitP_D5a7FooygqJiLL9tbdf2ucOM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-insa8d-rC48AbscEp0o8gymtIjvIRX9V8MLs0EvmTBlH2SOYkWZrFJc5MoklDuBTdtziVitP_D5a7FooygqJiLL9tbdf2ucOM&google_hm=LUvX-6UgSKyob3eklScA96M

Request Chain 120

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEVYwwp3l3YF9F485GCSF_M&google_cver=1&google_push=Aa02lx_abhB4XlJwNVVMnVgvXtAGdLPCqXkZJFscPjim4OGz5tuUpt2l2jksMrcaLlz_AUDZSrVQ5-4DLHbjleddXsmNxGvPgLwSihMr HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEVYwwp3l3YF9F485GCSF_M&google_cver=1&google_push=Aa02lx_abhB4XlJwNVVMnVgvXtAGdLPCqXkZJFscPjim4OGz5tuUpt2l2jksMrcaLlz_AUDZSrVQ5-4DLHbjleddXsmNxGvPgLwSihMr HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=fec4484a-415e-4018-b7dc-69c67383527c&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_abhB4XlJwNVVMnVgvXtAGdLPCqXkZJFscPjim4OGz5tuUpt2l2jksMrcaLlz_AUDZSrVQ5-4DLHbjleddXsmNxGvPgLwSihMr&google_hm=J6GPFQbBTVivEtjeBDpiBg==

Request Chain 121

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIhQLbPSqBfhkT4uxQXZsV8&google_cver=1&google_push=Aa02lx-iX9eaPChS7RHZmJ3J1Vt-W0XkbedYEUcyGnCWmph3t286aW37Jv2lMlBxUM2U_DXKihDO7q0q3OWOQJdguFVa1fkXqdb63SDt HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIhQLbPSqBfhkT4uxQXZsV8&google_cver=1&google_push=Aa02lx-iX9eaPChS7RHZmJ3J1Vt-W0XkbedYEUcyGnCWmph3t286aW37Jv2lMlBxUM2U_DXKihDO7q0q3OWOQJdguFVa1fkXqdb63SDt&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-iX9eaPChS7RHZmJ3J1Vt-W0XkbedYEUcyGnCWmph3t286aW37Jv2lMlBxUM2U_DXKihDO7q0q3OWOQJdguFVa1fkXqdb63SDt&google_hm=GMMftGZHiGSb5dsET_OdfDYo

Request Chain 122

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEIOfz-iSlt6ESqEqNoi4Tiw&google_cver=1&google_push=Aa02lx8DaKXr0rXm_sam-Izxqx8ZEwaveVkOO3ffUpxMBfs494XxM8mgJyVfvE6gsCJjfi4piGcsxMiMZUebXMd4Rn10dwJ6Aa3tvgg HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx8DaKXr0rXm_sam-Izxqx8ZEwaveVkOO3ffUpxMBfs494XxM8mgJyVfvE6gsCJjfi4piGcsxMiMZUebXMd4Rn10dwJ6Aa3tvgg&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1676933715171 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-0ac859da-5c29-4070-9f28-918420179ed8-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx8DaKXr0rXm_sam-Izxqx8ZEwaveVkOO3ffUpxMBfs494XxM8mgJyVfvE6gsCJjfi4piGcsxMiMZUebXMd4Rn10dwJ6Aa3tvgg%26google_hm%3DAwrIWdpcKUBwnyiRhCAXntg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8DaKXr0rXm_sam-Izxqx8ZEwaveVkOO3ffUpxMBfs494XxM8mgJyVfvE6gsCJjfi4piGcsxMiMZUebXMd4Rn10dwJ6Aa3tvgg&google_hm=AwrIWdpcKUBwnyiRhCAXntg

Request Chain 123

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEMVdDADVtZdP73P2k2PhAk&google_cver=1&google_push=Aa02lx-hziJrCM8wSF2qosqmefZ-MFEd6wxjPxT11aSjHsg3XOpbfDNPkDhUnhOBrBs4wMPmmwyA2iY2vbLm3hwTvY_8y277tJyGiqPl HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx-hziJrCM8wSF2qosqmefZ-MFEd6wxjPxT11aSjHsg3XOpbfDNPkDhUnhOBrBs4wMPmmwyA2iY2vbLm3hwTvY_8y277tJyGiqPl&google_gid=CAESEEMVdDADVtZdP73P2k2PhAk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA1NjI2NjMxMDY1NDEyNDY1Nzk4Mg%3D%3D&google_push=Aa02lx-hziJrCM8wSF2qosqmefZ-MFEd6wxjPxT11aSjHsg3XOpbfDNPkDhUnhOBrBs4wMPmmwyA2iY2vbLm3hwTvY_8y277tJyGiqPl

Request Chain 130

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 141

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBDLwqXlp6Fut8qbCxjN5S8&google_cver=1&google_push=Aa02lx9WPWvZBYLnK8NC2Og-aAFtEcbVtYMnfQaTNARZ2gM8ROvRIHPDV9IGkb7VDs-bNSC0CdDwMMZsMuyMpd9nWnAmWR703GmCkg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9WPWvZBYLnK8NC2Og-aAFtEcbVtYMnfQaTNARZ2gM8ROvRIHPDV9IGkb7VDs-bNSC0CdDwMMZsMuyMpd9nWnAmWR703GmCkg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBDLwqXlp6Fut8qbCxjN5S8&google_cver=1&google_push=Aa02lx9WPWvZBYLnK8NC2Og-aAFtEcbVtYMnfQaTNARZ2gM8ROvRIHPDV9IGkb7VDs-bNSC0CdDwMMZsMuyMpd9nWnAmWR703GmCkg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9WPWvZBYLnK8NC2Og-aAFtEcbVtYMnfQaTNARZ2gM8ROvRIHPDV9IGkb7VDs-bNSC0CdDwMMZsMuyMpd9nWnAmWR703GmCkg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 144

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESED6H-hJ2gliLEl3-b2pDQCE&google_cver=1&google_push=Aa02lx98aGBypFbmhnnZy5Ypp70n0kdCOS4yBcF_Rdh27qo3GKkifaK-lH89S98qlRLjXitLKuxpHx0Ku_ufnSW9flQ3ExipaEYXU4I HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESED6H-hJ2gliLEl3-b2pDQCE&google_cver=1&google_push=Aa02lx98aGBypFbmhnnZy5Ypp70n0kdCOS4yBcF_Rdh27qo3GKkifaK-lH89S98qlRLjXitLKuxpHx0Ku_ufnSW9flQ3ExipaEYXU4I&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SLgz5ii3TUqglc97tW2Ycw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx98aGBypFbmhnnZy5Ypp70n0kdCOS4yBcF_Rdh27qo3GKkifaK-lH89S98qlRLjXitLKuxpHx0Ku_ufnSW9flQ3ExipaEYXU4I

Request Chain 145

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELop8fZ_FKdS0ye8XZcq_Pc&google_cver=1&google_push=Aa02lx_oQ0Djzf4UkztPhF4G-GiWrHaa28d8Ww6IPXoTti7aVQAiVtDlnK0mxUmffFuNiqj_UO9y_Oujs-O5GbCwu9VGsHy020-i9KDR HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELop8fZ_FKdS0ye8XZcq_Pc&google_cver=1&google_push=Aa02lx_oQ0Djzf4UkztPhF4G-GiWrHaa28d8Ww6IPXoTti7aVQAiVtDlnK0mxUmffFuNiqj_UO9y_Oujs-O5GbCwu9VGsHy020-i9KDR&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1wOEJUbndORTJ1SFJ4N3FsSGkzLmZEZzBYbVlhUXY2eH5B&google_push=Aa02lx_oQ0Djzf4UkztPhF4G-GiWrHaa28d8Ww6IPXoTti7aVQAiVtDlnK0mxUmffFuNiqj_UO9y_Oujs-O5GbCwu9VGsHy020-i9KDR

Request Chain 146

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFehnICUOKCl2B-n9hJZ_ik&google_cver=1&google_push=Aa02lx_EQ0l0IXLGuPKs20nFzJJ4u-GAiSIfjUHGAPUqG8w0kovcZ1BTsFN03OhNEvbqgJYyWuN8tIf_BbD6yRxOxEriAtc7wCTt7_Wt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_EQ0l0IXLGuPKs20nFzJJ4u-GAiSIfjUHGAPUqG8w0kovcZ1BTsFN03OhNEvbqgJYyWuN8tIf_BbD6yRxOxEriAtc7wCTt7_Wt HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 159

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 163

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA4ftaZteKahVDZjgqYk85w&google_cver=1&google_push=Aa02lx8g4gpmJ1jwTOEk_KqnlsIOpwrULlYxHjCe1Hh0zevknC1Bd9W3vGegw8iJ8si9dj7-GMj40XosORHY1d6P1R4SxYUxwbiNfBQU HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA4ftaZteKahVDZjgqYk85w&google_cver=1&google_push=Aa02lx8g4gpmJ1jwTOEk_KqnlsIOpwrULlYxHjCe1Hh0zevknC1Bd9W3vGegw8iJ8si9dj7-GMj40XosORHY1d6P1R4SxYUxwbiNfBQU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UDhQQk02YTMxUHVmM1o1&google_gid=CAESEA4ftaZteKahVDZjgqYk85w&google_cver=1&google_push=Aa02lx8g4gpmJ1jwTOEk_KqnlsIOpwrULlYxHjCe1Hh0zevknC1Bd9W3vGegw8iJ8si9dj7-GMj40XosORHY1d6P1R4SxYUxwbiNfBQU

Request Chain 164

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKzXvzvzETmHlK7KxLqJzHU&google_cver=1&google_push=Aa02lx_M_GGB0iH9rMGYwsqTc_Q3w-UXxTZMGNFYgZrFrA7EDISY65G65Z2l-xdG7NXoSr6tQZ7ohX6upVTG_6WKUeEppYSYVjUTFSbg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_M_GGB0iH9rMGYwsqTc_Q3w-UXxTZMGNFYgZrFrA7EDISY65G65Z2l-xdG7NXoSr6tQZ7ohX6upVTG_6WKUeEppYSYVjUTFSbg&google_hm=LUvX-6UgSKyob3eklScA96M

Request Chain 165

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHiPG-6OMOxkHDnnr7CKumQ&google_cver=1&google_push=Aa02lx8nKIIRULSocKqVuQGbF6kH-7luHt2wviNsip1bMPW7Yqxezh8mOqXyHBxxoXgcgtg0I5E0Td6DHt3-tkVU78Osx1loFgGsnyC8 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHiPG-6OMOxkHDnnr7CKumQ&google_cver=1&google_push=Aa02lx8nKIIRULSocKqVuQGbF6kH-7luHt2wviNsip1bMPW7Yqxezh8mOqXyHBxxoXgcgtg0I5E0Td6DHt3-tkVU78Osx1loFgGsnyC8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3MTc1OTE1NTYxMjk4MTY0Nw&google_push=Aa02lx8nKIIRULSocKqVuQGbF6kH-7luHt2wviNsip1bMPW7Yqxezh8mOqXyHBxxoXgcgtg0I5E0Td6DHt3-tkVU78Osx1loFgGsnyC8

Request Chain 166

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELop8fZ_FKdS0ye8XZcq_Pc&google_cver=1&google_push=Aa02lx9UJEXk2El3eKEibC7qW5uT69VgjysJNTBk31t3nCeYCUkzqyGeOkNUlRPfZqXrq3fFn3XNNVY-ZupMyro60_FiojtBs4yvu_k0nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1wOEJUbndORTJ1SFJ4N3FsSGkzLmZEZzBYbVlhUXY2eH5B&google_push=Aa02lx9UJEXk2El3eKEibC7qW5uT69VgjysJNTBk31t3nCeYCUkzqyGeOkNUlRPfZqXrq3fFn3XNNVY-ZupMyro60_FiojtBs4yvu_k0nw

Request Chain 167

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFehnICUOKCl2B-n9hJZ_ik&google_cver=1&google_push=Aa02lx_NdF_p9OYYVZWQc39rN72I4xxqUnj4P16KICekIME-H7A8LrUbbVUZBNeBP9Uf27TpWpHXUSWizq_z7UfbhT_uxGCiuOpMdEWNFw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_NdF_p9OYYVZWQc39rN72I4xxqUnj4P16KICekIME-H7A8LrUbbVUZBNeBP9Uf27TpWpHXUSWizq_z7UfbhT_uxGCiuOpMdEWNFw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 168

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELAGJX3weQAdfEih8Ck3MZc&google_cver=1&google_push=Aa02lx-IwkA4XqdKAfQHi9iQ26oEYei5x_iIdEi9xvY1ufU-zfXICSC6c-lswXnI3x0eL9aUgh9Vy3CLTOMQdHmFz_yWbWfah1Jr35D8Pw HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESELAGJX3weQAdfEih8Ck3MZc%26google_cver%3D1%26google_push%3DAa02lx-IwkA4XqdKAfQHi9iQ26oEYei5x_iIdEi9xvY1ufU-zfXICSC6c-lswXnI3x0eL9aUgh9Vy3CLTOMQdHmFz_yWbWfah1Jr35D8Pw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODYzNTcyNjc1NzE2MjQwNTk2OA%3D%3D&google_gid=CAESELAGJX3weQAdfEih8Ck3MZc&google_cver=1&google_push=Aa02lx-IwkA4XqdKAfQHi9iQ26oEYei5x_iIdEi9xvY1ufU-zfXICSC6c-lswXnI3x0eL9aUgh9Vy3CLTOMQdHmFz_yWbWfah1Jr35D8Pw

176 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
contatonline.com/
Redirect Chain

http://smailes.com.br/
http://contatonline.com/?q0zuHW4

110 B
367 B

248ms
122ms

Document
text/html

13.58.124.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://contatonline.com/?q0zuHW4
Protocol: HTTP/1.1
Server: 13.58.124.244 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-124-244.us-east-2.compute.amazonaws.com
Software: nginx / PHP/5.6.38
Resource Hash: f7da7a3265a7d6f483860c21d4b5447ccbeb23a9652f533cbbea8c2f8ef1c2ee

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 20 Feb 2023 22:55:11 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.38

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 20 Feb 2023 22:55:11 GMT
Location: http://contatonline.com/?q0zuHW4
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.29

GET
H/1.1 200
OK Primary Request / Show response
smiles.iclou.com.br/ 24 KB
7 KB 575ms
101ms Document
text/html 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx / PHP/7.4.29
Resource Hash: 7bb1088c2d2c90b1238a8beb90f201281c678461b742810f53007747f710abd8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 20 Feb 2023 22:55:11 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.29

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 99ms
60ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f71d89e52fcb66b0ec81fdf081b91cf12fec07a14a31f5406ab15e68018116b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 22:55:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 52035
X-XSS-Protection: 0
Server: cafe
ETag: 6801311319387478128
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Mon, 20 Feb 2023 22:55:12 GMT

GET
H/1.1 200
OK estilo-laranja.css
smiles.iclou.com.br/css/ 202 KB
27 KB 105ms
105ms Stylesheet
text/css 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smiles.iclou.com.br/css/estilo-laranja.css
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx /
Resource Hash: 418c782cd9a0f004f25873525e400620db28bc9d81b2961e5e6be9faa5a900bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 22:55:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Feb 2021 02:21:28 GMT
Server: nginx
ETag: W/"6018b728-327ff"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 127ms
48ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

708d5c9dbe4b6a80868cef351b45d31093d8dbe6e658f893be79a485c5879adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 22:55:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 22:55:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Feb 2023 22:55:12 GMT

GET
H/1.1 200
OK topo.jpg
smiles.iclou.com.br/images/ 24 KB
24 KB 200ms
100ms Image
image/jpeg 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://smiles.iclou.com.br/images/topo.jpg
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx /
Resource Hash: 0a7cac9b8f0b40c02c190a290f821c12d3a30bdd31f99699c96afb6e011f628b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 22:55:12 GMT
Last-Modified: Tue, 02 Feb 2021 02:21:31 GMT
Server: nginx
ETag: "6018b72b-5fdd"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24541
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK requestData.js Show response
redirecionador.info/relacionados/aereo/ 1 KB
1 KB 272ms
235ms Script
application/javascript 2606:4700:3034::6815:5f5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://redirecionador.info/relacionados/aereo/requestData.js
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:5f5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ea571f67616f2ef7b6acacb2a92cecf6a5035424ce962d971e3f32926202e06

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 22:55:12 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 11 Feb 2021 20:28:44 GMT
Server: cloudflare
ETag: W/"6025937c-43c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KftDG%2FJsWtiJpG4Qz6dbXh4xPcOBzVAY9rqtntmzFsQv%2F2YSanHB9wU3j8%2FPVTJyNFvYtam%2Bghsn7uZ%2Fk4Ty8CdrOxTfWb59iHUNDq0eaGMwtTC6ge5gXhRrNHRlCeNHcgWnlixFkHqsksgeQRBAdZ51"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: public, max-age=315360000
CF-RAY: 79cad4144b823731-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.3.1/dist/ 85 KB
31 KB 34ms
16ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.3.1/dist/jquery.min.js

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 29079198
x-jsd-version: 3.3.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19156-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"1538f-DcMttKqcXwPzs4xH2IPb1P7ROq4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdfRwjTBQb8MUSAD2U%2BprKqTxJK6lIx%2BNm6%2FH5wHfrOrn8XNgoBX7HNhqe2LHTWb5C04u6pogL7vYDOWrW0X1SN8LwqZsjUmynLYt6JY%2BYzaviELAlv9KfVI8ZmPTp3MPwn87OvUsA5Iw9kdKy0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 79cad41428ad6909-FRA

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
11 KB 33ms
15ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 29079214
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19152-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hCb1pmWKBE3CiM6s4n7rL0Wk5h%2BdphYqpZ2R%2FsHSu0DlMp57ih0fYApQDN7W0Uodlxth64GgMRIF2G0sqMgYk3qB8TxFIXVs20tPzsb0YHjdfQqKIpqs5GTq%2Bs0W%2FqUn1O6J27m6OoNoFw7uAs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 79cad41428ae6909-FRA

GET
H2 200 jquery.flexslider.min.js Show response
cdn.jsdelivr.net/npm/flexslider@2.7.1/ 23 KB
7 KB 183ms
165ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/flexslider@2.7.1/jquery.flexslider.min.js

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82274395ae9741732320547050e84cd8ca10510c0afb8cead6eb9172aa891deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-jsd-version: 2.7.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230060-FRA, cache-yyz4546-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"5a97-CZSrA1me8DvhFo11qWL07JtctNM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FOJINliHeBFzNVdxn1j1Za2lbcpXg2YCw%2FsNRuy5wWjZJTzfHWrjsK3j0DmIg1nMIOCStLBf%2Foos5ZRAa33LU48ZMmkPwLqlsV0NKrNMkJleCdxL4bNCHk2mpV%2F0X6djdcuNuEj0IAgJ0jmwYY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 79cad41428af6909-FRA

GET
H/1.1 200
OK scripts.min.js Show response
smiles.iclou.com.br/js/ 2 KB
1 KB 193ms
96ms Script
application/javascript 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smiles.iclou.com.br/js/scripts.min.js
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx /
Resource Hash: 9737e1f2d8e8394823b95d1c2ed3db1a65efabeb4eaf36b3d35ed053dff921b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 22:55:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Feb 2021 02:21:33 GMT
Server: nginx
ETag: W/"6018b72d-919"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ads.js Show response
smiles.iclou.com.br/js/ 10 KB
2 KB 194ms
97ms Script
application/javascript 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smiles.iclou.com.br/js/ads.js
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx /
Resource Hash: 2fd3ec1c9bbd8649a7df803f56aee470fa259abb0a9b70485cd51c9d1bf77a03

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 22:55:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Feb 2021 02:21:32 GMT
Server: nginx
ETag: W/"6018b72c-27a5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 366 KB
121 KB 165ms
83ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8847092362748368&plah=smiles.iclou.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f13e29f46354f69526cc2e8c236253dccc816dc614b25610449470c99a27bbbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122949
x-xss-protection: 0
server: cafe
etag: 8191001917337790004
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 22:55:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/ Frame 43E5 10 KB
5 KB 117ms
35ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10306
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 20:03:26 GMT
etag: 10353107486223812946
expires: Mon, 06 Mar 2023 20:03:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 172ms
75ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://smiles.iclou.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 16:34:14 GMT
x-content-type-options: nosniff
age: 454858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21724
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 16:34:14 GMT

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 149ms
53ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://smiles.iclou.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 22:11:48 GMT
x-content-type-options: nosniff
age: 261804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 22:11:48 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 10 KB
10 KB 190ms
94ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://smiles.iclou.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:18:15 GMT
x-content-type-options: nosniff
age: 499017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10172
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 04:18:15 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 7 KB
4 KB 171ms
64ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

663fcbc4d580e889135cef895af13da480723de31e58ff4e922cf9e758380549

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:12 GMT
content-encoding: br
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2908
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: AqRrpS1jM/HOs1rGR0CnXerKEP/QFz7qj9ApDSZqAO+0U+KcT/h/lxA6akW4ar0kT0V1bw5MD4t8O7L7OFwM5gUAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY3ODIzMzU5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Mon, 20 Feb 2023 22:55:12 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
603 B 131ms
46ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=smiles.iclou.com.br&callback=_gfp_s_&client=ca-pub-8847092362748368

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8847092362748368&plah=smiles.iclou.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8fde80d0932de7f808d4505b4704c7df46af3d049d87eb12a53891aa350a916a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 123ms
43ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 128ms
44ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B76B 114 KB
37 KB 781ms
780ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&adk=1812271804&adf=3025194257&lmt=1676933712&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_l%7C308x810_r&format=0x0&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&ea=0&pra=5&wgl=1&dt=1676933712194&bpp=7&bdt=204&idt=313&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7585543611985&frm=20&pv=2&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=339

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a6d03401a49c19e9ebe09d571ea46902cef5e8e65782f579cc904ecc784a3b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37726
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 22:55:13 GMT
expires: Mon, 20 Feb 2023 22:55:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cse_element__pt_pt.js Show response
www.google.com/cse/static/element/c23214b953e32f29/ 305 KB
102 KB 127ms
47ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/c23214b953e32f29/cse_element__pt_pt.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68459d679310d8dea155e2c6c2e27be5fff75050494105c69cfea7b2c73dabf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 23:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104146
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 20:46:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 16 Feb 2024 23:15:15 GMT

GET
H2 200 default+pt_PT.css
www.google.com/cse/static/element/c23214b953e32f29/ 41 KB
9 KB 116ms
36ms Stylesheet
text/css 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/c23214b953e32f29/default+pt_PT.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 15:14:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 373228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9086
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 20:46:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 16 Feb 2024 15:14:44 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 121ms
41ms Stylesheet
text/css 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 20 Feb 2023 23:03:12 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8006 102 KB
35 KB 1464ms
1463ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=3582736694&adf=865389875&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933712&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933712553&bpp=3&bdt=562&idt=-M&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=1c4pYHx1Ok&p=http%3A//smiles.iclou.com.br&dtd=8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e9a9fb0347c70577441ab6d17b4002c04d4361706cf5e42b839e48208112c4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35758
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 22:55:13 GMT
expires: Mon, 20 Feb 2023 22:55:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1D16 86 KB
31 KB 891ms
890ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1676933712&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933712553&bpp=1&bdt=562&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=o7AK2oubmp&p=http%3A//smiles.iclou.com.br&dtd=15

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92c21f974c540d742867ea545b594a05375fcdf5dd1c044eb641160120f4f00b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 31739
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 22:55:13 GMT
expires: Mon, 20 Feb 2023 22:55:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 139 KB
51 KB 81ms
44ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/c23214b953e32f29/cse_element__pt_pt.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bc8a6754c7221febe71da5a40cb3eac2c2a2989686d7337695ac820d3891ca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 22:55:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
ETag: "2339977475251885814"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Accept-Ranges: bytes
Expires: Mon, 20 Feb 2023 22:55:12 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/pt_PT/ 1 KB
2 KB 37ms
35ms Image
image/png 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/pt_PT/branding.png

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1f061781dd54ac94ee2245db3b03e2fe1604349e42b857a3e5c982d6cdbb5f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 23:07:07 GMT
x-content-type-options: nosniff
age: 344885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 16 Feb 2024 23:07:07 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
127 B 92ms
38ms Image
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 22:55:12 GMT
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 47ms
45ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 47ms
46ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DDD2 107 KB
35 KB 982ms
981ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=530165087&adf=4093038968&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933713&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933713233&bpp=1&bdt=1243&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=JarfXZJjY1&p=http%3A//smiles.iclou.com.br&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84cdca5f9cf25e00ce9d9a4d7a0d096854814fd6ad329d822cc28558f8c94cb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35597
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 22:55:14 GMT
expires: Mon, 20 Feb 2023 22:55:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 150 KB
51 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/reactive_library_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53fa3260fbd958471f347056eb8fa69c4d15b59b645208adadf193b161050a0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52063
x-xss-protection: 0
server: cafe
etag: 17673016339240368198
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 22:55:13 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 48ms
47ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 44ms
44ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/ Frame 74BF 10 KB
4 KB 39ms
38ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70588
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 03:18:45 GMT
etag: 10353107486223812946
expires: Mon, 06 Mar 2023 03:18:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 1D16 6 KB
768 B 45ms
44ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 22:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 22:40:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Feb 2023 22:55:13 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 1D16 2 KB
799 B 171ms
89ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 02:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 02:12:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/ Frame 1D16 22 KB
9 KB 116ms
34ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 02:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 02:12:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 1D16 3 KB
1 KB 163ms
87ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 19:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 19:47:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 1D16 20 KB
8 KB 121ms
39ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 17:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 17:13:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1D16 156 KB
48 KB 131ms
49ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 22:55:13 GMT

GET
H2 200 3fa5291869997d20adf47a02a7a75d04.js Show response
www.gstatic.com/mysidia/ Frame 1D16 34 KB
14 KB 127ms
41ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 20:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 00:07:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 15 May 2023 20:26:58 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1D16 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CiO6sUPrzY4KEJObA9u8P9uST4Aat7tKLb8Ofz52uEc2ev8SEORABIJCwhxNgleKQgqAHoAGE6qXzKMgBCakCkeUuekCUgz6oAwHIA8sEqgToAU_Qfjoksj4uV4u1LmPHcsbCrBhs4w-__qFsZf_VM4OaXGFlVnt9e9y7cTyGGIIfAwfdD9zh-i2--v5ZX-kU2eJ8j90UVFn6ClV9_1D6-RwWjO3k5KXNYvxcFYySr0KT0rp9Vs2FzrDQHazq1VH9zVA--JqWnhQMtkJNV5l06RcLpM7vOGiNn_rdMKNdxPwMTLqHMFJq3dB8Tx3B3JjeuHsvZ74ijfdXTTvIBVE0fxtII5Cm4yNhvyoe6UGqQdU1x3PHj-tlkTxToZFYlxBKVT2goQmuB9kj_TD5yZRtkBOT4_4JMzD1gGLABIOU47O1BJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeEovbSA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEInCENIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTC9AVAZgWAYAXAbIXHAoaCAASFHB1Yi04ODQ3MDkyMzYyNzQ4MzY4GAA&sigh=B1EQNB1DZAw&uach_m=[UACH]&cid=CAQSGwDUE5ymKI9975Gu5mnR9sArTbFrJ6ng6EmxSBgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1676933712&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933712553&bpp=1&bdt=562&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=o7AK2oubmp&p=http%3A//smiles.iclou.com.br&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Feb 2023 22:55:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 20 Feb 2023 22:55:13 GMT

GET
H2 200 6072194739026526744
tpc.googlesyndication.com/simgad/ Frame 1D16 1 KB
1 KB 148ms
78ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6072194739026526744?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08fecbc18a363d643a88541940d63888e1309683c75ff04119a2f6e9263ef518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:46:39 GMT
x-content-type-options: nosniff
age: 43714
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1110
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 08:11:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Feb 2024 10:46:39 GMT

GET
H2 200 12100977170586338315
tpc.googlesyndication.com/simgad/ Frame 1D16 12 KB
12 KB 149ms
79ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12100977170586338315?w=300&h=300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03622b888fdb9374c74fb1e350d4fc598aaec7af3f80b835f3fd05336867c848

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 11:40:46 GMT
x-content-type-options: nosniff
age: 40467
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11902
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 11:30:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Feb 2024 11:40:46 GMT

GET
DATA 200
OK truncated
/ Frame 1D16 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 7f18ca2d5e76e6394611c7986e4bc896.js Show response
www.gstatic.com/mysidia/ Frame 74BF 10 KB
4 KB 143ms
83ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7f18ca2d5e76e6394611c7986e4bc896.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

765d7308ebd55d0d2e9babfd37e30335be02efbbf3d3176f3e1f730cc4177045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 20:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 441359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4353
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 00:05:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 May 2023 20:19:14 GMT

GET
H2 200 a1380fa1dbb478cac31aa0fcfff4f762.js Show response
www.gstatic.com/mysidia/ Frame 74BF 11 KB
5 KB 139ms
80ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a1380fa1dbb478cac31aa0fcfff4f762.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b52c106741e95185aabd3207ecd15686e066ae9f516ebd45e87936829c14ca2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 01:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 508945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4765
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 00:05:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 May 2023 01:32:48 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 74BF 8 KB
968 B 46ms
44ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 22:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 21:01:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Feb 2023 22:55:13 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 74BF 2 KB
846 B 123ms
76ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 02:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 02:12:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/ Frame 74BF 22 KB
9 KB 92ms
44ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 02:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 02:12:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 74BF 3 KB
1 KB 124ms
77ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 19:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 19:47:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 74BF 20 KB
8 KB 116ms
69ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 17:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 17:13:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 74BF 156 KB
48 KB 146ms
100ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 22:55:13 GMT

GET
H2 200 3fa5291869997d20adf47a02a7a75d04.js Show response
www.gstatic.com/mysidia/ Frame 74BF 34 KB
14 KB 107ms
51ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 20:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 00:07:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 15 May 2023 20:26:58 GMT

GET
DATA 200
OK truncated
/ Frame 1D16 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a012301f2bb133c483369dbd6720cb2d353a89684f58a9896c3175d704633023

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 74BF 0
0 82ms
81ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6xjtUPrzY52-ItSz9u8P78yksA6CucD3btmrxvbnD-O64evjMBABIJCwhxNgleKQgqAHoAHUn6ndAsgBAakC_tKoKWXssT6oAwHIA8sEqgTyAU_Q5b82rGyvmYYChRuM769gkw3PMTd1tJ7OGj3Tq-6zVltog0UBpapOwXIW5jPWE00xIwIy65KULsqlJsGLpxCZsTlMrJvMusxwgPAw0nM3HJ6g20s8NukISLCSMsTU5I-TN0Xsx3LLf1N8NpXXFtBLl8WVJ5R0YeobnBg8NagwBWw6uSg4wvURy-oBdaUA7UrP-ulWUyMQcyQYl7uo_TLYkFSGzUz4P86nRI2d6EmE9PHqs37Vkt4viML5NzJOiYkKLcfcA4r18-Yud8wYavo0nIkJFamCP0XKRCC3UrNpxywCLegph6owyJVGgpRkK2cRwASkoMi5iASSBQQIBBgBkgUECAUYBIAHlODWogGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDOzRnSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi04ODQ3MDkyMzYyNzQ4MzY4GAA&sigh=-W0fvCi4G4Y&uach_m=[UACH]&cid=CAQSGwDUE5ymbRAia861F4dCaFkcBlJhMlw9m1BpLxgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Feb 2023 22:55:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 41F5 143 B
166 B 39ms
38ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 495
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 22:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 74BF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59b1107ea7100c985dbf636cb185997be446acc8756b74b63fdfb112b607fab2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1D16 15 KB
16 KB 38ms
35ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 08:06:08 GMT
x-content-type-options: nosniff
age: 312545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 08:06:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1D16 15 KB
15 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 23:09:06 GMT
x-content-type-options: nosniff
age: 344767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 23:09:06 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 41F5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
47ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 22:55:13 GMT
expires: Mon, 20 Feb 2023 22:55:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 22:55:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 18DE 36 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 21:08:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 21:08:03 GMT

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 047B 36 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 21:08:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 21:08:03 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 50ms
50ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 45ms
45ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E0C1 105 KB
34 KB 1163ms
1162ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1676933713&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933713984&bpp=2&bdt=1993&idt=-M&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=3yjm3NzuAj&p=http%3A//smiles.iclou.com.br&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f4dacdafc5cab46821fdb0d3c37bf72af904c929945105381bea81afcdcf39e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 35061
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 22:55:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1552 104 KB
34 KB 890ms
890ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1676933713&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933713984&bpp=1&bdt=1994&idt=0&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ps5lQ3e7lD&p=http%3A//smiles.iclou.com.br&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73fced8402e3b26a9d4fcc16019365ea6bf42cef140e7e8d625bfae5d383802a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 34752
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 22:55:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 7f18ca2d5e76e6394611c7986e4bc896.js Show response
www.gstatic.com/mysidia/ Frame 8006 10 KB
4 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7f18ca2d5e76e6394611c7986e4bc896.js?tag=client_fast_engine_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

765d7308ebd55d0d2e9babfd37e30335be02efbbf3d3176f3e1f730cc4177045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 20:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 441360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4353
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 00:05:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 May 2023 20:19:14 GMT

GET
H2 200 bc63e283f37018142f1a6ba7254ba7c6.js Show response
www.gstatic.com/mysidia/ Frame 8006 10 KB
5 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bc63e283f37018142f1a6ba7254ba7c6.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c2eb4bd436a068318ae842919d15610711964b98cf65a76c3cabf176a1cf98e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4610
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 00:05:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 May 2023 19:09:33 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8006 8 KB
895 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 22:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 21:39:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Feb 2023 22:55:14 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 8006 2 KB
799 B 37ms
34ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 02:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 02:12:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/ Frame 8006 22 KB
9 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 02:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74543
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 02:12:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 8006 3 KB
1 KB 38ms
35ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 19:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 19:47:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 8006 20 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 17:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 17:13:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8006 156 KB
48 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 22:55:14 GMT

GET
H2 200 3fa5291869997d20adf47a02a7a75d04.js Show response
www.gstatic.com/mysidia/ Frame 8006 34 KB
14 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 20:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527296
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 00:07:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 15 May 2023 20:26:58 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 25DF 143 B
166 B 38ms
38ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=3582736694&adf=865389875&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933712&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933712553&bpp=3&bdt=562&idt=-M&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=1c4pYHx1Ok&p=http%3A//smiles.iclou.com.br&dtd=8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 496
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 22:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8006 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4833927d10fe0c4f4446d31455446e3d082de650f2d9cbf6db36fdf59b4ce045

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 8006 28 KB
28 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 17:05:31 GMT
x-content-type-options: nosniff
age: 452983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 17:05:31 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 25DF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
50ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 22:55:14 GMT
expires: Mon, 20 Feb 2023 22:55:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 22:55:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame DDD2 2 KB
535 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=530165087&adf=4093038968&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933713&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933713233&bpp=1&bdt=1243&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=JarfXZJjY1&p=http%3A//smiles.iclou.com.br&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 22:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 22:20:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Feb 2023 22:55:14 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame DDD2 20 KB
21 KB 179ms
47ms Image
image/jpeg 2a00:1450:400d:807::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRxvAFfnNUCf2fLPXyjrCAUekBdhyzaxA83v8155g_Y6xf7eetnAg_6RHPG4g&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e5045426b2f131ff916dfacc87708a4629cd36e8e12b0d614a0216b8bce13552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 03:45:41 GMT
x-content-type-options: nosniff
age: 500973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20512
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 15:30:32 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 15 Feb 2024 03:45:41 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame DDD2 29 KB
29 KB 198ms
48ms Image
image/jpeg 2a00:1450:400d:80e::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRqFZ3FL_trs7jVx0fOU0bJVw47GF1oa8LPqQTZNBcTdPagUFdnPF70i8-SJQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

bc917a11446d630bdddce4750531e7fb976b6dc75498876f5fc7e6725f354423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 00:48:26 GMT
x-content-type-options: nosniff
age: 511608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29432
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 06:15:35 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 15 Feb 2024 00:48:26 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame DDD2 18 KB
18 KB 178ms
47ms Image
image/jpeg 2a00:1450:400d:803::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRK7cLw0ylGiRW85jxQrU8MM9w4kH4OSJ-hxXwQ92_Fzl5307iJHFVfSsfAhDw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b92bb04925973f7b610e03bf5f8a7622e19fba98998b01f28d325ba50780a20b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 00:48:26 GMT
x-content-type-options: nosniff
age: 511608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18072
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 03:29:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 15 Feb 2024 00:48:26 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame DDD2 14 KB
14 KB 223ms
93ms Image
image/png 2a00:1450:400d:807::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSng1Kj6ZzGlXRHr4xv55DcnMBbUHGUS2E2U5BienWspvDCwjej&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

cbdf026f0e3ad6909f663b18a4636e25d12927f278563bdd2ee387a55677d87c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:12:54 GMT
x-content-type-options: nosniff
age: 330140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 06:46:16 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 17 Feb 2024 03:12:54 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame DDD2 2 KB
765 B 36ms
35ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 02:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 02:12:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DDD2 0
0 85ms
84ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKfslUfrzY8jqEL6D9u8Poq2teI2eye5urZux6sYQjr6w0pQ3EAEgkLCHE2CV4pCCoAegAbOG6-EoyAEJqQL-0qgpZeyxPqgDAcgDywSqBOcBT9AZy2YfJtiS80qAR06JLCDCnArGtbbC-uleAnCBEqMpO_qe6IGB6OKru4Xfxw7uhbioQc9p2HZY6s-p5Mim_-AfUKfDlmwjcwFUkRTo0-gtlfjPTlB_hmQyheAD7vntSxJsvL4mOKQbgr_iqNeeof3_AcaqyVzToExQaGtDTZ75kowCe55gmkCq-3hRDgHJDPTnWGUotkiA8F3-BTb1LxYvxhmIteox_6h9zhSVU58x5gHWBbFgGjNwyapsV9XxbTZpH3X2rakihYHSMHXv_WUAOlJcWa4JlLS1xgwS-IPnLVqzZu_awASQk-CnmASSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHo52KvwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQkYQG0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItODg0NzA5MjM2Mjc0ODM2OBgA&sigh=BhVXWPu5JeQ&uach_m=[UACH]&cid=CAQSTADUE5ym1BlxiIzYJCM6hLVKsQxGpbvInWpaSlF8IxeetBG3ydUVzP18mSBTmkJG8eH_aa5hp5cwRSRLKMfLbItqCi_OUjSs8RyS0GEYAQ&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=530165087&adf=4093038968&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933713&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933713233&bpp=1&bdt=1243&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=JarfXZJjY1&p=http%3A//smiles.iclou.com.br&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Feb 2023 22:55:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/ Frame DDD2 22 KB
9 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 02:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74543
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 02:12:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame DDD2 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 19:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 19:47:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame DDD2 20 KB
8 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 17:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 17:13:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DDD2 156 KB
48 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 22:55:14 GMT

GET
H3 200 3fa5291869997d20adf47a02a7a75d04.js Show response
www.gstatic.com/mysidia/ Frame DDD2 34 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 20:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527296
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 00:07:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 15 May 2023 20:26:58 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8006 0
18 B 84ms
84ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIYSiUPrzY-LfI73K7_UP54KlyAiD5pHIbrrD3qGkEaLi-_qwKRABIJCwhxNgleKQgqAHoAHb4p_JA8gBAakCBVsasuX_iT6oAwHIA8MEqgTmAU_QTFJPIkCEi0L2KHbsl69jiqA8JGX9NE61A9hamPHvLg3K61KXaaSvjq7xOfyuoo_oep6V0hmwm2AvhZV0X5yCpyQFkh5yToH43xnonfsT-Arnb3be_dKkKubsI_6_meRK7Nc6xYh4pVDeTM4RTts261IIRwpKYPJ1IhnI_ljxK59fq6xVC1VYqtrRZ5cqODZOdZJ8-NDCSjsLHRXm-Q7r8pj2EBtSLfbYS9yUIYHmJS01J6tmXMEzAJyIl79NjGtH5D-aKgjIqxADk_Rpux5SW-JV2TGV6ajMCnRWYrwO12Nq5gcJwATthdjrmwSSBQQIBBgBkgUECAUYBKAGZoAHjZ3gNqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIuOaNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTg4NDcwOTIzNjI3NDgzNjgYAA&sigh=tvuguyJUvVs&uach_m=[UACH]&cid=CAQSGwDUE5ymPsfHOrAPAivd__wG8smrd_GzrCGNmBgB&cbvp=2&vis=1

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=3582736694&adf=865389875&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933712&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933712553&bpp=3&bdt=562&idt=-M&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=1c4pYHx1Ok&p=http%3A//smiles.iclou.com.br&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Feb 2023 22:55:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame E4CE 36 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 21:08:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 21:08:03 GMT

GET
DATA 200
OK truncated
/ Frame DDD2 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c774664099b7b48b0f682fae4f3434228857a224eb3642fdaba08a29d835fa3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame DDD2 20 KB
20 KB 37ms
35ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 20:24:54 GMT
x-content-type-options: nosniff
age: 441020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 20:24:54 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 47ms
46ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 45ms
45ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E6AA 110 KB
34 KB 1222ms
1221ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933714&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933714432&bpp=1&bdt=2441&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM%2CAD37Y7unrdo7xiC5FwijIgSbeO1rLei18uorHkuUV6pyWy7yCi1XEkefis9UKgIKaVAIMDK0IFAYYtmHUNIOtZY%2CAD37Y7tsbAarmlj7y41BGVyjONb9RITV7_tXlmDbDN11-0UMunY57UFvN-rfkYROPm71BtPypm-5ZROzjd5bcf4B4w&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=XOnoLGHMYM&p=http%3A//smiles.iclou.com.br&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a67f80d7e35eef5c12d337314a480c616e7e5da91a6be90537a08201b1cd062f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 34939
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 22:55:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 7AF2 36 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 21:08:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 21:08:03 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1D16 42 B
64 B 153ms
75ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbglgQJZ4XkKX-cs9OAAc7TzQN4qgy-Cp4f2k3ozqdKsNpg9git8drEPmtv7ENnd-fPA7YOJmPT9_sabQSH5ER4f4_0ER5S22UYLAIJQOec8pKOv4aAK9G66B7owgzcg50jgJcTA&sai=AMfl-YTHgXIyrSv9__0FUw2Staf-U7N3Y8AfOD4FDRDNRjDqnAdZTHQpsWaEQI2R2cqABTUIeTdxMmK-RqM8&sig=Cg0ArKJSzCJHyQwuYWrVEAE&cid=CAQSGwDUE5ymKI9975Gu5mnR9sArTbFrJ6ng6EmxSBgB&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=291284351&rs=2&la=0&cr=0&vs=4&r=v&rst=1676933712570&rpt=1285&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 74BF 42 B
64 B 153ms
76ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFfjlToUTICGX1u0n58Y1h41zW71cl1_NKZggPq2oVoiD51DtejU5nl0ffpGIjwUU3ycXuFwwakXblLhlUV9qlKsw-u4gFS8_YEsWxRTf-DjD8U3IgVdJ-jD53YgqPfN-4WeITgg&sai=AMfl-YQPDuy_vDXSvrP4gcIjE2afoj5chvK4C7V8rcqgiv8ZnXOiUmMZ_0Q0X0LTRV2UDqn374C__SGmr3s3&sig=Cg0ArKJSzCRGlnAyq3gAEAE&cid=CAQSGwDUE5ymbRAia861F4dCaFkcBlJhMlw9m1BpLxgB&id=lidar2&mcvt=1002&p=0,0,124,1005&mtos=97,780,1002,1044,1044&tos=97,683,222,42,0&v=20230215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1676933713455&rpt=355&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1552 4 KB
621 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1676933713&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933713984&bpp=1&bdt=1994&idt=0&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ps5lQ3e7lD&p=http%3A//smiles.iclou.com.br&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 22:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 22:17:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Feb 2023 22:55:14 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 1552 2 KB
765 B 35ms
35ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 02:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 02:12:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1552 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBYBRUvrzY9WQAfS_9u8PiMGDkAfvg8Shbr_Ir6y_DszHmqb9CBABIJCwhxNgleKQgqAHoAGwuqHXA8gBCakC_EL8qeLssT6oAwHIA8sEqgTpAU_QItmyICJ7PlD7bC3ocZ5Y9kejoMqGyMUFi9FORiFgOoTAMuCICbZGGuxBHjFcF4mkVlzcjMxh9WKY_YorDGUR_O-5brmpe_L1EfXK549a7RyvYUzlqRiPeEnbL9ToAClEwah7OF9WiOITP4CYNO7uvZRVSccsdiHMCWxZL0Vb7mGEg19dGQTuPI59d08fjfrhRhTILFNLc3ytwS-fNBLn-amopenZ5FNRjJwDE2o0Xc4_5mzyC2pPspOjedU4J0bXLyZEKkw7p13pAc1eVK_MzYlH-kALdknGPWZ7U6k2dqOuJDzFdpqbwATJmKmq4AOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHxfetPqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDbygHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi04ODQ3MDkyMzYyNzQ4MzY4GAA&sigh=dM8prSA81aU&uach_m=[UACH]&cid=CAQSPADUE5ymK5VQOt65RWvhvhanxMGU55XQ-9aecoSDQBRJR3WJj9GUcDYjDIk2EY-ceRU9CJ-AGt-I8NSTtRgB&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1676933713&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933713984&bpp=1&bdt=1994&idt=0&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ps5lQ3e7lD&p=http%3A//smiles.iclou.com.br&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Feb 2023 22:55:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1552 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame 1552
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

36ms
36ms

Image
image/png

2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Protocol

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:05:25 GMT
x-content-type-options: nosniff
age: 359389
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 16 Feb 2024 19:05:25 GMT

Redirect headers

date: Mon, 20 Feb 2023 04:32:37 GMT
x-content-type-options: nosniff
server: cafe
age: 66157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 22 Mar 2023 04:32:37 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/ Frame 1552 22 KB
9 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 02:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74543
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 02:12:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 1552 3 KB
1 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 19:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 19:47:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 1552 20 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 17:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 17:13:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1552 156 KB
48 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 22:55:14 GMT

GET
H3 200 3fa5291869997d20adf47a02a7a75d04.js Show response
www.gstatic.com/mysidia/ Frame 1552 34 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 20:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527296
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 00:07:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 15 May 2023 20:26:58 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6171 1 KB
643 B 44ms
35ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 21:24:38 GMT
etag: 48472445140208031
expires: Tue, 21 Feb 2023 21:24:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1552 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 916cf4e42145ac570ddb58673642d98029e4f3fa9dcf49e8095f71c70dbbbec1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1552 16 KB
16 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 16:22:50 GMT
x-content-type-options: nosniff
age: 455545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 16:22:50 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 6171 0
104 B 109ms
27ms Image
text/plain 2a02:fa8:8806:20::2040

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECjwsXMr7Ut2DTBxTbic-mg&google_cver=1&google_push=Aa02lx9pffJUAPmnYL7f6-hGa_bVLa-NNpvnpD4Gh7gjlgAHud1wpBgJwZKbbEgK4_D-dms7abDSR-fJbsaqkRpSXlY3UMtM4VWNohR7
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1676933713&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933713984&bpp=1&bdt=1994&idt=0&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ps5lQ3e7lD&p=http%3A//smiles.iclou.com.br&dtd=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6171
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBqUIyrkaPKWY3It-Xjj-lc&google_push=Aa02lx-G8IjCPZiUlBh2piFeEaHxnaJL4iDPx25bt5HLdGdh-09NqW4pfu...

170 B
232 B

49ms
48ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBqUIyrkaPKWY3It-Xjj-lc&google_push=Aa02lx-G8IjCPZiUlBh2piFeEaHxnaJL4iDPx25bt5HLdGdh-09NqW4pfu-pr8WecQRNZ8ar6VaE3yQexZa-Xgx7MZeLHcFCMLW5sNY

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220049-HHN
pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1676933715.189898,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBqUIyrkaPKWY3It-Xjj-lc&google_push=Aa02lx-G8IjCPZiUlBh2piFeEaHxnaJL4iDPx25bt5HLdGdh-09NqW4pfu-pr8WecQRNZ8ar6VaE3yQexZa-Xgx7MZeLHcFCMLW5sNY
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6171
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKzXvzvzETmHlK7KxLqJzHU&google_cver=1&google_push=Aa02lx-insa8d-rC48AbscEp0o8gymtIjvIRX9V8MLs0EvmTBlH2SOYkWZrFJc5MoklDuBTdtziVitP_D5a...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-insa8d-rC48AbscEp0o8gymtIjvIRX9V8MLs0EvmTBlH2SOYkWZrFJc5MoklDuBTdtziVitP_D5a7FooygqJiLL9tbdf2ucOM&google_hm=LUvX-6UgSKyob3ek...

170 B
329 B

48ms
45ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-insa8d-rC48AbscEp0o8gymtIjvIRX9V8MLs0EvmTBlH2SOYkWZrFJc5MoklDuBTdtziVitP_D5a7FooygqJiLL9tbdf2ucOM&google_hm=LUvX-6UgSKyob3eklScA96M

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-insa8d-rC48AbscEp0o8gymtIjvIRX9V8MLs0EvmTBlH2SOYkWZrFJc5MoklDuBTdtziVitP_D5a7FooygqJiLL9tbdf2ucOM&google_hm=LUvX-6UgSKyob3eklScA96M
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6171
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEVYwwp3l3YF9F485GCSF_M&google_cver=1&google_push=Aa02lx_abhB4XlJwNVVMnVgvXtAGdLPCqXkZJFscPjim4OGz5tuUpt2l2jksMrcaLlz_AUDZSrVQ5-4DLHbjleddXsmN...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEVYwwp3l3YF9F485GCSF_M&google_cver=1&google_push=Aa02lx_abhB4XlJwNVVMnVgvXtAGdLPCqXkZJFscPjim4OGz5tuUpt2l2jksMrcaLlz_AUDZSrVQ5-4DLHbjle...
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=fec4484a-415e-4018-b7dc-69c67383527c&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_abhB4XlJwNVVMnVgvXtAGdLPCqXkZJFscPjim4OGz5tuUpt2l2jksMrcaLlz_AUDZSrVQ5-4DLHbjleddXsmNxGvPgLwSihMr&google_hm=J6GPFQbBTVivEtjeBDp...

170 B
188 B

44ms
44ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_abhB4XlJwNVVMnVgvXtAGdLPCqXkZJFscPjim4OGz5tuUpt2l2jksMrcaLlz_AUDZSrVQ5-4DLHbjleddXsmNxGvPgLwSihMr&google_hm=J6GPFQbBTVivEtjeBDpiBg==

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_abhB4XlJwNVVMnVgvXtAGdLPCqXkZJFscPjim4OGz5tuUpt2l2jksMrcaLlz_AUDZSrVQ5-4DLHbjleddXsmNxGvPgLwSihMr&google_hm=J6GPFQbBTVivEtjeBDpiBg==
date: Mon, 20 Feb 2023 22:55:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6171
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIhQLbPSqBfhkT4uxQXZsV8&google_cver=1&google_push=Aa02lx-iX9eaPChS7RHZmJ3J1Vt-W0XkbedYEUcyGnCWmph3t286aW37Jv2lMlBxUM2U_DXKihDO7q0q3OWOQJdgu...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIhQLbPSqBfhkT4uxQXZsV8&google_cver=1&google_push=Aa02lx-iX9eaPChS7RHZmJ3J1Vt-W0XkbedYEUcyGnCWmph3t286aW37Jv2lMlBxUM2U_DXKihDO7q0q3OWOQJdgu...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-iX9eaPChS7RHZmJ3J1Vt-W0XkbedYEUcyGnCWmph3t286aW37Jv2lMlBxUM2U_DXKihDO7q0q3OWOQJdguFVa1fkXqdb63SDt&google_hm=GMMftGZHiGSb5dsET_...

170 B
232 B

55ms
54ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-iX9eaPChS7RHZmJ3J1Vt-W0XkbedYEUcyGnCWmph3t286aW37Jv2lMlBxUM2U_DXKihDO7q0q3OWOQJdguFVa1fkXqdb63SDt&google_hm=GMMftGZHiGSb5dsET_OdfDYo

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 20 Feb 2023 22:55:15 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-iX9eaPChS7RHZmJ3J1Vt-W0XkbedYEUcyGnCWmph3t286aW37Jv2lMlBxUM2U_DXKihDO7q0q3OWOQJdguFVa1fkXqdb63SDt&google_hm=GMMftGZHiGSb5dsET_OdfDYo
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6171
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx8DaKXr0rXm_sam-Izxqx8ZEwaveVkOO3ffUpxMBfs494XxM8mgJyVfvE6gsCJjfi4piGcsxMiMZUebXMd4Rn10dwJ6Aa3tvgg&redir=https%3A%2F%2Fcm.g.do...
https://sync.targeting.unrulymedia.com/csync/RX-0ac859da-5c29-4070-9f28-918420179ed8-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx8DaKXr0rXm_sam-Izxq...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8DaKXr0rXm_sam-Izxqx8ZEwaveVkOO3ffUpxMBfs494XxM8mgJyVfvE6gsCJjfi4piGcsxMiMZUebXMd4Rn10dwJ6Aa3tvgg&google_hm=AwrIWdpcKUBwnyiRhCAXntg

170 B
232 B

48ms
48ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8DaKXr0rXm_sam-Izxqx8ZEwaveVkOO3ffUpxMBfs494XxM8mgJyVfvE6gsCJjfi4piGcsxMiMZUebXMd4Rn10dwJ6Aa3tvgg&google_hm=AwrIWdpcKUBwnyiRhCAXntg

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8DaKXr0rXm_sam-Izxqx8ZEwaveVkOO3ffUpxMBfs494XxM8mgJyVfvE6gsCJjfi4piGcsxMiMZUebXMd4Rn10dwJ6Aa3tvgg&google_hm=AwrIWdpcKUBwnyiRhCAXntg
date: Mon, 20 Feb 2023 22:55:15 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX0ac859da5c2940709f28918420179ed8003
content-type: text/html

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6171
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEMVdDADVtZdP73P2k2PhAk&google_cver=1&google_push=Aa02lx-hziJrCM8wSF2qosqmefZ-MFEd6wxjPxT11aSjHsg3XOpbfDNPkDhUnhOBrBs4wMPmmwyA2iY2vbLm3hwTvY_8y277tJ...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx-hziJrCM8wSF2qosqmefZ-MFEd6wxjPxT11aSjHsg3XOpbfDNPkDhUnhOBrBs4wMPmmwyA2iY2vbLm3hwTvY_8y277tJy...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA1NjI2NjMxMDY1NDEyNDY1Nzk4Mg%3D%3D&google_push=Aa02lx-hziJrCM8wSF2qosqmefZ-MFEd6wxjPxT11aSjHsg3XOpbfDNP...

170 B
232 B

48ms
47ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA1NjI2NjMxMDY1NDEyNDY1Nzk4Mg%3D%3D&google_push=Aa02lx-hziJrCM8wSF2qosqmefZ-MFEd6wxjPxT11aSjHsg3XOpbfDNPkDhUnhOBrBs4wMPmmwyA2iY2vbLm3hwTvY_8y277tJyGiqPl

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA1NjI2NjMxMDY1NDEyNDY1Nzk4Mg%3D%3D&google_push=Aa02lx-hziJrCM8wSF2qosqmefZ-MFEd6wxjPxT11aSjHsg3XOpbfDNPkDhUnhOBrBs4wMPmmwyA2iY2vbLm3hwTvY_8y277tJyGiqPl
date: Mon, 20 Feb 2023 22:55:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6171 0
130 B 149ms
50ms Image
text/html 142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JPf9nZSK_Qyw_lX85PsEPM7pwdDfaqT7N7IcYfDjzYfRSbN_MtPbiveI_mNkohLYnIh7mN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 3651 36 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 21:08:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 21:08:03 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E0C1 4 KB
621 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1676933713&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933713984&bpp=2&bdt=1993&idt=-M&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=3yjm3NzuAj&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 22:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 21:40:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Feb 2023 22:55:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame E0C1 2 KB
765 B 36ms
35ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1676933713&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933713984&bpp=2&bdt=1993&idt=-M&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=3yjm3NzuAj&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 02:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74543
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 02:12:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E0C1 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFarPUvrzY-1y_svv9Q_9pJKwAu-DxKFuv8ivrL8OzMeapv0IEAEgkLCHE2CV4pCCoAegAbC6odcDyAEJqQL-0qgpZeyxPqgDAcgDywSqBOkBT9A-GTESeRoIAbRu4f5xfO_-Zf27Oo6BDf0M_PiMZcGgqU6uU_iae8bnT4iguO4keTC7pZcCBHxaAwNzrYj6fRwife69SchE32v9PZ_FztNMnVBZfmfR3AoWQ4l2S-bupPtW9qxUwXTcJEtK2-xL0xt7kZXtDavkr8EWKaRIFk2Niij6OM3EQAmj7ekmEQl2akiw1V8Z6z2WBtyBZ8wFuhSsp_7IsNbGI8L6AafgkyrsexVMgGdUpsC15x1Jl7X-PeqGsVNX75UzOqClxo1ZxF7EZ-V9JOvDAT2jBuT-QR5LjH_1B9iz_PzABMmYqargA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfF960-qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEJW0AdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQC0BUBgBcBshccChoIABIUcHViLTg4NDcwOTIzNjI3NDgzNjgYAA&sigh=orgn6JNKWe4&uach_m=[UACH]&cid=CAQSPADUE5ymhQ9vqnZ6YBOglSNJhVShcdNscF8xI7SCciiVd8bZAadBnORlcvaJ3gv5y1nTBl3ZAwu1fTHIDBgB&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1676933713&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933713984&bpp=2&bdt=1993&idt=-M&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=3yjm3NzuAj&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1676933713&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933713984&bpp=2&bdt=1993&idt=-M&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=3yjm3NzuAj&p=http%3A//smiles.iclou.com.br&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Feb 2023 22:55:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E0C1 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame E0C1
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

36ms
35ms

Image
image/png

2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1676933713&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933713984&bpp=2&bdt=1993&idt=-M&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=3yjm3NzuAj&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:05:25 GMT
x-content-type-options: nosniff
age: 359390
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 16 Feb 2024 19:05:25 GMT

Redirect headers

date: Mon, 20 Feb 2023 04:32:37 GMT
x-content-type-options: nosniff
server: cafe
age: 66158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 22 Mar 2023 04:32:37 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/ Frame E0C1 22 KB
9 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1676933713&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933713984&bpp=2&bdt=1993&idt=-M&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=3yjm3NzuAj&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 02:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 02:12:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame E0C1 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1676933713&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933713984&bpp=2&bdt=1993&idt=-M&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=3yjm3NzuAj&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 19:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 19:47:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame E0C1 20 KB
8 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1676933713&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933713984&bpp=2&bdt=1993&idt=-M&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=3yjm3NzuAj&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 17:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 17:13:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E0C1 156 KB
48 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1676933713&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933713984&bpp=2&bdt=1993&idt=-M&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=3yjm3NzuAj&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 22:55:15 GMT

GET
H3 200 3fa5291869997d20adf47a02a7a75d04.js Show response
www.gstatic.com/mysidia/ Frame E0C1 34 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1676933713&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933713984&bpp=2&bdt=1993&idt=-M&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=3yjm3NzuAj&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 20:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 00:07:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 15 May 2023 20:26:58 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0336 1 KB
643 B 36ms
35ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1676933713&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933713984&bpp=2&bdt=1993&idt=-M&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=3yjm3NzuAj&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5437
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 21:24:38 GMT
etag: 48472445140208031
expires: Tue, 21 Feb 2023 21:24:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E0C1 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab1525614eeaf16e6be748bca0e1ea5086842acf4c4a4fcb148b7988214a26f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8006 42 B
64 B 74ms
73ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8bv07Sq4G2TiZpCsr95LRFJjt6PqU614vHEvJf6GD-6CDX5e64BdtSCuv4sk2eD50PMQkUykaWsAaxRBD0uKIecMwenComcCFs_m0oOgh5J-WrmeAW-tA5QK021UTpK_nRDSIeg&sai=AMfl-YToZNWDwDWLVnFlgc_1CVJivA-jcTV3xj9ZaGZsPg6Y0wRTPWHHr9Akm4xo3U5pftO81qsftyPcq_cL&sig=Cg0ArKJSzAQBd0G0kiDwEAE&cid=CAQSGwDUE5ymPsfHOrAPAivd__wG8smrd_GzrCGNmBgB&id=lidar2&mcvt=1000&p=0,0,280,770&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3582736694&rs=2&la=0&cr=0&vs=4&r=v&rst=1676933712564&rpt=1712&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E0C1 16 KB
16 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 16:22:50 GMT
x-content-type-options: nosniff
age: 455545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 16:22:50 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 0336 0
103 B 17ms
15ms Image
text/plain 2a02:fa8:8806:20::2040

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECjwsXMr7Ut2DTBxTbic-mg&google_cver=1&google_push=Aa02lx90N36XdQvEjqm-Qn55ubaP7WIvNlwLNpe3wyl2XPLwY4OUORoLUT_m-YnZu0R-6tWwDq1OT_JxLEPwG2tKsJ3kDd8odpxoccY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1676933713&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933713984&bpp=2&bdt=1993&idt=-M&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=3yjm3NzuAj&p=http%3A//smiles.iclou.com.br&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 0336
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBDLwqXlp6Fut8qbCxjN5S8&google_cver=1&google_push=Aa02lx9WPWvZBYLnK8NC2Og-aAFtEcbVtYMnfQaTNARZ2gM8ROvRIHPDV9IGkb7VDs-bNSC0CdDwMMZsMuyMpd9nWnAmWR703GmCk...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBDLwqXlp6Fut8qbCxjN5S8&google_cver=1&google_push=Aa02lx9WPWvZBYLnK8NC2Og-aAFtEcbVtYMnfQaTNARZ2gM8ROvRIHPDV9IGkb7VDs-bNSC0CdDwMMZsMuyMpd9nWnAmWR703Gm...

43 B
428 B

200ms
185ms

Image
image/gif

2606:4700::6812:18ad

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBDLwqXlp6Fut8qbCxjN5S8&google_cver=1&google_push=Aa02lx9WPWvZBYLnK8NC2Og-aAFtEcbVtYMnfQaTNARZ2gM8ROvRIHPDV9IGkb7VDs-bNSC0CdDwMMZsMuyMpd9nWnAmWR703GmCkg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9WPWvZBYLnK8NC2Og-aAFtEcbVtYMnfQaTNARZ2gM8ROvRIHPDV9IGkb7VDs-bNSC0CdDwMMZsMuyMpd9nWnAmWR703GmCkg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: H2
Server: 2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79cad42a0e5335f0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 390
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBDLwqXlp6Fut8qbCxjN5S8&google_cver=1&google_push=Aa02lx9WPWvZBYLnK8NC2Og-aAFtEcbVtYMnfQaTNARZ2gM8ROvRIHPDV9IGkb7VDs-bNSC0CdDwMMZsMuyMpd9nWnAmWR703GmCkg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9WPWvZBYLnK8NC2Og-aAFtEcbVtYMnfQaTNARZ2gM8ROvRIHPDV9IGkb7VDs-bNSC0CdDwMMZsMuyMpd9nWnAmWR703GmCkg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79cad428ed3635f0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 0336 0
174 B 83ms
18ms Image
text/plain 34.96.105.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPnLf10cfa88JPCA2RwpCi8&google_cver=1&google_push=Aa02lx_GRevZ9OkiqtzdpKt5d5EoIZvMx-TPUdAPqpTvcQUUmgHEm6UmrAlV2J5RcOs0sIwhx121bheSgGWhQsD6KqSdyE9NFXx4b4A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1676933713&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933713984&bpp=2&bdt=1993&idt=-M&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=3yjm3NzuAj&p=http%3A//smiles.iclou.com.br&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET google_pixel
ads.travelaudience.com/ Frame 0336 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0336
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SLgz5ii3TUqglc97tW2Ycw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

45ms
45ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SLgz5ii3TUqglc97tW2Ycw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx98aGBypFbmhnnZy5Ypp70n0kdCOS4yBcF_Rdh27qo3GKkifaK-lH89S98qlRLjXitLKuxpHx0Ku_ufnSW9flQ3ExipaEYXU4I

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SLgz5ii3TUqglc97tW2Ycw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx98aGBypFbmhnnZy5Ypp70n0kdCOS4yBcF_Rdh27qo3GKkifaK-lH89S98qlRLjXitLKuxpHx0Ku_ufnSW9flQ3ExipaEYXU4I
date: Mon, 20 Feb 2023 22:55:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0336
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELop8fZ_FKdS0ye8XZcq_Pc&google_cver=1&google_push=Aa02lx_oQ0Djzf4UkztPhF4G-GiWrHaa28d8Ww6IPXoTti7aVQAiVtDlnK0mxUmffFuNiqj_UO...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELop8fZ_FKdS0ye8XZcq_Pc&google_cver=1&google_push=Aa02lx_oQ0Djzf4UkztPhF4G-GiWrHaa28d8Ww6IPXoTti7aVQAiVtDlnK0mxUmffFuNiqj_UO...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1wOEJUbndORTJ1SFJ4N3FsSGkzLmZEZzBYbVlhUXY2eH5B&google_push=Aa02lx_oQ0Djzf4UkztPhF4G-GiWrHaa28d8Ww6IPXoTti7aVQAiVtDln...

170 B
188 B

45ms
45ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1wOEJUbndORTJ1SFJ4N3FsSGkzLmZEZzBYbVlhUXY2eH5B&google_push=Aa02lx_oQ0Djzf4UkztPhF4G-GiWrHaa28d8Ww6IPXoTti7aVQAiVtDlnK0mxUmffFuNiqj_UO9y_Oujs-O5GbCwu9VGsHy020-i9KDR

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1wOEJUbndORTJ1SFJ4N3FsSGkzLmZEZzBYbVlhUXY2eH5B&google_push=Aa02lx_oQ0Djzf4UkztPhF4G-GiWrHaa28d8Ww6IPXoTti7aVQAiVtDlnK0mxUmffFuNiqj_UO9y_Oujs-O5GbCwu9VGsHy020-i9KDR
date: Mon, 20 Feb 2023 22:55:15 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame 0336
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFehnICUOKCl2B-n9hJZ_ik&google_cver=1&google_push=Aa02lx_EQ0l0IXLGuPKs20nFzJJ4u-GAiSIfjUHGAPUqG8w0kovcZ1BTsFN03OhNEvbqgJYyWuN8tIf_BbD...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_EQ0l0IXLGuPKs20nFzJJ4u-GAiSIfjUHGAPUqG8w0kovcZ1BTsFN03OhNEvbqgJYyWuN8tIf_BbD6yRxOxEriAtc7wCTt7_Wt
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

8ms
7ms

Image
text/plain

51.89.9.251

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Server

51.89.9.251 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0336 0
49 B 46ms
45ms Image
text/html 142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K9GWTllMi5TYxpUDC5L18s12D8BTEjLPWsfR3W9H2Pb8akDXkL-IyWPQSj_aLL1b6vpnzyM7U

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1676933713&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933713984&bpp=2&bdt=1993&idt=-M&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=3yjm3NzuAj&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 9FB7 36 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1676933713&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1676933713984&bpp=2&bdt=1993&idt=-M&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=3yjm3NzuAj&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 21:08:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 21:08:03 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E6AA 4 KB
621 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933714&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933714432&bpp=1&bdt=2441&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM%2CAD37Y7unrdo7xiC5FwijIgSbeO1rLei18uorHkuUV6pyWy7yCi1XEkefis9UKgIKaVAIMDK0IFAYYtmHUNIOtZY%2CAD37Y7tsbAarmlj7y41BGVyjONb9RITV7_tXlmDbDN11-0UMunY57UFvN-rfkYROPm71BtPypm-5ZROzjd5bcf4B4w&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=XOnoLGHMYM&p=http%3A//smiles.iclou.com.br&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 22:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 22:48:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Feb 2023 22:55:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame E6AA 2 KB
765 B 36ms
36ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933714&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933714432&bpp=1&bdt=2441&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM%2CAD37Y7unrdo7xiC5FwijIgSbeO1rLei18uorHkuUV6pyWy7yCi1XEkefis9UKgIKaVAIMDK0IFAYYtmHUNIOtZY%2CAD37Y7tsbAarmlj7y41BGVyjONb9RITV7_tXlmDbDN11-0UMunY57UFvN-rfkYROPm71BtPypm-5ZROzjd5bcf4B4w&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=XOnoLGHMYM&p=http%3A//smiles.iclou.com.br&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 02:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74543
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 02:12:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E6AA 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHuIGUvrzY_GnHOWU9u8P0_2DoA3vg8Shbr_Ir6y_DszHmqb9CBABIJCwhxNgleKQgqAHoAGwuqHXA8gBCakC_tKoKWXssT6oAwHIA8sEqgTpAU_QyIHRh-okX5-BB7rZjQkXVUwvwF_pc7ZjiTJL4XXynSZI1cQCfHhpBIGhhuFYCEY7--iCSITWk_HZXdCL4ExHDfRKVqCdODlSJ02eCiJSgYI3bh-1Hfn3bdUoO9xzl7Yqn4V6uyQd19ABcrVQagqLAgChsMiRblIZ32O0lxuj8MEQKLc8x6zmAVcpTBI-ccA6xcRIU-Hplyps0r7YYrWtHjs6Em6Ya67fSk2ZcC7SpAuVY2hS2T1EoDonpW-fSiDI6kY4_Ag4VJHpi6KNcXZnoEfVEYW2OpvxLCxZ1NFY5mYLafVMQIOvwATJmKmq4AOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHxfetPqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDunwXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi04ODQ3MDkyMzYyNzQ4MzY4GAA&sigh=IrKEvZT_EN8&uach_m=[UACH]&cid=CAQSPADUE5ymr1PCJjLhHJ2sh41V49Pu_nBUtlNyT_GYzyK65UNcnyf-T3HbEC1rhxhlAKDouOwfZHSrVXEYthgB&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933714&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933714432&bpp=1&bdt=2441&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM%2CAD37Y7unrdo7xiC5FwijIgSbeO1rLei18uorHkuUV6pyWy7yCi1XEkefis9UKgIKaVAIMDK0IFAYYtmHUNIOtZY%2CAD37Y7tsbAarmlj7y41BGVyjONb9RITV7_tXlmDbDN11-0UMunY57UFvN-rfkYROPm71BtPypm-5ZROzjd5bcf4B4w&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=XOnoLGHMYM&p=http%3A//smiles.iclou.com.br&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933714&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933714432&bpp=1&bdt=2441&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM%2CAD37Y7unrdo7xiC5FwijIgSbeO1rLei18uorHkuUV6pyWy7yCi1XEkefis9UKgIKaVAIMDK0IFAYYtmHUNIOtZY%2CAD37Y7tsbAarmlj7y41BGVyjONb9RITV7_tXlmDbDN11-0UMunY57UFvN-rfkYROPm71BtPypm-5ZROzjd5bcf4B4w&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=XOnoLGHMYM&p=http%3A//smiles.iclou.com.br&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Feb 2023 22:55:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/ Frame E6AA 22 KB
9 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933714&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933714432&bpp=1&bdt=2441&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM%2CAD37Y7unrdo7xiC5FwijIgSbeO1rLei18uorHkuUV6pyWy7yCi1XEkefis9UKgIKaVAIMDK0IFAYYtmHUNIOtZY%2CAD37Y7tsbAarmlj7y41BGVyjONb9RITV7_tXlmDbDN11-0UMunY57UFvN-rfkYROPm71BtPypm-5ZROzjd5bcf4B4w&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=XOnoLGHMYM&p=http%3A//smiles.iclou.com.br&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 02:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 02:12:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame E6AA 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933714&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933714432&bpp=1&bdt=2441&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM%2CAD37Y7unrdo7xiC5FwijIgSbeO1rLei18uorHkuUV6pyWy7yCi1XEkefis9UKgIKaVAIMDK0IFAYYtmHUNIOtZY%2CAD37Y7tsbAarmlj7y41BGVyjONb9RITV7_tXlmDbDN11-0UMunY57UFvN-rfkYROPm71BtPypm-5ZROzjd5bcf4B4w&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=XOnoLGHMYM&p=http%3A//smiles.iclou.com.br&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 19:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 19:47:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame E6AA 20 KB
8 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933714&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933714432&bpp=1&bdt=2441&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM%2CAD37Y7unrdo7xiC5FwijIgSbeO1rLei18uorHkuUV6pyWy7yCi1XEkefis9UKgIKaVAIMDK0IFAYYtmHUNIOtZY%2CAD37Y7tsbAarmlj7y41BGVyjONb9RITV7_tXlmDbDN11-0UMunY57UFvN-rfkYROPm71BtPypm-5ZROzjd5bcf4B4w&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=XOnoLGHMYM&p=http%3A//smiles.iclou.com.br&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 17:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 17:13:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E6AA 0
0 44ms
43ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTeMD5Cx5AhR_M652Jac7ZUm-yUc7pJ3JQ_zInt-IfcycRNugvenOFsoezKL8t7_wz6CUzTmhc67AMB2j1j9Un1v-RSrg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933714&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933714432&bpp=1&bdt=2441&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM%2CAD37Y7unrdo7xiC5FwijIgSbeO1rLei18uorHkuUV6pyWy7yCi1XEkefis9UKgIKaVAIMDK0IFAYYtmHUNIOtZY%2CAD37Y7tsbAarmlj7y41BGVyjONb9RITV7_tXlmDbDN11-0UMunY57UFvN-rfkYROPm71BtPypm-5ZROzjd5bcf4B4w&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=XOnoLGHMYM&p=http%3A//smiles.iclou.com.br&dtd=5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E6AA 156 KB
48 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933714&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933714432&bpp=1&bdt=2441&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM%2CAD37Y7unrdo7xiC5FwijIgSbeO1rLei18uorHkuUV6pyWy7yCi1XEkefis9UKgIKaVAIMDK0IFAYYtmHUNIOtZY%2CAD37Y7tsbAarmlj7y41BGVyjONb9RITV7_tXlmDbDN11-0UMunY57UFvN-rfkYROPm71BtPypm-5ZROzjd5bcf4B4w&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=XOnoLGHMYM&p=http%3A//smiles.iclou.com.br&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 22:55:15 GMT

GET
H3 200 3fa5291869997d20adf47a02a7a75d04.js Show response
www.gstatic.com/mysidia/ Frame E6AA 34 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933714&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933714432&bpp=1&bdt=2441&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM%2CAD37Y7unrdo7xiC5FwijIgSbeO1rLei18uorHkuUV6pyWy7yCi1XEkefis9UKgIKaVAIMDK0IFAYYtmHUNIOtZY%2CAD37Y7tsbAarmlj7y41BGVyjONb9RITV7_tXlmDbDN11-0UMunY57UFvN-rfkYROPm71BtPypm-5ZROzjd5bcf4B4w&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=XOnoLGHMYM&p=http%3A//smiles.iclou.com.br&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 20:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 00:07:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 15 May 2023 20:26:58 GMT

GET
DATA 200
OK truncated
/ Frame E6AA 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame E6AA
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

36ms
35ms

Image
image/png

2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933714&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933714432&bpp=1&bdt=2441&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM%2CAD37Y7unrdo7xiC5FwijIgSbeO1rLei18uorHkuUV6pyWy7yCi1XEkefis9UKgIKaVAIMDK0IFAYYtmHUNIOtZY%2CAD37Y7tsbAarmlj7y41BGVyjONb9RITV7_tXlmDbDN11-0UMunY57UFvN-rfkYROPm71BtPypm-5ZROzjd5bcf4B4w&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=XOnoLGHMYM&p=http%3A//smiles.iclou.com.br&dtd=5

Protocol

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:05:25 GMT
x-content-type-options: nosniff
age: 359390
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 16 Feb 2024 19:05:25 GMT

Redirect headers

date: Mon, 20 Feb 2023 04:32:37 GMT
x-content-type-options: nosniff
server: cafe
age: 66158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 22 Mar 2023 04:32:37 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2A3D 1 KB
643 B 37ms
36ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933714&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933714432&bpp=1&bdt=2441&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM%2CAD37Y7unrdo7xiC5FwijIgSbeO1rLei18uorHkuUV6pyWy7yCi1XEkefis9UKgIKaVAIMDK0IFAYYtmHUNIOtZY%2CAD37Y7tsbAarmlj7y41BGVyjONb9RITV7_tXlmDbDN11-0UMunY57UFvN-rfkYROPm71BtPypm-5ZROzjd5bcf4B4w&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=XOnoLGHMYM&p=http%3A//smiles.iclou.com.br&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5437
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 21:24:38 GMT
etag: 48472445140208031
expires: Tue, 21 Feb 2023 21:24:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E6AA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25d428e2acd506a14924b79be04f751e52a784f5404333f53d1f075b63411396

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 2A3D 0
103 B 16ms
14ms Image
text/plain 2a02:fa8:8806:20::2040

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECjwsXMr7Ut2DTBxTbic-mg&google_cver=1&google_push=Aa02lx8i0YlsatUdoye8WwRAScgYhMB1vrncNvnep8b6N8DfzE6WzgW_1eYKozOxrJXRXEUQavlvqPSx4xUWFGzvfB9sUxN--l0O6Gg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933714&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933714432&bpp=1&bdt=2441&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM%2CAD37Y7unrdo7xiC5FwijIgSbeO1rLei18uorHkuUV6pyWy7yCi1XEkefis9UKgIKaVAIMDK0IFAYYtmHUNIOtZY%2CAD37Y7tsbAarmlj7y41BGVyjONb9RITV7_tXlmDbDN11-0UMunY57UFvN-rfkYROPm71BtPypm-5ZROzjd5bcf4B4w&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=XOnoLGHMYM&p=http%3A//smiles.iclou.com.br&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2A3D
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA4ftaZteKahVDZjgqYk85w&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA4ftaZteKahVDZjgqYk85w&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UDhQQk02YTMxUHVmM1o1&google_gid=CAESEA4ftaZteKahVDZjgqYk85w&google_cver=1&google_push=Aa02lx8g4gpmJ1jwTOEk_KqnlsIOpwrULlYxHjCe1Hh0zev...

170 B
188 B

45ms
44ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UDhQQk02YTMxUHVmM1o1&google_gid=CAESEA4ftaZteKahVDZjgqYk85w&google_cver=1&google_push=Aa02lx8g4gpmJ1jwTOEk_KqnlsIOpwrULlYxHjCe1Hh0zevknC1Bd9W3vGegw8iJ8si9dj7-GMj40XosORHY1d6P1R4SxYUxwbiNfBQU

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 20 Feb 2023 22:55:15 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/d601d38#rel-ec2-master i-080788359912fe49e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UDhQQk02YTMxUHVmM1o1&google_gid=CAESEA4ftaZteKahVDZjgqYk85w&google_cver=1&google_push=Aa02lx8g4gpmJ1jwTOEk_KqnlsIOpwrULlYxHjCe1Hh0zevknC1Bd9W3vGegw8iJ8si9dj7-GMj40XosORHY1d6P1R4SxYUxwbiNfBQU
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2A3D
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKzXvzvzETmHlK7KxLqJzHU&google_cver=1&google_push=Aa02lx_M_GGB0iH9rMGYwsqTc_Q3w-UXxTZMGNFYgZrFrA7EDISY65G65Z2l-xdG7NXoSr6tQZ7ohX6upVT...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_M_GGB0iH9rMGYwsqTc_Q3w-UXxTZMGNFYgZrFrA7EDISY65G65Z2l-xdG7NXoSr6tQZ7ohX6upVTG_6WKUeEppYSYVjUTFSbg&google_hm=LUvX-6UgSKyob3ek...

170 B
188 B

45ms
44ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_M_GGB0iH9rMGYwsqTc_Q3w-UXxTZMGNFYgZrFrA7EDISY65G65Z2l-xdG7NXoSr6tQZ7ohX6upVTG_6WKUeEppYSYVjUTFSbg&google_hm=LUvX-6UgSKyob3eklScA96M

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933714&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933714432&bpp=1&bdt=2441&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM%2CAD37Y7unrdo7xiC5FwijIgSbeO1rLei18uorHkuUV6pyWy7yCi1XEkefis9UKgIKaVAIMDK0IFAYYtmHUNIOtZY%2CAD37Y7tsbAarmlj7y41BGVyjONb9RITV7_tXlmDbDN11-0UMunY57UFvN-rfkYROPm71BtPypm-5ZROzjd5bcf4B4w&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=XOnoLGHMYM&p=http%3A//smiles.iclou.com.br&dtd=5

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_M_GGB0iH9rMGYwsqTc_Q3w-UXxTZMGNFYgZrFrA7EDISY65G65Z2l-xdG7NXoSr6tQZ7ohX6upVTG_6WKUeEppYSYVjUTFSbg&google_hm=LUvX-6UgSKyob3eklScA96M
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2A3D
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHiPG-6OMOxkHDnnr7CKumQ&google_cver=1&google_push=Aa02lx8nKIIRULSocKqVuQGbF6kH-7luHt2wviNsip1bMPW7Yqxezh8mOqXyHBxxoXgcgtg0I5E0Td6D...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHiPG-6OMOxkHDnnr7CKumQ&google_cver=1&google_push=Aa02lx8nKIIRULSocKqVuQGbF6kH-7luHt2wviNsip1bMPW7Yqxezh8mOqXyHBxxoXgcgtg0I5E...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3MTc1OTE1NTYxMjk4MTY0Nw&google_push=Aa02lx8nKIIRULSocKqVuQGbF6kH-7luHt2wviNsip1bMPW7Yqxezh8mOqXyHBxxoXgcgtg0I5E0Td...

170 B
188 B

45ms
45ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3MTc1OTE1NTYxMjk4MTY0Nw&google_push=Aa02lx8nKIIRULSocKqVuQGbF6kH-7luHt2wviNsip1bMPW7Yqxezh8mOqXyHBxxoXgcgtg0I5E0Td6DHt3-tkVU78Osx1loFgGsnyC8

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3MTc1OTE1NTYxMjk4MTY0Nw&google_push=Aa02lx8nKIIRULSocKqVuQGbF6kH-7luHt2wviNsip1bMPW7Yqxezh8mOqXyHBxxoXgcgtg0I5E0Td6DHt3-tkVU78Osx1loFgGsnyC8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2A3D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELop8fZ_FKdS0ye8XZcq_Pc&google_cver=1&google_push=Aa02lx9UJEXk2El3eKEibC7qW5uT69VgjysJNTBk31t3nCeYCUkzqyGeOkNUlRPfZqXrq3fFn3...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1wOEJUbndORTJ1SFJ4N3FsSGkzLmZEZzBYbVlhUXY2eH5B&google_push=Aa02lx9UJEXk2El3eKEibC7qW5uT69VgjysJNTBk31t3nCeYCUkzqyGeO...

170 B
188 B

45ms
44ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1wOEJUbndORTJ1SFJ4N3FsSGkzLmZEZzBYbVlhUXY2eH5B&google_push=Aa02lx9UJEXk2El3eKEibC7qW5uT69VgjysJNTBk31t3nCeYCUkzqyGeOkNUlRPfZqXrq3fFn3XNNVY-ZupMyro60_FiojtBs4yvu_k0nw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933714&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933714432&bpp=1&bdt=2441&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM%2CAD37Y7unrdo7xiC5FwijIgSbeO1rLei18uorHkuUV6pyWy7yCi1XEkefis9UKgIKaVAIMDK0IFAYYtmHUNIOtZY%2CAD37Y7tsbAarmlj7y41BGVyjONb9RITV7_tXlmDbDN11-0UMunY57UFvN-rfkYROPm71BtPypm-5ZROzjd5bcf4B4w&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=XOnoLGHMYM&p=http%3A//smiles.iclou.com.br&dtd=5

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1wOEJUbndORTJ1SFJ4N3FsSGkzLmZEZzBYbVlhUXY2eH5B&google_push=Aa02lx9UJEXk2El3eKEibC7qW5uT69VgjysJNTBk31t3nCeYCUkzqyGeOkNUlRPfZqXrq3fFn3XNNVY-ZupMyro60_FiojtBs4yvu_k0nw
date: Mon, 20 Feb 2023 22:55:15 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame 2A3D
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFehnICUOKCl2B-n9hJZ_ik&google_cver=1&google_push=Aa02lx_NdF_p9OYYVZWQc39rN72I4xxqUnj4P16KICekIME-H7A8LrUbbVUZBNeBP9Uf27TpWpHXUSWizq_...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_NdF_p9OYYVZWQc39rN72I4xxqUnj4P16KICekIME-H7A8LrUbbVUZBNeBP9Uf27TpWpHXUSWizq_z7UfbhT_uxGCiuOpMdEWNFw
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

8ms
7ms

Image
text/plain

51.89.9.251

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Protocol

Server

51.89.9.251 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2A3D
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELAGJX3weQAdfEih8Ck3MZc&google_cver=1&google_push=Aa02lx-IwkA4XqdKA...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESELAGJX3weQAdfEih8Ck3MZc%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODYzNTcyNjc1NzE2MjQwNTk2OA%3D%3D&google_gid=CAESELAGJX3weQAdfEih8Ck3MZc&google_cver=1&google_push=Aa02lx-IwkA4XqdKAfQHi9iQ26oEYei5x_...

170 B
188 B

45ms
44ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODYzNTcyNjc1NzE2MjQwNTk2OA%3D%3D&google_gid=CAESELAGJX3weQAdfEih8Ck3MZc&google_cver=1&google_push=Aa02lx-IwkA4XqdKAfQHi9iQ26oEYei5x_iIdEi9xvY1ufU-zfXICSC6c-lswXnI3x0eL9aUgh9Vy3CLTOMQdHmFz_yWbWfah1Jr35D8Pw

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 22:55:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 20 Feb 2023 22:55:15 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 11033b7d-c2aa-4fa0-97fb-8741c74a1f3f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODYzNTcyNjc1NzE2MjQwNTk2OA%3D%3D&google_gid=CAESELAGJX3weQAdfEih8Ck3MZc&google_cver=1&google_push=Aa02lx-IwkA4XqdKAfQHi9iQ26oEYei5x_iIdEi9xvY1ufU-zfXICSC6c-lswXnI3x0eL9aUgh9Vy3CLTOMQdHmFz_yWbWfah1Jr35D8Pw
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2A3D 0
12 B 43ms
42ms Image
text/html 142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I6ittYTbzDyeGfsfe_7FgusVYLQEYvmUieRx_CAlgq3Mf6ZHBS9h9e3riL1vzWL8Mke4UShJ5H

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933714&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933714432&bpp=1&bdt=2441&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM%2CAD37Y7unrdo7xiC5FwijIgSbeO1rLei18uorHkuUV6pyWy7yCi1XEkefis9UKgIKaVAIMDK0IFAYYtmHUNIOtZY%2CAD37Y7tsbAarmlj7y41BGVyjONb9RITV7_tXlmDbDN11-0UMunY57UFvN-rfkYROPm71BtPypm-5ZROzjd5bcf4B4w&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=XOnoLGHMYM&p=http%3A//smiles.iclou.com.br&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E6AA 16 KB
16 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 16:22:50 GMT
x-content-type-options: nosniff
age: 455545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 16:22:50 GMT

POST
H/1.1 200
OK printData.php Show response
redirecionador.info/relacionados/aereo/ 7 KB
2 KB 247ms
234ms XHR
text/html 2606:4700:3034::6815:5f5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://redirecionador.info/relacionados/aereo/printData.php
Requested by: Host: redirecionador.info
URL: http://redirecionador.info/relacionados/aereo/requestData.js
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:5f5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.38
Resource Hash: 4c3d217e121f14401fd4763cb559435eaf76f331644b595fba6465fe34059dc0

Request headers

Referer: http://smiles.iclou.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Mon, 20 Feb 2023 22:55:16 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
X-Powered-By: PHP/5.6.38
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quElRmaz%2BsbW6EeN836T1lrJqviTRQ6TpWFNwf33w0Ipo37g7WEOfUq2UOEj5Lg27nRUJgADlxVihvv6NuWArwbuTZPybbpSI5AxgcLAYmus5rQnpK2JdrhaIhPsexDX9ZnV%2B3uoE9zMDuX3VfJyEuG8"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
CF-RAY: 79cad42c1f26361b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 54ms
54ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230215&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da48451153aa542861e78a2521dee5200760519b039f26f38832a7992b4a8e7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11334
x-xss-protection: 0

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 93E5 36 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1676933714&rafmt=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676933714432&bpp=1&bdt=2441&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5759ff29c8d1bf-2218ff11a4dc00fa%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg&gpic=UID%3D00000bb9ecdeef9a%3AT%3D1676933712%3ART%3D1676933712%3AS%3DALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=7585543611985&frm=20&pv=1&ga_vid=337267085.1676933713&ga_sid=1676933713&ga_hid=1936392207&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071870%2C31071263&oid=2&psts=AD37Y7vrthfTQTJEGYGtrGX8qhd9b5LTOFSLtyq8tVmFapYo0FfxK8Y6JqTBbUe9tazNvfZRdCQaSgnxA49B0QRzwA%2CAD37Y7t29bm8qN0VPJ7BzRFiK0V3X1BQeNbONauR2MVMVxPKk4ZQyxwy5SGZeDke7qWn5BrlMWL2c7-tSWKXFb9uEztUPBF-W8ztl0JE9gKtLyM%2CAD37Y7unrdo7xiC5FwijIgSbeO1rLei18uorHkuUV6pyWy7yCi1XEkefis9UKgIKaVAIMDK0IFAYYtmHUNIOtZY%2CAD37Y7tsbAarmlj7y41BGVyjONb9RITV7_tXlmDbDN11-0UMunY57UFvN-rfkYROPm71BtPypm-5ZROzjd5bcf4B4w&pvsid=2655642356410302&tmod=851272355&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=XOnoLGHMYM&p=http%3A//smiles.iclou.com.br&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 21:08:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 21:08:03 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 22:55:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B85B 13 KB
5 KB 37ms
35ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7452
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 20:51:04 GMT
expires: Tue, 20 Feb 2024 20:51:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D19B 783 B
535 B 47ms
46ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9abe08ba730619f495b6166115ef3c3a267bdab13bde194642bed5ea766009dc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2SayanL6cPLNjXoWFKSJ6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-2SayanL6cPLNjXoWFKSJ6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 22:55:16 GMT
expires: Mon, 20 Feb 2023 22:55:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame B85B 36 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 21:08:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 21:08:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D19B 0
0 69ms
68ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230215&jk=2655642356410302&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET livelo.jpg
redirecionador.info/relacionados/aereo/ 0
0

GET azullinhasaereas.jpg
redirecionador.info/relacionados/aereo/ 0
0

GET petrobraspremia.jpg
redirecionador.info/relacionados/aereo/ 0
0

GET smilles.jpg
redirecionador.info/relacionados/aereo/ 0
0

GET latamcargo.jpg
redirecionador.info/relacionados/aereo/ 0
0

GET voejet.jpg
redirecionador.info/relacionados/images/ 0
0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B85B 0
11 B 35ms
35ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?u5oKjg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:55:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ads.travelaudience.com
URL: https://ads.travelaudience.com/google_pixel?google_gid=CAESEOJVvUiDRAm2RDFga_BR1cQ&google_cver=1&google_push=Aa02lx-7UGkLyN22H9WoFe4NqwVNA0PzXob5n6uQc3uSGJhLTYCtDaVxCVCUTBnSGcJhfSgijarkff5JruOP47mkKU2eJRfhbjte2V4

Domain: redirecionador.info
URL: http://redirecionador.info/relacionados/aereo/livelo.jpg

Domain: redirecionador.info
URL: http://redirecionador.info/relacionados/aereo/azullinhasaereas.jpg

Domain: redirecionador.info
URL: http://redirecionador.info/relacionados/aereo/petrobraspremia.jpg

Domain: redirecionador.info
URL: http://redirecionador.info/relacionados/aereo/smilles.jpg

Domain: redirecionador.info
URL: http://redirecionador.info/relacionados/aereo/latamcargo.jpg

Domain: redirecionador.info
URL: http://redirecionador.info/relacionados/images/voejet.jpg

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.iclou.com.br/	1970-01-20 19:10:29	Name: __gads Value: ID=9c5759ff29c8d1bf-2218ff11a4dc00fa:T=1676933712:RT=1676933712:S=ALNI_MZ-7DyC7uz-rwBwLqnEFkLJI0ZBeg
.iclou.com.br/	1970-01-20 19:10:29	Name: __gpi Value: UID=00000bb9ecdeef9a:T=1676933712:RT=1676933712:S=ALNI_MYvAT4whp-q6eJs8-76_igNkXAp0g
.doubleclick.net/	1970-01-20 19:10:29	Name: IDE Value: AHWqTUmrzP-R3GZIZpPpOkCoSPf6MBFCc4nu7GPQLiMzpOs6X7g1SKDkSfkf9CPbI6Q
.doubleclick.net/	1970-01-20 09:48:57	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 09:48:54	Name: test_cookie Value: CheckForPermission
.3lift.com/	1970-01-20 11:58:29	Name: tluid Value: 4056266310654124657982
.bidswitch.net/	1970-01-20 18:34:29	Name: tuuid Value: 27a18f15-06c1-4d58-af12-d8de043a6206
.bidswitch.net/	1970-01-20 18:34:29	Name: c Value: 1676933715
.bidswitch.net/	1970-01-20 18:34:29	Name: tuuid_lu Value: 1676933715
.lijit.com/	1970-01-20 18:34:29	Name: ljt_reader Value: GMMftGZHiGSb5dsET_OdfDYo
.ctnsnet.com/	1970-01-20 18:34:29	Name: cid_2d4bd7fba52048aca86f77a4952700f7 Value: 1
.ctnsnet.com/	1970-01-20 18:34:29	Name: gid_CAESEKzXvzvzETmHlK7KxLqJzHU Value: 1
.bidswitch.net/	1970-01-20 09:48:54	Name: google_push Value: Aa02lx_abhB4XlJwNVVMnVgvXtAGdLPCqXkZJFscPjim4OGz5tuUpt2l2jksMrcaLlz_AUDZSrVQ5-4DLHbjleddXsmNxGvPgLwSihMr
.1rx.io/	1970-01-20 18:34:29	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0ac859da-5c29-4070-9f28-918420179ed8-003%22%7D
.everesttech.net/	1970-01-20 18:34:29	Name: everest_g_v2 Value: g_surferid~Y-P6UwAIefQscgAb
.targeting.unrulymedia.com/	1970-01-20 18:34:29	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0ac859da-5c29-4070-9f28-918420179ed8-003%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ap.lijit.com
c1.adform.net
cdn.jsdelivr.net
clients1.google.com
cm.g.doubleclick.net
contatonline.com
cse.google.com
dclk-match.dotomi.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
image6.pubmatic.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
r.scoota.co
redirecionador.info
s.tribalfusion.com
secure.adnxs.com
smailes.com.br
smiles.iclou.com.br
sync-tm.everesttech.net
sync.1rx.io
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
tr.blismedia.com
ups.analytics.yahoo.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ads.travelaudience.com
redirecionador.info
13.58.124.244
142.250.181.226
151.101.130.49
18.156.0.31
185.64.190.78
213.19.147.45
216.52.2.48
2606:4700:3034::6815:5f5f
2606:4700::6810:5714
2606:4700::6812:18ad
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:400d:803::200e
2a00:1450:400d:807::200e
2a00:1450:400d:80e::200e
2a02:fa8:8806:20::2040
34.96.105.8
35.156.135.89
35.186.193.173
37.157.4.39
37.252.171.21
5.161.90.154
51.89.9.251
52.58.18.234
54.77.141.150
76.223.111.18
03622b888fdb9374c74fb1e350d4fc598aaec7af3f80b835f3fd05336867c848
08fecbc18a363d643a88541940d63888e1309683c75ff04119a2f6e9263ef518
0a7cac9b8f0b40c02c190a290f821c12d3a30bdd31f99699c96afb6e011f628b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
25d428e2acd506a14924b79be04f751e52a784f5404333f53d1f075b63411396
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2fd3ec1c9bbd8649a7df803f56aee470fa259abb0a9b70485cd51c9d1bf77a03
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3ea571f67616f2ef7b6acacb2a92cecf6a5035424ce962d971e3f32926202e06
418c782cd9a0f004f25873525e400620db28bc9d81b2961e5e6be9faa5a900bb
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
4833927d10fe0c4f4446d31455446e3d082de650f2d9cbf6db36fdf59b4ce045
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4c3d217e121f14401fd4763cb559435eaf76f331644b595fba6465fe34059dc0
53fa3260fbd958471f347056eb8fa69c4d15b59b645208adadf193b161050a0b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
59b1107ea7100c985dbf636cb185997be446acc8756b74b63fdfb112b607fab2
5a6d03401a49c19e9ebe09d571ea46902cef5e8e65782f579cc904ecc784a3b5
5c774664099b7b48b0f682fae4f3434228857a224eb3642fdaba08a29d835fa3
5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
663fcbc4d580e889135cef895af13da480723de31e58ff4e922cf9e758380549
68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
708d5c9dbe4b6a80868cef351b45d31093d8dbe6e658f893be79a485c5879adf
73fced8402e3b26a9d4fcc16019365ea6bf42cef140e7e8d625bfae5d383802a
765d7308ebd55d0d2e9babfd37e30335be02efbbf3d3176f3e1f730cc4177045
7bb1088c2d2c90b1238a8beb90f201281c678461b742810f53007747f710abd8
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
82274395ae9741732320547050e84cd8ca10510c0afb8cead6eb9172aa891deb
84cdca5f9cf25e00ce9d9a4d7a0d096854814fd6ad329d822cc28558f8c94cb2
8bc8a6754c7221febe71da5a40cb3eac2c2a2989686d7337695ac820d3891ca2
8c2eb4bd436a068318ae842919d15610711964b98cf65a76c3cabf176a1cf98e
8fde80d0932de7f808d4505b4704c7df46af3d049d87eb12a53891aa350a916a
916cf4e42145ac570ddb58673642d98029e4f3fa9dcf49e8095f71c70dbbbec1
92c21f974c540d742867ea545b594a05375fcdf5dd1c044eb641160120f4f00b
9737e1f2d8e8394823b95d1c2ed3db1a65efabeb4eaf36b3d35ed053dff921b9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9abe08ba730619f495b6166115ef3c3a267bdab13bde194642bed5ea766009dc
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e9a9fb0347c70577441ab6d17b4002c04d4361706cf5e42b839e48208112c4e
9f4dacdafc5cab46821fdb0d3c37bf72af904c929945105381bea81afcdcf39e
a012301f2bb133c483369dbd6720cb2d353a89684f58a9896c3175d704633023
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67f80d7e35eef5c12d337314a480c616e7e5da91a6be90537a08201b1cd062f
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
ab1525614eeaf16e6be748bca0e1ea5086842acf4c4a4fcb148b7988214a26f9
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b52c106741e95185aabd3207ecd15686e066ae9f516ebd45e87936829c14ca2e
b92bb04925973f7b610e03bf5f8a7622e19fba98998b01f28d325ba50780a20b
bc917a11446d630bdddce4750531e7fb976b6dc75498876f5fc7e6725f354423
cbdf026f0e3ad6909f663b18a4636e25d12927f278563bdd2ee387a55677d87c
da48451153aa542861e78a2521dee5200760519b039f26f38832a7992b4a8e7c
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e1f061781dd54ac94ee2245db3b03e2fe1604349e42b857a3e5c982d6cdbb5f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5045426b2f131ff916dfacc87708a4629cd36e8e12b0d614a0216b8bce13552
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13e29f46354f69526cc2e8c236253dccc816dc614b25610449470c99a27bbbc
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f68459d679310d8dea155e2c6c2e27be5fff75050494105c69cfea7b2c73dabf
f71d89e52fcb66b0ec81fdf081b91cf12fec07a14a31f5406ab15e68018116b2
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7da7a3265a7d6f483860c21d4b5447ccbeb23a9652f533cbbea8c2f8ef1c2ee

smiles.iclou.com.br Open in urlscan Pro 5.161.90.154 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

176 Requests

79 %HTTPS

53 %IPv6

31 Domains

41 Subdomains

25 IPs

2 Countries

1787 kBTransfer

4689 kBSize

16 Cookies

1 Outgoing links

Page URL History

Redirected requests

176 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

smiles.iclou.com.br Open in urlscan Pro
5.161.90.154 Public Scan

Screenshot
Live screenshot

Full Image

176
Requests

79 %
HTTPS

53 %
IPv6

31
Domains

41
Subdomains

25
IPs

2
Countries

1787 kB
Transfer

4689 kB
Size

16
Cookies

176 HTTP transactions
11 data transactions